Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365461D/20B3F7527E5D11F0B898BF95DAE4EC9C/CB726F3A6A1A11F1B72CEC1DCF1D38B0.roa
File:                     CB726F3A6A1A11F1B72CEC1DCF1D38B0.roa (raw, json)
Hash identifier:          qA59AIvJOb69hQKYDh/o62yj6vAzEBD+E52HGTCrhhY=
Subject key identifier:   1F:06:32:89:89:25:81:57:D6:D4:C7:42:AC:6E:D7:8A:07:88:63:EF
Certificate issuer:       /CN=F365461DAF/serialNumber=D9714EE9464B0C7AE8D46BF10163784A160F7172
Certificate serial:       0139
Authority key identifier: D9:71:4E:E9:46:4B:0C:7A:E8:D4:6B:F1:01:63:78:4A:16:0F:71:72
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/2XFO6UZLDHro1GvxAWN4ShYPcXI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F365461D/20B3F7527E5D11F0B898BF95DAE4EC9C/CB726F3A6A1A11F1B72CEC1DCF1D38B0.roa
Signing time:             Wed 17 Jun 2026 07:04:34 +0000
ROA not before:           Wed 17 Jun 2026 07:04:29 +0000
ROA not after:            Sat 12 Jan 2030 07:04:29 +0000
asID:                     329578
IP address blocks:        102.202.84.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F365461D/20B3F7527E5D11F0B898BF95DAE4EC9C/2XFO6UZLDHro1GvxAWN4ShYPcXI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F365461D/20B3F7527E5D11F0B898BF95DAE4EC9C/2XFO6UZLDHro1GvxAWN4ShYPcXI.mft
                          rsync://rpki.afrinic.net/repository/afrinic/2XFO6UZLDHro1GvxAWN4ShYPcXI.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 23 Jun 2026 00:07:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 313 (0x139)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F365461DAF, serialNumber=D9714EE9464B0C7AE8D46BF10163784A160F7172
        Validity
            Not Before: Jun 17 07:04:29 2026 GMT
            Not After : Jan 12 07:04:29 2030 GMT
        Subject: CN=6a324702-e179
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:88:32:a0:71:b2:50:f1:68:89:90:17:1f:b3:
                    6e:f0:df:ff:7b:a3:88:e3:e3:e9:de:fd:5e:cc:99:
                    e2:a8:2b:f6:be:fe:54:23:3b:fb:83:34:e4:ca:9b:
                    7a:7e:ad:30:70:c7:8c:5c:e3:0f:a6:88:21:6a:1e:
                    1c:81:23:a9:2a:7d:8f:ee:54:95:fa:b5:cb:0b:a7:
                    cd:38:b4:96:3b:06:2a:7e:2f:4e:69:4d:9d:ec:58:
                    a3:b0:94:13:96:46:bf:be:44:07:3b:ce:15:0e:50:
                    f1:38:48:f6:2e:1f:4a:09:2e:18:ad:f0:9f:5f:34:
                    a8:25:e4:df:49:6b:8e:c8:e1:84:01:33:94:ee:73:
                    6c:b5:ef:c4:7c:bb:81:09:40:4e:32:5e:19:12:f0:
                    60:e9:2a:33:9a:39:b6:08:4e:24:81:a1:3c:5f:11:
                    3b:b9:e1:64:1a:b5:46:d1:f6:4c:a7:73:69:cc:e7:
                    4f:f8:07:b4:b1:22:92:88:aa:b9:6f:49:4f:eb:d4:
                    d5:dd:e5:56:4e:7b:c7:50:a4:0f:9f:2e:95:05:77:
                    8e:13:d2:d3:c2:e8:09:ab:f0:d1:4a:22:1d:bc:75:
                    8b:be:fb:dc:b6:cb:ac:af:05:80:85:a2:b1:de:7b:
                    c3:1b:ce:2e:1a:5e:9d:14:49:bc:cd:7c:f7:8d:f9:
                    b2:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:06:32:89:89:25:81:57:D6:D4:C7:42:AC:6E:D7:8A:07:88:63:EF
            X509v3 Authority Key Identifier:
                keyid:D9:71:4E:E9:46:4B:0C:7A:E8:D4:6B:F1:01:63:78:4A:16:0F:71:72

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F365461D/20B3F7527E5D11F0B898BF95DAE4EC9C/2XFO6UZLDHro1GvxAWN4ShYPcXI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/2XFO6UZLDHro1GvxAWN4ShYPcXI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365461D/20B3F7527E5D11F0B898BF95DAE4EC9C/CB726F3A6A1A11F1B72CEC1DCF1D38B0.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.202.84.0/22

    Signature Algorithm: sha256WithRSAEncryption
         50:e7:33:43:c6:7a:1a:93:7e:15:73:1f:e9:48:b9:f0:99:3e:
         69:cb:d5:67:ee:c2:53:f3:e4:34:40:c0:35:52:2a:c3:69:52:
         81:ee:f6:16:0a:4d:e1:4b:cc:19:33:92:f0:6a:1e:4f:86:25:
         c0:7c:e9:4b:23:43:90:bf:c0:fa:10:a7:75:2b:de:40:49:9f:
         23:74:be:54:04:ad:6a:d6:0f:4d:37:bc:7d:b1:6a:b6:dc:1f:
         67:d1:b4:b8:fd:aa:54:f5:60:8f:51:5b:19:b0:88:2d:f2:15:
         c4:a9:c1:e8:a6:30:92:ce:24:8c:63:41:b4:36:19:a6:90:82:
         66:43:1d:40:22:c1:67:54:c3:99:d5:5c:46:e5:17:3f:25:84:
         82:34:57:a8:70:1c:16:dd:f5:fd:5c:96:71:55:e4:95:71:68:
         58:ae:d1:3c:33:fa:35:40:99:1f:1c:b8:4f:03:d6:c9:93:c2:
         04:ef:81:81:2b:f2:97:b8:3a:58:18:e0:3d:e4:09:46:c6:e5:
         23:83:e7:43:b8:f8:cb:e8:97:af:a6:57:b9:20:14:f1:5d:9e:
         3e:36:30:07:6c:34:86:32:1e:98:e9:b9:70:fe:3a:3f:34:5c:
         a2:5e:58:86:c9:de:48:61:9c:33:50:cd:6c:7a:85:e5:fa:02:
         ef:5f:33:54
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICATkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NTQ2MURBRjExMC8GA1UEBRMoRDk3MTRFRTk0NjRCMEM3QUU4RDQ2QkYxMDE2Mzc4
NEExNjBGNzE3MjAeFw0yNjA2MTcwNzA0MjlaFw0zMDAxMTIwNzA0MjlaMBgxFjAU
BgNVBAMTDTZhMzI0NzAyLWUxNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC6iDKgcbJQ8WiJkBcfs27w3/97o4jj4+ne/V7MmeKoK/a+/lQjO/uDNOTK
m3p+rTBwx4xc4w+miCFqHhyBI6kqfY/uVJX6tcsLp804tJY7Bip+L05pTZ3sWKOw
lBOWRr++RAc7zhUOUPE4SPYuH0oJLhit8J9fNKgl5N9Ja47I4YQBM5Tuc2y178R8
u4EJQE4yXhkS8GDpKjOaObYITiSBoTxfETu54WQatUbR9kync2nM50/4B7SxIpKI
qrlvSU/r1NXd5VZOe8dQpA+fLpUFd44T0tPC6Amr8NFKIh28dYu++9y2y6yvBYCF
orHee8Mbzi4aXp0USbzNfPeN+bI3AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUHwYy
iYklgVfW1MdCrG7XigeIY+8wHwYDVR0jBBgwFoAU2XFO6UZLDHro1GvxAWN4ShYP
cXIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU0NjFELzIwQjNGNzUyN0U1RDExRjBCODk4QkY5NURBRTRFQzlDLzJYRk82
VVpMREhybzFHdnhBV040U2hZUGNYSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzJYRk82VVpMREhybzFHdnhBV040U2hZUGNYSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjU0NjFELzIwQjNGNzUyN0U1RDExRjBCODk4QkY5NURB
RTRFQzlDL0NCNzI2RjNBNkExQTExRjFCNzJDRUMxRENGMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJmylQwDQYJKoZIhvcNAQEL
BQADggEBAFDnM0PGehqTfhVzH+lIufCZPmnL1WfuwlPz5DRAwDVSKsNpUoHu9hYK
TeFLzBkzkvBqHk+GJcB86UsjQ5C/wPoQp3Ur3kBJnyN0vlQErWrWD003vH2xarbc
H2fRtLj9qlT1YI9RWxmwiC3yFcSpweimMJLOJIxjQbQ2GaaQgmZDHUAiwWdUw5nV
XEblFz8lhII0V6hwHBbd9f1clnFV5JVxaFiu0Twz+jVAmR8cuE8D1smTwgTvgYEr
8pe4OlgY4D3kCUbG5SOD50O4+Mvol6+mV7kgFPFdnj42MAdsNIYyHpjpuXD+Oj80
XKJeWIbJ3khhnDNQzWx6heX6Au9fM1Q=
-----END CERTIFICATE-----