Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A1280DE61AAE11F0AB88B9226EB8BCC6.roa
File:                     A1280DE61AAE11F0AB88B9226EB8BCC6.roa (raw, json)
Hash identifier:          ebKB2Zbcanyr8D1s4OB9LYCyoOBvmh19wcDhYhMmASw=
Subject key identifier:   4C:A5:47:9C:B9:14:1E:E1:B3:1E:FE:1E:F9:4B:A1:62:5C:A6:05:C7
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       01796B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A1280DE61AAE11F0AB88B9226EB8BCC6.roa
Signing time:             Wed 16 Apr 2025 10:36:18 +0000
ROA not before:           Wed 16 Apr 2025 10:36:13 +0000
ROA not after:            Sun 04 May 2025 10:36:13 +0000
asID:                     214143
IP address blocks:        154.197.106.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 28 Apr 2025 07:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 96619 (0x1796b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Apr 16 10:36:13 2025 GMT
            Not After : May  4 10:36:13 2025 GMT
        Subject: CN=67ff8822-4614
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:54:f9:2f:e9:cb:dd:38:33:96:f9:a5:b6:08:
                    bd:13:1f:c6:aa:1a:78:88:aa:d7:36:3f:ed:92:98:
                    bc:38:5a:94:e0:2f:58:64:b7:cf:8e:16:a4:92:40:
                    9e:f6:13:84:88:7f:a5:87:b1:f2:ed:0b:ee:bf:ae:
                    8a:3d:f5:2d:6f:37:8e:10:61:e4:a7:0b:b1:ed:7c:
                    9b:cf:da:96:a6:51:e1:66:0a:08:8c:89:c3:42:37:
                    c7:1e:d4:79:a9:b2:c2:ff:3b:70:13:1e:91:8c:7d:
                    f3:9b:6f:a8:68:61:40:f8:9a:93:93:11:ac:80:d0:
                    a7:5f:e3:d2:b6:7e:50:7e:87:be:b9:f6:13:0c:48:
                    83:fb:61:f3:1b:68:08:ae:c1:2f:f6:3d:03:ad:91:
                    dd:19:07:42:0c:db:44:ed:57:5a:f2:09:da:62:9f:
                    45:22:8c:6c:0d:b9:09:5c:e1:26:ce:95:72:ee:a8:
                    58:d6:5e:de:03:e0:ca:b3:62:76:6a:84:b4:84:7c:
                    76:c5:cb:db:5b:62:3f:f3:36:27:e0:b3:d5:e2:06:
                    79:bd:87:bf:08:7a:ba:8f:8e:f4:85:c8:97:22:94:
                    33:fc:e4:2a:f0:4d:ee:7d:51:b1:c0:03:28:c9:2c:
                    7d:37:30:15:20:83:8a:ac:cd:0f:1f:ba:5c:83:1e:
                    0f:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:A5:47:9C:B9:14:1E:E1:B3:1E:FE:1E:F9:4B:A1:62:5C:A6:05:C7
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A1280DE61AAE11F0AB88B9226EB8BCC6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.197.106.0/23

    Signature Algorithm: sha256WithRSAEncryption
         95:80:c5:12:f1:bd:71:8d:fd:b7:76:f6:e4:b4:82:cc:5c:5a:
         34:79:40:8e:76:84:16:be:c0:a1:da:d9:d8:32:75:09:74:7e:
         3e:29:4f:78:1f:7e:a2:50:b3:a9:d8:fd:ad:27:fb:61:a4:55:
         0a:6b:00:34:a3:a5:ac:85:13:b1:dd:51:2c:c1:47:ce:5c:1a:
         6c:b5:46:d1:a7:82:cc:cc:b1:58:3c:4e:18:cc:63:b7:ba:73:
         3c:6b:3d:6b:29:95:02:eb:81:36:84:9f:c7:57:95:2f:69:15:
         e9:b3:5a:a3:b9:4d:66:04:34:e0:fc:79:aa:85:1a:c2:63:eb:
         3f:9a:13:7d:f5:be:69:85:3d:36:0e:30:ec:22:24:9f:b2:af:
         43:b9:c2:0f:da:4a:ab:e1:dd:11:4c:9c:01:fd:fe:3b:25:01:
         82:1a:f5:76:97:45:ca:62:c3:21:48:ec:c8:65:4e:cd:d3:85:
         a0:bf:c5:5b:10:e6:e1:4d:4f:55:0c:55:05:dc:68:6d:ac:cc:
         85:6b:3c:dd:6c:97:dd:e7:2c:9d:8d:fe:14:e5:b9:69:16:4a:
         6f:9a:31:d7:41:7c:0c:c8:ad:58:de:e2:07:0b:a3:63:d9:37:
         73:54:0e:a8:8b:de:53:23:35:8d:c7:a6:b0:a3:49:20:f4:ec:
         ae:8e:47:fa
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXlrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDE2MTAzNjEzWhcNMjUwNTA0MTAzNjEzWjAYMRYw
FAYDVQQDEw02N2ZmODgyMi00NjE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0FT5L+nL3Tgzlvmltgi9Ex/Gqhp4iKrXNj/tkpi8OFqU4C9YZLfPjhak
kkCe9hOEiH+lh7Hy7Qvuv66KPfUtbzeOEGHkpwux7Xybz9qWplHhZgoIjInDQjfH
HtR5qbLC/ztwEx6RjH3zm2+oaGFA+JqTkxGsgNCnX+PStn5Qfoe+ufYTDEiD+2Hz
G2gIrsEv9j0DrZHdGQdCDNtE7Vda8gnaYp9FIoxsDbkJXOEmzpVy7qhY1l7eA+DK
s2J2aoS0hHx2xcvbW2I/8zYn4LPV4gZ5vYe/CHq6j470hciXIpQz/OQq8E3ufVGx
wAMoySx9NzAVIIOKrM0PH7pcgx4P4wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEyl
R5y5FB7hsx7+HvlLoWJcpgXHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMTI4MERFNjFBQUUxMUYwQUI4OEI5MjI2RUI4QkNDNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsVqMA0GCSqGSIb3DQEB
CwUAA4IBAQCVgMUS8b1xjf23dvbktILMXFo0eUCOdoQWvsCh2tnYMnUJdH4+KU94
H36iULOp2P2tJ/thpFUKawA0o6WshROx3VEswUfOXBpstUbRp4LMzLFYPE4YzGO3
unM8az1rKZUC64E2hJ/HV5UvaRXps1qjuU1mBDTg/HmqhRrCY+s/mhN99b5phT02
DjDsIiSfsq9DucIP2kqr4d0RTJwB/f47JQGCGvV2l0XKYsMhSOzIZU7N04Wgv8Vb
EObhTU9VDFUF3GhtrMyFazzdbJfd5yydjf4U5blpFkpvmjHXQXwMyK1Y3uIHC6Nj
2TdzVA6oi95TIzWNx6awo0kg9Oyujkf6
-----END CERTIFICATE-----
Generated at Sat Apr 26 11:18:21 2025 by rpki-client on console.sobornost.net