Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367496A/2A8B6E7A938111F09DB8CAC8DAE4EC9C/509ADF3A938911F0BBAB447FDAE4EC9C.roa
File:                     509ADF3A938911F0BBAB447FDAE4EC9C.roa (raw, json)
Hash identifier:          4i7WuO84RuLsGtt0s+Z99FBJCLy8Fd/o6vDGHSgCgto=
Subject key identifier:   97:3E:F5:69:80:F5:E5:B0:D8:48:73:3C:BF:1B:0C:DF:8F:DB:7B:7A
Certificate issuer:       /CN=F367496AAF/serialNumber=D04CAD68C5519EA213425D067FA6408F4FE3FCBA
Certificate serial:       05
Authority key identifier: D0:4C:AD:68:C5:51:9E:A2:13:42:5D:06:7F:A6:40:8F:4F:E3:FC:BA
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/0EytaMVRnqITQl0Gf6ZAj0_j_Lo.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367496A/2A8B6E7A938111F09DB8CAC8DAE4EC9C/509ADF3A938911F0BBAB447FDAE4EC9C.roa
Signing time:             Wed 17 Sep 2025 05:44:02 +0000
ROA not before:           Wed 17 Sep 2025 05:43:58 +0000
ROA not after:            Tue 31 Mar 2026 05:43:58 +0000
asID:                     328269
IP address blocks:        102.177.72.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367496A/2A8B6E7A938111F09DB8CAC8DAE4EC9C/0EytaMVRnqITQl0Gf6ZAj0_j_Lo.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367496A/2A8B6E7A938111F09DB8CAC8DAE4EC9C/0EytaMVRnqITQl0Gf6ZAj0_j_Lo.mft
                          rsync://rpki.afrinic.net/repository/afrinic/0EytaMVRnqITQl0Gf6ZAj0_j_Lo.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 19 Sep 2025 06:08:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5 (0x5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367496AAF, serialNumber=D04CAD68C5519EA213425D067FA6408F4FE3FCBA
        Validity
            Not Before: Sep 17 05:43:58 2025 GMT
            Not After : Mar 31 05:43:58 2026 GMT
        Subject: CN=68ca4aa2-1b5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:05:3e:33:7c:97:72:ce:08:24:4a:41:d8:45:
                    62:70:7a:41:84:f6:d9:22:de:64:b3:5b:78:08:6e:
                    f9:aa:d1:ba:1f:0a:ae:d7:df:f9:a5:9a:18:4e:b8:
                    b2:df:2f:77:33:79:14:6f:1f:c0:32:cc:37:0f:d5:
                    00:17:43:ef:74:3b:16:9e:a1:8d:69:c8:48:98:64:
                    36:c4:41:9d:82:63:68:c9:28:67:28:45:95:cd:e3:
                    85:32:6d:db:ef:d5:b3:59:20:f4:fa:14:f3:6b:5f:
                    9d:26:16:94:2b:99:1d:a3:9e:37:0d:cd:65:cf:1f:
                    5e:d6:d4:ab:47:7a:c9:64:62:3d:c4:e1:3d:09:0b:
                    36:69:22:41:54:42:da:93:f0:1f:2a:3a:f9:ec:b1:
                    bc:ea:08:bf:7b:d8:e0:8a:43:ba:a5:0e:95:98:4b:
                    c4:66:95:cd:1a:2a:2c:31:87:77:f3:cc:98:81:e0:
                    9e:8b:8f:ad:f7:33:3b:77:51:43:6e:59:2f:f8:c7:
                    7d:28:b1:a8:37:73:b6:43:66:a5:c7:f0:96:40:94:
                    65:98:4b:46:cc:9f:90:6e:20:6d:64:3d:f4:de:6b:
                    d6:2c:d4:af:f6:63:45:27:1c:5b:b9:96:1e:fe:1b:
                    e4:9e:8a:8e:b0:87:10:47:0a:a3:f1:7d:3d:40:e8:
                    7f:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:3E:F5:69:80:F5:E5:B0:D8:48:73:3C:BF:1B:0C:DF:8F:DB:7B:7A
            X509v3 Authority Key Identifier:
                keyid:D0:4C:AD:68:C5:51:9E:A2:13:42:5D:06:7F:A6:40:8F:4F:E3:FC:BA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367496A/2A8B6E7A938111F09DB8CAC8DAE4EC9C/0EytaMVRnqITQl0Gf6ZAj0_j_Lo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/0EytaMVRnqITQl0Gf6ZAj0_j_Lo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367496A/2A8B6E7A938111F09DB8CAC8DAE4EC9C/509ADF3A938911F0BBAB447FDAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.177.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c5:3e:d5:6e:19:09:be:5d:ad:60:5a:4b:b7:70:be:90:92:87:
         3d:f4:57:c9:cb:ec:09:b3:94:10:64:2d:5c:70:f2:be:ba:ad:
         d0:b9:78:96:14:5c:5d:bc:ff:71:86:9b:bd:ba:f4:d1:97:96:
         25:71:e7:66:e2:d2:73:e9:11:70:4b:c6:99:01:0c:1d:9f:66:
         b3:7a:38:43:15:a4:1c:5e:30:80:8e:79:80:87:96:ed:e7:f1:
         b3:9b:b9:77:8d:64:6e:9a:bc:63:17:fc:5e:42:d4:31:2d:96:
         03:70:95:08:10:fd:20:a8:6f:c3:5e:b4:db:37:e9:c7:20:25:
         30:f9:01:46:13:a3:45:cc:e7:ec:1f:c3:79:80:40:1b:8b:e3:
         00:6a:d7:6d:12:24:38:ba:0e:a8:76:5f:75:cf:21:bb:3e:98:
         2a:0e:5f:78:a5:41:28:2e:77:a3:c1:73:8e:26:03:87:0c:eb:
         4e:69:49:71:6c:e5:2e:53:a1:4c:75:54:b6:48:e7:e3:10:25:
         2d:5e:b4:d6:aa:08:b1:af:07:ec:0e:58:d9:a0:42:ef:7a:7f:
         66:95:7c:4d:81:8e:78:d7:4a:2a:24:b0:67:e7:52:7e:ed:3d:
         9c:4c:23:6a:c7:49:57:49:88:f4:ec:7b:59:d1:f8:c6:8e:0e:
         03:27:96:54
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
NDk2QUFGMTEwLwYDVQQFEyhEMDRDQUQ2OEM1NTE5RUEyMTM0MjVEMDY3RkE2NDA4
RjRGRTNGQ0JBMB4XDTI1MDkxNzA1NDM1OFoXDTI2MDMzMTA1NDM1OFowGDEWMBQG
A1UEAxMNNjhjYTRhYTItMWI1ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOEFPjN8l3LOCCRKQdhFYnB6QYT22SLeZLNbeAhu+arRuh8Krtff+aWaGE64
st8vdzN5FG8fwDLMNw/VABdD73Q7Fp6hjWnISJhkNsRBnYJjaMkoZyhFlc3jhTJt
2+/Vs1kg9PoU82tfnSYWlCuZHaOeNw3NZc8fXtbUq0d6yWRiPcThPQkLNmkiQVRC
2pPwHyo6+eyxvOoIv3vY4IpDuqUOlZhLxGaVzRoqLDGHd/PMmIHgnouPrfczO3dR
Q25ZL/jHfSixqDdztkNmpcfwlkCUZZhLRsyfkG4gbWQ99N5r1izUr/ZjRSccW7mW
Hv4b5J6KjrCHEEcKo/F9PUDof6kCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSXPvVp
gPXlsNhIczy/Gwzfj9t7ejAfBgNVHSMEGDAWgBTQTK1oxVGeohNCXQZ/pkCPT+P8
ujAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzQ5NkEvMkE4QjZFN0E5MzgxMTFGMDlEQjhDQUM4REFFNEVDOUMvMEV5dGFN
VlJucUlUUWwwR2Y2WkFqMF9qX0xvLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvMEV5dGFNVlJucUlUUWwwR2Y2WkFqMF9qX0xvLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzQ5NkEvMkE4QjZFN0E5MzgxMTFGMDlEQjhDQUM4REFF
NEVDOUMvNTA5QURGM0E5Mzg5MTFGMEJCQUI0NDdGREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmaxSDANBgkqhkiG9w0BAQsF
AAOCAQEAxT7VbhkJvl2tYFpLt3C+kJKHPfRXycvsCbOUEGQtXHDyvrqt0Ll4lhRc
Xbz/cYabvbr00ZeWJXHnZuLSc+kRcEvGmQEMHZ9ms3o4QxWkHF4wgI55gIeW7efx
s5u5d41kbpq8Yxf8XkLUMS2WA3CVCBD9IKhvw1602zfpxyAlMPkBRhOjRczn7B/D
eYBAG4vjAGrXbRIkOLoOqHZfdc8huz6YKg5feKVBKC53o8FzjiYDhwzrTmlJcWzl
LlOhTHVUtkjn4xAlLV601qoIsa8H7A5Y2aBC73p/ZpV8TYGOeNdKKiSwZ+dSfu09
nEwjasdJV0mI9Ox7WdH4xo4OAyeWVA==
-----END CERTIFICATE-----