Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EC2CF26E018811F0BECDF150762E951A.roa
File:                     EC2CF26E018811F0BECDF150762E951A.roa (raw, json)
Hash identifier:          VhErbkAwWarSyaPIGMFWNBjaWRcCcZHDZo4owk3x9vw=
Subject key identifier:   07:14:28:91:58:69:70:E8:6A:C4:FC:94:06:32:57:F9:8F:48:D9:DF
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       014648
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EC2CF26E018811F0BECDF150762E951A.roa
Signing time:             Sat 15 Mar 2025 10:33:24 +0000
ROA not before:           Sat 15 Mar 2025 10:33:19 +0000
ROA not after:            Mon 21 Apr 2025 10:33:19 +0000
asID:                     153656
IP address blocks:        156.254.32.0/19 maxlen: 24
                          156.254.64.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 07 Apr 2025 00:26:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 83528 (0x14648)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Mar 15 10:33:19 2025 GMT
            Not After : Apr 21 10:33:19 2025 GMT
        Subject: CN=67d55774-7178
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:18:5e:c2:3e:68:61:39:2f:f9:5b:f0:f9:8a:
                    2e:7a:79:70:11:17:b9:4d:bf:4d:57:26:c7:75:5d:
                    d3:ce:6a:7f:bf:d4:08:d7:b9:bc:af:07:8e:88:ca:
                    fa:6a:4e:ba:93:8f:51:89:65:5c:24:35:17:78:25:
                    24:c8:60:b9:a2:71:b6:27:a7:6d:e8:0b:e6:80:5c:
                    fc:c7:8c:b6:ac:88:51:3f:d8:3e:a6:9a:09:0d:34:
                    e9:90:f8:09:7b:d7:6d:28:a5:02:4d:bc:b6:fc:1a:
                    00:99:09:5f:1d:38:f8:62:36:a8:58:a5:9e:bc:15:
                    7f:4b:7f:48:19:58:8c:f9:79:b2:9e:90:11:9b:5e:
                    72:92:1a:57:59:93:43:62:00:2d:93:f1:26:c0:fe:
                    a4:4f:c2:89:7c:e8:89:95:9c:d0:7e:9d:04:77:6e:
                    df:9a:e3:dd:09:96:3e:86:97:3f:8b:63:36:89:6b:
                    95:2f:41:87:63:2a:78:ee:8f:5b:e9:88:05:cf:8c:
                    5a:3a:15:a2:92:d2:67:8c:1f:66:1b:9e:eb:db:89:
                    5d:61:07:52:fc:06:cd:7d:27:72:37:68:2d:dc:9d:
                    34:90:13:c3:27:07:f7:6d:e3:b7:25:58:37:30:de:
                    ab:53:da:82:7b:a7:c3:c7:75:de:6e:34:e5:e9:0a:
                    22:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:14:28:91:58:69:70:E8:6A:C4:FC:94:06:32:57:F9:8F:48:D9:DF
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EC2CF26E018811F0BECDF150762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.254.32.0-156.254.95.255

    Signature Algorithm: sha256WithRSAEncryption
         97:5e:91:d7:4d:12:44:04:cc:2d:56:31:eb:7a:b7:43:da:f3:
         42:2f:17:75:d8:ee:19:b0:7d:ca:da:de:24:d0:06:30:a6:ef:
         a4:af:d5:c5:b5:b0:8e:ef:8f:d8:7c:10:54:cb:6d:cf:86:86:
         f3:8a:77:d7:e7:62:3d:2c:47:bf:3a:ed:58:90:61:ff:5d:dd:
         b2:ee:ba:98:62:b0:72:9e:ee:5e:35:78:4e:d7:76:b6:be:77:
         dc:ff:a4:2f:c2:f0:cc:06:3f:85:13:4f:f1:f1:7b:f7:2d:d3:
         d1:82:b6:be:e7:af:cb:72:a9:dd:ce:7e:75:6d:8a:91:43:01:
         e6:f1:20:40:da:85:ab:01:63:10:ff:e6:54:fe:a6:35:01:ce:
         da:d5:3e:71:9b:04:21:74:ad:a6:10:f3:20:d1:e7:e6:4c:aa:
         e8:a6:c6:95:f2:47:82:7e:ef:24:0d:79:56:cc:c4:16:d4:a8:
         9e:71:a9:5d:7e:3e:c0:66:5e:73:82:7e:77:07:1d:37:16:f3:
         99:86:84:1d:ea:c4:f8:40:24:3a:14:21:64:b0:f6:42:9e:bd:
         2f:dc:13:fa:df:29:4d:f9:ac:d6:76:24:6c:44:14:0d:cf:11:
         55:e9:da:1a:4a:bf:1e:f6:c3:c1:a5:12:af:9a:cb:a1:20:82:
         42:a4:c0:a4
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAUZIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzE1MTAzMzE5WhcNMjUwNDIxMTAzMzE5WjAYMRYw
FAYDVQQDEw02N2Q1NTc3NC03MTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyRhewj5oYTkv+Vvw+YouenlwERe5Tb9NVybHdV3Tzmp/v9QI17m8rweO
iMr6ak66k49RiWVcJDUXeCUkyGC5onG2J6dt6AvmgFz8x4y2rIhRP9g+ppoJDTTp
kPgJe9dtKKUCTby2/BoAmQlfHTj4YjaoWKWevBV/S39IGViM+XmynpARm15ykhpX
WZNDYgAtk/EmwP6kT8KJfOiJlZzQfp0Ed27fmuPdCZY+hpc/i2M2iWuVL0GHYyp4
7o9b6YgFz4xaOhWiktJnjB9mG57r24ldYQdS/AbNfSdyN2gt3J00kBPDJwf3beO3
JVg3MN6rU9qCe6fDx3XebjTl6QoiMwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFAcU
KJFYaXDoasT8lAYyV/mPSNnfMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FQzJDRjI2RTAxODgxMUYwQkVDREYxNTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAWc/iADBAWc/kAwDQYJKoZI
hvcNAQELBQADggEBAJdekddNEkQEzC1WMet6t0Pa80IvF3XY7hmwfcra3iTQBjCm
76Sv1cW1sI7vj9h8EFTLbc+GhvOKd9fnYj0sR7867ViQYf9d3bLuuphisHKe7l41
eE7Xdra+d9z/pC/C8MwGP4UTT/Hxe/ct09GCtr7nr8tyqd3OfnVtipFDAebxIEDa
hasBYxD/5lT+pjUBztrVPnGbBCF0raYQ8yDR5+ZMquimxpXyR4J+7yQNeVbMxBbU
qJ5xqV1+PsBmXnOCfncHHTcW85mGhB3qxPhAJDoUIWSw9kKevS/cE/rfKU35rNZ2
JGxEFA3PEVXp2hpKvx72w8GlEq+ay6EggkKkwKQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:09:03 2025 by rpki-client