Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/722806863FC911F18439B9AECE1D38B0.roa
File:                     722806863FC911F18439B9AECE1D38B0.roa (raw, json)
Hash identifier:          qYrjC/ti3ksRzrN58Q00RUIorzHgtHhs0DeP4135u3c=
Subject key identifier:   E6:2B:1B:04:BE:B9:05:EF:6C:15:62:1B:30:29:B6:19:E2:37:7A:42
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       01C73F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/722806863FC911F18439B9AECE1D38B0.roa
Signing time:             Fri 24 Apr 2026 10:36:26 +0000
ROA not before:           Fri 24 Apr 2026 10:36:22 +0000
ROA not after:            Sat 30 May 2026 10:36:22 +0000
asID:                     18013
IP address blocks:        154.201.64.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 08 May 2026 00:07:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 116543 (0x1c73f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Apr 24 10:36:22 2026 GMT
            Not After : May 30 10:36:22 2026 GMT
        Subject: CN=69eb47aa-17a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:b0:87:3d:38:d5:b9:16:0e:3e:60:7f:80:b2:
                    f3:69:06:61:e0:7c:a6:0c:c7:25:2b:e8:d8:af:2f:
                    af:f0:72:91:d1:ca:d0:66:f3:af:65:a1:41:b9:7f:
                    64:7f:07:d7:f3:6a:87:a4:ba:84:3c:4b:7d:df:ef:
                    a2:ee:c0:ba:17:b3:09:67:d6:c4:ba:97:5e:f0:ad:
                    91:be:a2:f7:59:6e:bf:73:1e:4b:fd:12:c7:86:3b:
                    08:03:ae:a4:02:54:d5:82:bb:ba:f4:d0:87:0e:1e:
                    96:6b:fe:ff:06:76:b1:ce:06:4d:c0:b4:0a:07:8f:
                    36:ce:79:0d:d7:d4:13:e3:3a:c0:ed:5a:6c:a5:2d:
                    4b:60:5d:ab:e6:61:2f:ca:11:ff:d2:d4:70:12:2d:
                    a7:62:70:c5:1c:9d:e2:88:3d:33:8b:fb:73:fa:a1:
                    f4:c5:50:6e:b6:0a:58:4b:69:db:33:20:9b:8e:cc:
                    ba:31:47:aa:7e:88:5c:de:f8:75:5a:94:4b:6b:22:
                    9f:bb:73:f0:4c:7d:f1:dc:25:60:47:73:c4:c3:6a:
                    67:67:ea:a4:49:d4:a4:69:bb:e2:8d:8e:68:ea:2b:
                    34:96:ca:f2:9d:c3:c4:94:8b:34:d1:3e:3f:f9:47:
                    01:07:66:64:5a:d5:2b:4c:0b:fd:07:b5:6b:a7:4a:
                    0d:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:2B:1B:04:BE:B9:05:EF:6C:15:62:1B:30:29:B6:19:E2:37:7A:42
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/722806863FC911F18439B9AECE1D38B0.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.201.64.0/19

    Signature Algorithm: sha256WithRSAEncryption
         68:62:68:ca:0a:40:3a:f4:0a:50:b5:39:78:f5:12:eb:d4:7c:
         23:8f:90:2d:15:ca:b3:33:b7:9a:a2:f0:80:bd:d6:5a:70:ce:
         1a:53:af:29:ed:63:56:73:8f:8c:52:ff:45:a9:43:f0:6a:24:
         1d:22:e6:e8:8a:0d:8d:23:5f:c4:8c:75:f0:e3:e0:1a:49:07:
         c4:d8:19:2e:bf:d1:8e:23:f6:00:50:cb:26:8c:ea:3e:49:78:
         58:e1:be:40:89:82:e3:d3:12:5e:da:41:fd:00:74:0b:b6:1f:
         1d:df:89:4e:f3:46:15:29:22:e3:17:f0:ce:ce:85:4d:a9:e3:
         1f:65:7d:44:77:38:3b:e5:c7:f2:d0:d6:0f:b0:27:e7:fb:33:
         66:9f:57:5f:67:4d:73:48:a8:a4:26:6a:dd:f0:6e:63:58:9a:
         05:1c:fe:a8:9d:35:fc:b3:52:5e:d6:4b:9d:a5:39:c7:9c:69:
         c7:d7:79:30:c2:64:a3:4c:d9:02:32:7a:b3:4d:8f:8d:70:6b:
         b5:d2:43:06:08:d5:23:4f:9f:04:c9:f2:96:ce:cf:1e:e9:5b:
         68:0d:57:7d:78:8a:7f:88:4f:de:d0:04:87:7e:91:2a:f1:25:
         cf:eb:78:37:05:e9:34:15:fb:5e:53:74:b6:59:70:9b:f3:15:
         0a:1e:60:26
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcc/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDI0MTAzNjIyWhcNMjYwNTMwMTAzNjIyWjAYMRYw
FAYDVQQDEw02OWViNDdhYS0xN2ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsrCHPTjVuRYOPmB/gLLzaQZh4HymDMclK+jYry+v8HKR0crQZvOvZaFB
uX9kfwfX82qHpLqEPEt93++i7sC6F7MJZ9bEupde8K2RvqL3WW6/cx5L/RLHhjsI
A66kAlTVgru69NCHDh6Wa/7/BnaxzgZNwLQKB482znkN19QT4zrA7VpspS1LYF2r
5mEvyhH/0tRwEi2nYnDFHJ3iiD0zi/tz+qH0xVButgpYS2nbMyCbjsy6MUeqfohc
3vh1WpRLayKfu3PwTH3x3CVgR3PEw2pnZ+qkSdSkabvijY5o6is0lsryncPElIs0
0T4/+UcBB2ZkWtUrTAv9B7Vrp0oNBwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOYr
GwS+uQXvbBViGzApthniN3pCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MjI4MDY4NjNGQzkxMUYxODQzOUI5QUVDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmslAMA0GCSqGSIb3DQEB
CwUAA4IBAQBoYmjKCkA69ApQtTl49RLr1Hwjj5AtFcqzM7eaovCAvdZacM4aU68p
7WNWc4+MUv9FqUPwaiQdIuboig2NI1/EjHXw4+AaSQfE2Bkuv9GOI/YAUMsmjOo+
SXhY4b5AiYLj0xJe2kH9AHQLth8d34lO80YVKSLjF/DOzoVNqeMfZX1Edzg75cfy
0NYPsCfn+zNmn1dfZ01zSKikJmrd8G5jWJoFHP6onTX8s1Je1kudpTnHnGnH13kw
wmSjTNkCMnqzTY+NcGu10kMGCNUjT58EyfKWzs8e6VtoDVd9eIp/iE/e0ASHfpEq
8SXP63g3Bek0FfteU3S2WXCb8xUKHmAm
-----END CERTIFICATE-----