Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/60611A0A194F11F1BF46479BDAE4EC9C.roa
File:                     60611A0A194F11F1BF46479BDAE4EC9C.roa (raw, json)
Hash identifier:          hDjrfB5r73DHlXmKh6PUxGuV0TnFdFXlrAcscjdBUKo=
Subject key identifier:   1A:69:92:D3:B6:C1:40:E8:4C:C7:F9:08:B1:B2:48:4D:D4:11:4A:3C
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       01BE09
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/60611A0A194F11F1BF46479BDAE4EC9C.roa
Signing time:             Fri 06 Mar 2026 11:26:53 +0000
ROA not before:           Fri 06 Mar 2026 11:26:49 +0000
ROA not after:            Sun 05 Apr 2026 11:26:49 +0000
asID:                     274035
IP address blocks:        154.88.188.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 26 Mar 2026 08:06:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 114185 (0x1be09)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Mar  6 11:26:49 2026 GMT
            Not After : Apr  5 11:26:49 2026 GMT
        Subject: CN=69aab9fd-5228
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:7c:18:24:47:d8:58:d9:d2:4b:92:02:db:f7:
                    7a:16:75:78:29:80:10:4e:fa:1d:94:dd:e3:95:a0:
                    da:fa:e4:ca:e0:24:9a:3e:ad:dd:bb:cc:70:4d:f5:
                    9c:34:a4:8c:48:05:ad:a3:f0:61:5e:03:22:0e:a3:
                    42:dd:35:cc:84:c9:b3:76:89:e0:3c:b5:13:0d:da:
                    8e:a9:ce:7a:18:87:f3:48:bb:e7:c1:e3:14:dc:c0:
                    c0:a5:a2:da:c5:2e:1f:a8:db:c5:62:8a:c2:60:e6:
                    53:3b:d9:90:bc:75:31:fd:04:8a:b8:da:66:b1:88:
                    af:95:2d:39:e9:6d:f8:26:e2:44:4b:b1:a3:4e:15:
                    76:ac:0b:e6:51:cd:9c:39:50:f6:81:b1:49:b0:a4:
                    31:a9:a6:bd:e0:b0:e8:cb:86:ce:dc:31:62:ec:e4:
                    09:ae:5e:63:13:02:30:c7:0a:2f:4e:42:e2:b7:ab:
                    1b:b7:4a:91:eb:9a:c2:99:7b:c0:19:53:27:59:7f:
                    f8:75:e0:46:78:bc:79:60:cb:1d:29:c2:59:7a:a5:
                    46:d2:1e:28:36:fc:1b:23:f4:7c:cf:10:2c:c9:06:
                    83:cf:90:e9:2b:96:6a:64:8f:2c:aa:69:7b:73:39:
                    f2:8e:1b:2e:2f:1e:64:82:ba:1f:e6:43:f3:73:37:
                    0a:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:69:92:D3:B6:C1:40:E8:4C:C7:F9:08:B1:B2:48:4D:D4:11:4A:3C
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/60611A0A194F11F1BF46479BDAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.88.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bf:39:87:f2:a3:5e:eb:04:a4:ee:77:6c:0a:c2:55:8b:de:84:
         7f:24:a3:c5:ba:23:3a:6e:b8:b1:5d:5d:0d:7f:c7:33:c1:a3:
         57:76:cd:c5:3f:11:69:2e:74:2b:f5:25:97:ac:d3:a2:24:82:
         d3:e8:20:66:96:2a:76:41:85:c4:14:41:90:2b:53:b4:00:58:
         cb:99:80:15:06:76:eb:42:78:ee:3b:9b:03:46:76:44:30:27:
         e5:e9:00:a7:0b:58:07:25:36:1a:53:3c:40:f8:0e:a8:b6:09:
         59:eb:8b:14:68:3e:d8:67:63:d9:5d:5f:e0:6e:6e:ae:29:6b:
         20:3a:27:99:0c:3e:eb:b6:39:15:16:bc:f7:dd:95:c8:45:e3:
         e0:78:af:d9:5e:f1:3b:c2:85:89:90:2e:88:f7:7e:d3:c3:33:
         3e:a8:62:07:19:89:ca:14:b8:d4:d9:2a:d0:44:7d:d4:17:ad:
         c8:37:9f:94:c9:05:d2:29:dd:5e:ad:5f:a4:3f:66:e0:ac:c0:
         f9:8a:f7:ab:98:36:bd:52:3b:05:77:71:35:05:2c:cc:c4:ca:
         35:61:95:6d:c9:72:d5:fc:ef:d2:26:50:7a:44:0a:e7:11:24:
         16:b8:f6:30:f2:fd:c0:55:80:1d:7e:27:15:0f:4f:1c:dc:53:
         72:b3:6a:bf
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAb4JMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwMzA2MTEyNjQ5WhcNMjYwNDA1MTEyNjQ5WjAYMRYw
FAYDVQQDEw02OWFhYjlmZC01MjI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtnwYJEfYWNnSS5IC2/d6FnV4KYAQTvodlN3jlaDa+uTK4CSaPq3du8xw
TfWcNKSMSAWto/BhXgMiDqNC3TXMhMmzdongPLUTDdqOqc56GIfzSLvnweMU3MDA
paLaxS4fqNvFYorCYOZTO9mQvHUx/QSKuNpmsYivlS056W34JuJES7GjThV2rAvm
Uc2cOVD2gbFJsKQxqaa94LDoy4bO3DFi7OQJrl5jEwIwxwovTkLit6sbt0qR65rC
mXvAGVMnWX/4deBGeLx5YMsdKcJZeqVG0h4oNvwbI/R8zxAsyQaDz5DpK5ZqZI8s
qml7cznyjhsuLx5kgrof5kPzczcKvwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBpp
ktO2wUDoTMf5CLGySE3UEUo8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MDYxMUEwQTE5NEYxMUYxQkY0NjQ3OUJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmli8MA0GCSqGSIb3DQEB
CwUAA4IBAQC/OYfyo17rBKTud2wKwlWL3oR/JKPFuiM6brixXV0Nf8czwaNXds3F
PxFpLnQr9SWXrNOiJILT6CBmlip2QYXEFEGQK1O0AFjLmYAVBnbrQnjuO5sDRnZE
MCfl6QCnC1gHJTYaUzxA+A6otglZ64sUaD7YZ2PZXV/gbm6uKWsgOieZDD7rtjkV
Frz33ZXIRePgeK/ZXvE7woWJkC6I937TwzM+qGIHGYnKFLjU2SrQRH3UF63IN5+U
yQXSKd1erV+kP2bgrMD5ivermDa9UjsFd3E1BSzMxMo1YZVtyXLV/O/SJlB6RArn
ESQWuPYw8v3AVYAdficVD08c3FNys2q/
-----END CERTIFICATE-----