Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9006A3B63BBE11F0B8ED0BD0DAE4EC9C.roa
File:                     9006A3B63BBE11F0B8ED0BD0DAE4EC9C.roa (raw, json)
Hash identifier:          IYtjHtJS8IGQj5OKAzhk4p1BBhTYNw4O6h8eTsP1FIA=
Subject key identifier:   B0:C2:83:F1:A3:29:86:94:F9:38:B7:DD:38:1F:E7:4E:40:11:D1:8B
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       018364
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9006A3B63BBE11F0B8ED0BD0DAE4EC9C.roa
Signing time:             Wed 28 May 2025 12:23:30 +0000
ROA not before:           Wed 28 May 2025 12:23:25 +0000
ROA not after:            Sun 06 Jul 2025 12:23:25 +0000
asID:                     202656
IP address blocks:        154.219.1.0/24 maxlen: 24
                          154.219.4.0/24 maxlen: 24
                          154.219.29.0/24 maxlen: 24
                          154.219.30.0/24 maxlen: 24
                          154.219.31.0/24 maxlen: 24
                          154.221.56.0/24 maxlen: 24
                          154.221.57.0/24 maxlen: 24
                          154.221.58.0/24 maxlen: 24
                          154.221.59.0/24 maxlen: 24
                          154.221.61.0/24 maxlen: 24
                          154.222.1.0/24 maxlen: 24
                          154.222.12.0/24 maxlen: 24
                          154.222.13.0/24 maxlen: 24
                          154.222.14.0/24 maxlen: 24
                          154.222.15.0/24 maxlen: 24
                          154.222.43.0/24 maxlen: 24
                          154.222.44.0/24 maxlen: 24
                          154.222.45.0/24 maxlen: 24
                          154.222.46.0/24 maxlen: 24
                          154.222.47.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 11 Jun 2025 00:06:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 99172 (0x18364)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: May 28 12:23:25 2025 GMT
            Not After : Jul  6 12:23:25 2025 GMT
        Subject: CN=68370042-53fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:eb:a3:0d:1b:6e:57:8e:74:b3:8f:df:ee:70:
                    43:b7:5d:3b:66:94:cb:13:2a:a8:da:87:e8:66:52:
                    11:ad:40:a0:23:76:33:ae:b4:4c:49:aa:cb:1d:73:
                    25:a4:4b:8b:45:46:5b:61:0e:1c:4b:c1:32:19:af:
                    3b:01:4e:79:69:c3:b0:54:38:f7:56:8c:35:37:78:
                    e2:4a:d0:e0:a6:81:1d:1f:5e:b4:5d:fc:c4:02:05:
                    82:b0:e1:db:6d:14:b5:8b:0f:f3:34:cc:1e:fb:84:
                    95:51:a3:76:84:e5:f0:4f:5a:23:79:1b:ec:a6:bc:
                    fc:a8:e6:a4:a8:93:92:d1:05:7e:60:20:d3:80:5a:
                    8c:d7:79:47:a5:6c:2b:2d:1b:66:f1:45:29:44:e7:
                    ec:da:14:a5:be:5e:33:6b:ef:3a:1b:39:24:91:ac:
                    69:60:f1:1f:45:38:8e:55:8d:2e:1a:d1:f4:e0:57:
                    b1:c3:64:3a:9c:cf:12:3c:5f:0f:9e:eb:33:74:6b:
                    ff:92:82:74:78:d5:28:5f:75:f6:bb:12:bb:b6:57:
                    0f:51:f8:5b:3e:4f:8e:58:d7:be:b7:64:e8:04:6e:
                    33:39:95:cc:35:dc:f0:28:44:0b:d7:87:eb:6a:1a:
                    04:0e:89:9d:f3:6a:7a:1c:3a:fa:39:f6:83:e9:ef:
                    22:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:C2:83:F1:A3:29:86:94:F9:38:B7:DD:38:1F:E7:4E:40:11:D1:8B
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9006A3B63BBE11F0B8ED0BD0DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.219.1.0/24
                  154.219.4.0/24
                  154.219.29.0-154.219.31.255
                  154.221.56.0/22
                  154.221.61.0/24
                  154.222.1.0/24
                  154.222.12.0/22
                  154.222.43.0-154.222.47.255

    Signature Algorithm: sha256WithRSAEncryption
         0f:52:cd:3a:0c:df:8c:68:48:af:6d:a3:bd:be:c1:27:24:24:
         ea:c1:ec:4b:bc:49:45:8f:92:e2:64:20:44:92:db:5b:c0:e5:
         11:c0:60:2e:ea:f8:63:cc:b2:5c:0a:a2:ea:c2:3e:75:a9:a4:
         e6:8d:6c:5e:35:d5:bc:25:64:36:91:c1:17:44:79:ec:d1:b6:
         af:1e:d0:21:2c:9a:81:65:f4:e2:d6:23:0e:16:9d:e0:6c:01:
         03:e1:5f:b8:2e:62:c4:30:cc:ab:f0:b6:6f:f1:e1:45:7a:bd:
         f6:eb:e8:fc:97:b8:f6:38:24:71:7e:c8:32:af:f4:b6:84:77:
         2e:67:3e:bf:fa:bb:66:91:f3:9c:5b:fa:ac:5d:49:90:52:dd:
         48:fb:d5:02:22:df:87:3d:c8:36:e8:b7:91:f8:9d:01:d8:97:
         f6:05:d5:0e:5b:df:80:14:9f:e3:1b:a1:19:aa:1d:55:a4:ad:
         4a:82:c6:c9:14:e4:7d:fb:7d:cb:9f:f6:d6:57:ba:78:b4:26:
         bd:50:61:b1:c7:d0:81:2b:a2:e7:94:72:78:5c:8e:69:87:3c:
         60:d7:b1:ab:7b:2b:b7:73:52:7f:fa:13:62:c5:55:78:f9:17:
         f2:de:f5:ab:cf:67:77:cb:5d:29:ce:1a:56:b8:4e:06:a7:0d:
         62:cd:0f:fa
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIDAYNkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTI4MTIyMzI1WhcNMjUwNzA2MTIyMzI1WjAYMRYw
FAYDVQQDEw02ODM3MDA0Mi01M2ZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7OujDRtuV450s4/f7nBDt107ZpTLEyqo2ofoZlIRrUCgI3YzrrRMSarL
HXMlpEuLRUZbYQ4cS8EyGa87AU55acOwVDj3Vow1N3jiStDgpoEdH160XfzEAgWC
sOHbbRS1iw/zNMwe+4SVUaN2hOXwT1ojeRvsprz8qOakqJOS0QV+YCDTgFqM13lH
pWwrLRtm8UUpROfs2hSlvl4za+86GzkkkaxpYPEfRTiOVY0uGtH04Fexw2Q6nM8S
PF8PnuszdGv/koJ0eNUoX3X2uxK7tlcPUfhbPk+OWNe+t2ToBG4zOZXMNdzwKEQL
14frahoEDomd82p6HDr6OfaD6e8ihQIDAQABo4IC3zCCAtswHQYDVR0OBBYEFLDC
g/GjKYaU+Ti33Tgf505AEdGLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MDA2QTNCNjNCQkUxMUYwQjhFRDBCRDBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQAmtsBAwQAmtsEMAwDBACa
2x0DBAWa2wADBAKa3TgDBACa3T0DBACa3gEDBAKa3gwwDAMEAJreKwMEBJreIDAN
BgkqhkiG9w0BAQsFAAOCAQEAD1LNOgzfjGhIr22jvb7BJyQk6sHsS7xJRY+S4mQg
RJLbW8DlEcBgLur4Y8yyXAqi6sI+damk5o1sXjXVvCVkNpHBF0R57NG2rx7QISya
gWX04tYjDhad4GwBA+FfuC5ixDDMq/C2b/HhRXq99uvo/Je49jgkcX7IMq/0toR3
Lmc+v/q7ZpHznFv6rF1JkFLdSPvVAiLfhz3INui3kfidAdiX9gXVDlvfgBSf4xuh
GaodVaStSoLGyRTkfft9y5/21le6eLQmvVBhscfQgSui55RyeFyOaYc8YNexq3sr
t3NSf/oTYsVVePkX8t71q89nd8tdKc4aVrhOBqcNYs0P+g==
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:47:45 2025 by rpki-client