Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/30A8CC66096C11F08AB3894B762E951A.roa
File:                     30A8CC66096C11F08AB3894B762E951A.roa (raw, json)
Hash identifier:          XdtSnc0UNEeHWyRxTHysuk7SwMj5pJ/WIeJlBKA1WrY=
Subject key identifier:   85:B6:0F:D6:F7:35:27:F7:9F:BE:D6:E8:DC:AF:2D:B5:51:CA:4A:D0
Certificate issuer:       /CN=F363BA19AF/serialNumber=6AEA24B099C32B22E4E48BB9F26CF578BEF6BFF3
Certificate serial:       080C
Authority key identifier: 6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/30A8CC66096C11F08AB3894B762E951A.roa
Signing time:             Tue 25 Mar 2025 11:27:53 +0000
ROA not before:           Tue 25 Mar 2025 11:27:49 +0000
ROA not after:            Wed 25 Mar 2026 11:27:49 +0000
asID:                     2914
IP address blocks:        102.135.65.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.mft
                          rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 07 Apr 2025 00:06:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2060 (0x80c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F363BA19AF
        Validity
            Not Before: Mar 25 11:27:49 2025 GMT
            Not After : Mar 25 11:27:49 2026 GMT
        Subject: CN=67e29338-fb75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:95:af:d8:4f:f3:9f:e9:39:03:f5:b1:79:40:
                    c1:aa:5c:3d:f6:d0:ea:59:1e:bc:1f:15:90:4d:3d:
                    44:a4:60:eb:fe:99:58:79:d9:b0:c4:41:e8:3b:39:
                    ae:02:57:a8:d2:92:21:04:48:d8:7a:7d:7b:ac:c2:
                    3d:26:e5:f3:dd:37:ec:ac:5f:01:51:ff:d2:08:6c:
                    b7:cb:24:1a:ee:81:f2:76:0f:ff:d6:f6:24:87:ac:
                    e1:20:05:5a:dc:1d:ea:79:bd:0c:79:ad:df:57:ae:
                    31:dc:6d:08:dc:48:28:b9:d8:37:fb:6d:18:38:51:
                    89:c2:00:ca:cc:dd:02:48:14:5b:5a:83:ae:2b:28:
                    36:f3:3a:8d:86:73:7e:7a:57:7a:50:7c:c0:52:33:
                    48:e2:13:27:57:b4:8a:60:e0:92:a8:a8:0d:9a:5d:
                    1f:58:53:c1:9e:f6:4a:59:3d:e6:e7:5b:f7:54:11:
                    6a:60:89:9c:40:8b:88:67:8c:28:31:43:4b:ca:03:
                    51:69:5a:a5:70:85:61:fc:d0:5e:a5:b7:d6:86:2b:
                    25:7b:5f:af:54:dc:32:58:85:49:ad:8f:75:0f:bb:
                    36:e1:52:f8:b7:1c:6c:b7:61:ba:7c:db:fa:fc:ab:
                    81:91:13:9b:73:d2:35:8e:16:ed:01:c0:bc:71:be:
                    7d:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:B6:0F:D6:F7:35:27:F7:9F:BE:D6:E8:DC:AF:2D:B5:51:CA:4A:D0
            X509v3 Authority Key Identifier:
                keyid:6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/30A8CC66096C11F08AB3894B762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.135.65.0/24

    Signature Algorithm: sha256WithRSAEncryption
         e0:3a:e4:e3:17:86:a4:0e:eb:dd:d1:32:bf:20:dd:f9:76:e7:
         5e:32:d9:5b:14:10:22:ae:e4:15:71:3b:fb:41:10:a4:9a:37:
         6e:2e:18:a3:f5:4f:b3:ca:82:97:a3:1d:99:f9:4a:84:f1:3e:
         9b:7e:8e:71:cb:15:83:3f:b7:b3:11:3b:c6:3a:9d:11:01:2d:
         25:d6:f5:3b:a4:71:3a:d4:60:5a:40:49:d1:2d:dd:2b:ca:a1:
         e4:9a:76:e2:02:c5:2f:63:a7:40:a2:fa:3d:b6:9a:37:06:8e:
         e8:2b:d0:bf:7e:dd:6f:1e:f7:7a:cb:19:4f:6d:2a:a6:15:f7:
         f3:7a:0b:a5:f1:ae:8d:10:1f:0c:e3:d8:90:51:c5:7c:75:91:
         9b:25:4f:a6:69:bd:a6:d7:12:08:2b:58:7c:83:70:d2:50:e8:
         a7:cc:00:b6:55:22:4c:a9:fa:c8:2b:47:e6:bf:3d:21:80:5c:
         73:7b:1a:8a:b0:06:2a:7e:f8:a4:97:64:15:15:9e:c2:be:59:
         c7:c9:ad:2a:04:8e:6e:37:3c:6d:28:4c:ac:59:f2:68:13:38:
         32:fb:96:3e:7c:8d:6a:06:c9:a6:a5:8b:21:dd:54:0f:e6:2f:
         9f:4b:3a:9a:e3:42:16:06:22:2d:68:af:19:90:28:e8:e2:f9:
         fc:e8:bf:6b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCAwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
M0JBMTlBRjExMC8GA1UEBRMoNkFFQTI0QjA5OUMzMkIyMkU0RTQ4QkI5RjI2Q0Y1
NzhCRUY2QkZGMzAeFw0yNTAzMjUxMTI3NDlaFw0yNjAzMjUxMTI3NDlaMBgxFjAU
BgNVBAMTDTY3ZTI5MzM4LWZiNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC3la/YT/Of6TkD9bF5QMGqXD320OpZHrwfFZBNPUSkYOv+mVh52bDEQeg7
Oa4CV6jSkiEESNh6fXuswj0m5fPdN+ysXwFR/9IIbLfLJBrugfJ2D//W9iSHrOEg
BVrcHep5vQx5rd9XrjHcbQjcSCi52Df7bRg4UYnCAMrM3QJIFFtag64rKDbzOo2G
c356V3pQfMBSM0jiEydXtIpg4JKoqA2aXR9YU8Ge9kpZPebnW/dUEWpgiZxAi4hn
jCgxQ0vKA1FpWqVwhWH80F6lt9aGKyV7X69U3DJYhUmtj3UPuzbhUvi3HGy3Ybp8
2/r8q4GRE5tz0jWOFu0BwLxxvn21AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUhbYP
1vc1J/efvtbo3K8ttVHKStAwHwYDVR0jBBgwFoAUauoksJnDKyLk5Iu58mz1eL72
v/MwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVBNDBENTc3L2F1b2tz
Sm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2F1b2tzSm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVB
NDBENTc3LzMwQThDQzY2MDk2QzExRjA4QUIzODk0Qjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmh0EwDQYJKoZIhvcNAQEL
BQADggEBAOA65OMXhqQO693RMr8g3fl2514y2VsUECKu5BVxO/tBEKSaN24uGKP1
T7PKgpejHZn5SoTxPpt+jnHLFYM/t7MRO8Y6nREBLSXW9TukcTrUYFpASdEt3SvK
oeSaduICxS9jp0Ci+j22mjcGjugr0L9+3W8e93rLGU9tKqYV9/N6C6Xxro0QHwzj
2JBRxXx1kZslT6ZpvabXEggrWHyDcNJQ6KfMALZVIkyp+sgrR+a/PSGAXHN7Goqw
Bip++KSXZBUVnsK+WcfJrSoEjm43PG0oTKxZ8mgTODL7lj58jWoGyaaliyHdVA/m
L59LOprjQhYGIi1orxmQKOji+fzov2s=
-----END CERTIFICATE-----