Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EBDF27503C9711F1A901DD0CCF1D38B0.roa
File:                     EBDF27503C9711F1A901DD0CCF1D38B0.roa (raw, json)
Hash identifier:          4qNRLOV+TasqjzPcrvChe8mj5gca7ILouZudD6cxdMk=
Subject key identifier:   7C:73:58:F8:56:71:38:82:33:D4:CE:1D:EE:E4:6F:0F:72:9D:A4:33
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       01C626
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EBDF27503C9711F1A901DD0CCF1D38B0.roa
Signing time:             Mon 20 Apr 2026 09:04:22 +0000
ROA not before:           Mon 20 Apr 2026 09:04:18 +0000
ROA not after:            Wed 27 May 2026 09:04:18 +0000
asID:                     55320
IP address blocks:        154.93.98.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 11 May 2026 00:07:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 116262 (0x1c626)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Apr 20 09:04:18 2026 GMT
            Not After : May 27 09:04:18 2026 GMT
        Subject: CN=69e5ec16-2e77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:bb:ec:f5:68:fb:f3:04:30:09:c4:53:e3:56:
                    27:f3:12:80:8f:76:10:a4:ac:0a:21:15:15:cd:56:
                    60:36:12:5d:9d:98:e0:d5:2c:11:24:08:42:f6:c1:
                    09:6f:7d:c5:0c:41:a2:32:fc:3b:73:3a:a0:50:30:
                    0d:b1:da:03:41:81:54:4a:8b:71:a7:4d:a8:40:a7:
                    53:9d:e5:62:f2:d7:b4:b5:c0:87:3e:03:ef:5c:18:
                    78:1d:a1:b6:5a:2f:c4:fc:68:76:ec:45:00:16:56:
                    a5:e7:44:9e:73:5f:28:20:41:32:9a:e3:1e:97:68:
                    7f:42:7b:8d:97:b1:a9:33:30:82:b0:c4:c3:4f:06:
                    97:49:09:94:dd:df:3a:5d:e3:ae:02:9e:60:22:44:
                    b6:3e:a7:03:62:31:0f:54:da:f1:e1:68:3a:d0:94:
                    63:2c:69:94:e3:f1:15:63:df:e0:aa:18:48:16:27:
                    fc:8c:00:43:08:72:17:58:c8:ec:28:60:dc:22:cf:
                    dc:70:e8:fb:c5:2c:56:2f:89:cc:6c:76:e2:98:d4:
                    0e:cc:2d:37:a1:55:21:f5:f3:86:50:54:bb:3e:ba:
                    4c:0e:48:3e:61:33:d9:50:8b:14:71:66:e1:07:e5:
                    8d:d3:38:d4:03:8c:62:88:8a:c9:ce:34:f2:80:a5:
                    7a:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:73:58:F8:56:71:38:82:33:D4:CE:1D:EE:E4:6F:0F:72:9D:A4:33
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EBDF27503C9711F1A901DD0CCF1D38B0.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.93.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d1:0a:9f:91:fd:53:87:86:51:0e:96:9a:4f:5b:2e:f9:28:de:
         e3:b6:61:c1:9e:8b:4b:45:ba:92:96:1f:74:3b:d5:13:3e:ba:
         bc:fa:37:78:39:3e:d1:ad:0e:63:c8:c3:8c:76:1e:c7:77:6a:
         24:ab:99:15:5c:c2:8f:69:e6:cb:29:a8:ac:7f:1e:86:6c:ab:
         38:34:b3:a2:39:60:0e:08:a7:92:13:26:43:59:9f:75:82:4f:
         85:36:86:c6:73:9b:db:7e:18:7c:e6:c9:2a:92:71:40:b6:44:
         40:fe:cd:a3:5e:03:8c:ba:1b:58:e4:ac:2d:b3:f8:cc:63:2f:
         67:04:2d:93:ad:04:0d:1c:70:6c:e1:50:47:50:e0:47:ba:60:
         0d:12:a6:95:25:76:35:4d:33:06:c0:f9:79:7f:14:b6:e0:79:
         cb:1f:70:16:89:22:5b:1a:71:59:b7:e7:ca:57:24:77:25:d3:
         01:90:66:8f:f3:f7:30:3c:de:9b:c7:39:bd:7f:5f:dd:b0:eb:
         f9:dd:e5:62:40:30:ba:42:bf:02:01:e2:07:64:da:c9:51:25:
         b0:d6:db:dc:2a:2a:12:33:a0:e4:31:f1:d2:23:50:bf:fe:00:
         82:8e:d5:19:cf:5c:59:78:c8:a9:d2:86:bb:26:fa:08:00:30:
         58:75:3c:4b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcYmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDIwMDkwNDE4WhcNMjYwNTI3MDkwNDE4WjAYMRYw
FAYDVQQDEw02OWU1ZWMxNi0yZTc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnrvs9Wj78wQwCcRT41Yn8xKAj3YQpKwKIRUVzVZgNhJdnZjg1SwRJAhC
9sEJb33FDEGiMvw7czqgUDANsdoDQYFUSotxp02oQKdTneVi8te0tcCHPgPvXBh4
HaG2Wi/E/Gh27EUAFlal50Sec18oIEEymuMel2h/QnuNl7GpMzCCsMTDTwaXSQmU
3d86XeOuAp5gIkS2PqcDYjEPVNrx4Wg60JRjLGmU4/EVY9/gqhhIFif8jABDCHIX
WMjsKGDcIs/ccOj7xSxWL4nMbHbimNQOzC03oVUh9fOGUFS7PrpMDkg+YTPZUIsU
cWbhB+WN0zjUA4xiiIrJzjTygKV6xQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHxz
WPhWcTiCM9TOHe7kbw9ynaQzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FQkRGMjc1MDNDOTcxMUYxQTkwMUREMENDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml1iMA0GCSqGSIb3DQEB
CwUAA4IBAQDRCp+R/VOHhlEOlppPWy75KN7jtmHBnotLRbqSlh90O9UTPrq8+jd4
OT7RrQ5jyMOMdh7Hd2okq5kVXMKPaebLKaisfx6GbKs4NLOiOWAOCKeSEyZDWZ91
gk+FNobGc5vbfhh85skqknFAtkRA/s2jXgOMuhtY5Kwts/jMYy9nBC2TrQQNHHBs
4VBHUOBHumANEqaVJXY1TTMGwPl5fxS24HnLH3AWiSJbGnFZt+fKVyR3JdMBkGaP
8/cwPN6bxzm9f1/dsOv53eViQDC6Qr8CAeIHZNrJUSWw1tvcKioSM6DkMfHSI1C/
/gCCjtUZz1xZeMip0oa7JvoIADBYdTxL
-----END CERTIFICATE-----