Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EDB02ED2407411F0A5BF02F2DAE4EC9C.roa
File:                     EDB02ED2407411F0A5BF02F2DAE4EC9C.roa (raw, json)
Hash identifier:          iI2muOw/Zr+hQVc84V8oXfRwIo2A0QkFo258CvKGseE=
Subject key identifier:   6F:87:3B:06:23:33:52:E7:C3:EF:13:81:8B:ED:6D:EE:F4:64:60:91
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       018475
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EDB02ED2407411F0A5BF02F2DAE4EC9C.roa
Signing time:             Tue 03 Jun 2025 12:19:00 +0000
ROA not before:           Tue 03 Jun 2025 12:18:55 +0000
ROA not after:            Tue 15 Jul 2025 12:18:55 +0000
asID:                     63139
IP address blocks:        154.203.160.0/24 maxlen: 24
                          154.203.161.0/24 maxlen: 24
                          154.203.184.0/24 maxlen: 24
                          154.203.185.0/24 maxlen: 24
                          154.203.186.0/24 maxlen: 24
                          154.203.187.0/24 maxlen: 24
                          154.203.188.0/24 maxlen: 24
                          154.203.189.0/24 maxlen: 24
                          154.203.190.0/24 maxlen: 24
                          154.203.191.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 11 Jun 2025 00:06:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 99445 (0x18475)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jun  3 12:18:55 2025 GMT
            Not After : Jul 15 12:18:55 2025 GMT
        Subject: CN=683ee834-7682
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:8e:83:e7:f6:16:12:20:5c:1f:10:5e:6d:73:
                    af:80:15:be:69:32:ed:fb:f1:6d:ca:e3:91:d2:85:
                    d7:7b:6e:a2:3e:50:4a:f3:16:bc:ab:cc:cb:16:47:
                    a3:c4:69:a6:90:96:64:ad:bc:eb:e5:7b:87:10:0e:
                    0d:80:09:65:b8:92:6d:8b:f9:e0:79:8d:0a:45:93:
                    eb:b2:b1:9b:7e:92:75:11:ac:16:83:8e:87:5a:ee:
                    50:4b:41:5e:4a:aa:7d:6c:e1:e0:e8:5c:ce:81:f7:
                    58:cf:a3:60:52:76:db:7d:8f:b8:c2:20:d0:25:0a:
                    4e:a3:73:d3:80:aa:59:b9:2c:46:7a:64:6b:9e:3c:
                    e0:b7:cb:c7:b7:8a:52:fe:bd:4a:35:c2:fb:79:4b:
                    e6:76:b2:32:c9:ee:de:59:2a:92:8d:cb:65:c0:c4:
                    34:0e:b2:c8:f3:fa:0c:c1:44:87:57:34:80:39:88:
                    9a:e7:6f:b1:b1:4f:b8:b5:69:43:b1:f5:a8:8e:b9:
                    8c:7c:55:b8:04:0d:fb:c4:7a:2e:cd:5d:7e:c1:12:
                    09:90:1a:58:e0:08:66:9a:40:27:02:24:eb:08:4d:
                    3e:1b:28:d1:2a:63:03:c4:20:3d:86:5a:56:58:5e:
                    c5:8b:14:f9:52:27:7b:a4:cc:8c:8d:4d:a8:ea:84:
                    f0:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:87:3B:06:23:33:52:E7:C3:EF:13:81:8B:ED:6D:EE:F4:64:60:91
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EDB02ED2407411F0A5BF02F2DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.203.160.0/23
                  154.203.184.0/21

    Signature Algorithm: sha256WithRSAEncryption
         cc:bf:d3:be:85:e1:9f:a2:8a:58:0a:53:53:fe:06:7f:e8:24:
         87:f1:3e:d1:df:ce:90:f2:47:1c:0e:6e:f7:53:2c:84:8b:29:
         d6:f8:f4:7e:06:e0:55:c7:6e:3c:37:9e:b6:26:06:e9:fe:c7:
         d1:74:74:0a:35:34:94:bd:cb:42:15:d9:70:54:b9:89:8d:43:
         3b:02:53:dd:6d:61:ee:f8:f1:7e:33:72:11:85:43:cc:e3:ad:
         27:7d:3c:bc:53:67:64:e2:b3:8d:4c:71:2f:9c:38:3c:b0:42:
         97:7d:43:e1:80:85:88:e6:0b:4c:63:b5:36:de:0e:8d:76:97:
         7e:40:47:9a:be:fc:c6:22:30:b4:d0:b1:92:bd:40:9a:52:20:
         40:7c:42:3a:46:fb:de:74:9b:46:e9:d4:76:be:54:2e:e9:11:
         68:29:8e:99:1c:8e:10:15:c0:70:2b:92:58:42:24:db:45:d0:
         ac:eb:00:cb:33:27:62:8a:fa:bf:df:12:b9:de:f6:61:ec:7a:
         0c:41:4a:d7:57:18:47:7b:49:a2:08:26:ee:d2:b2:4e:45:78:
         83:9c:28:d4:e5:57:7c:6b:e6:19:32:04:cf:7a:91:a0:ad:64:
         63:a3:69:ab:df:9e:82:20:45:86:2d:60:e3:14:fc:79:1a:b8:
         cf:23:05:c5
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAYR1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjAzMTIxODU1WhcNMjUwNzE1MTIxODU1WjAYMRYw
FAYDVQQDEw02ODNlZTgzNC03NjgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyY6D5/YWEiBcHxBebXOvgBW+aTLt+/FtyuOR0oXXe26iPlBK8xa8q8zL
FkejxGmmkJZkrbzr5XuHEA4NgAlluJJti/ngeY0KRZPrsrGbfpJ1EawWg46HWu5Q
S0FeSqp9bOHg6FzOgfdYz6NgUnbbfY+4wiDQJQpOo3PTgKpZuSxGemRrnjzgt8vH
t4pS/r1KNcL7eUvmdrIyye7eWSqSjctlwMQ0DrLI8/oMwUSHVzSAOYia52+xsU+4
tWlDsfWojrmMfFW4BA37xHouzV1+wRIJkBpY4AhmmkAnAiTrCE0+GyjRKmMDxCA9
hlpWWF7FixT5Uid7pMyMjU2o6oTwPQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFG+H
OwYjM1Lnw+8TgYvtbe70ZGCRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FREIwMkVEMjQwNzQxMUYwQTVCRjAyRjJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBmsugAwQDmsu4MA0GCSqG
SIb3DQEBCwUAA4IBAQDMv9O+heGfoopYClNT/gZ/6CSH8T7R386Q8kccDm73UyyE
iynW+PR+BuBVx248N562Jgbp/sfRdHQKNTSUvctCFdlwVLmJjUM7AlPdbWHu+PF+
M3IRhUPM460nfTy8U2dk4rONTHEvnDg8sEKXfUPhgIWI5gtMY7U23g6Ndpd+QEea
vvzGIjC00LGSvUCaUiBAfEI6RvvedJtG6dR2vlQu6RFoKY6ZHI4QFcBwK5JYQiTb
RdCs6wDLMydiivq/3xK53vZh7HoMQUrXVxhHe0miCCbu0rJORXiDnCjU5Vd8a+YZ
MgTPepGgrWRjo2mr356CIEWGLWDjFPx5GrjPIwXF
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:35:22 2025 by rpki-client