Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CABBE16A1F4E11F091B373ECDAE4EC9C.roa
File:                     CABBE16A1F4E11F091B373ECDAE4EC9C.roa (raw, json)
Hash identifier:          tMKUA2jqb2+ZXVj4EekY9s+vFAyy1pe+FDhK3lwPnn8=
Subject key identifier:   93:8A:80:EE:9E:95:A1:B2:C3:6F:61:65:9B:68:07:B7:57:AA:03:05
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       017A70
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CABBE16A1F4E11F091B373ECDAE4EC9C.roa
Signing time:             Tue 22 Apr 2025 07:52:52 +0000
ROA not before:           Tue 22 Apr 2025 07:52:47 +0000
ROA not after:            Tue 27 May 2025 07:52:47 +0000
asID:                     137899
IP address blocks:        154.219.96.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 30 Apr 2025 00:06:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 96880 (0x17a70)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Apr 22 07:52:47 2025 GMT
            Not After : May 27 07:52:47 2025 GMT
        Subject: CN=68074ad4-ad78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:c3:aa:61:db:06:71:d4:3f:10:2c:8e:7a:06:
                    b0:f0:6c:b2:fc:a1:74:6b:52:6e:83:d8:42:87:a6:
                    44:85:22:0c:b7:ab:d5:87:65:dc:67:20:6c:4a:a5:
                    6e:04:06:04:b7:4e:cb:c3:53:c5:50:6d:0b:6a:56:
                    5e:16:41:ef:a7:ef:9d:98:23:f5:e0:bf:e8:76:21:
                    84:f8:24:b1:38:e4:a8:a2:de:c8:ef:1f:16:58:60:
                    b7:b3:d1:0e:b9:8e:b3:fc:42:2d:b3:49:4d:fa:7e:
                    9e:cc:f9:84:f3:e1:d3:6f:58:30:61:63:d6:c8:8e:
                    3f:d0:16:64:cb:a5:79:30:d8:3d:37:a9:b2:8d:ba:
                    3e:e7:bc:bc:55:7b:87:02:ee:d8:56:7d:99:5c:30:
                    b8:45:49:bb:02:c6:3d:af:20:2c:b0:5a:86:13:81:
                    b2:8d:bf:e3:6e:7f:b1:f2:c5:dc:78:65:4e:58:1b:
                    b8:65:d0:8b:93:49:1c:55:cf:0c:d5:9a:75:09:35:
                    4b:4c:db:27:6e:c3:3f:ab:ea:0c:15:1e:32:cd:83:
                    50:f4:8e:a5:cf:cb:34:82:0c:37:d2:a8:87:25:9d:
                    6e:4a:0f:48:7d:d0:f3:18:b6:fe:0f:5d:8b:0f:c6:
                    ce:da:c4:95:24:2c:3a:17:e1:d7:47:6d:84:34:b4:
                    a0:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:8A:80:EE:9E:95:A1:B2:C3:6F:61:65:9B:68:07:B7:57:AA:03:05
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CABBE16A1F4E11F091B373ECDAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.219.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         81:5e:c3:9c:ff:0f:d4:41:b8:d8:6f:ef:48:06:b6:d8:0b:59:
         74:7c:8a:d8:78:aa:98:f0:98:18:ca:04:8f:3c:64:d3:29:bd:
         ae:33:6f:eb:6d:c3:66:03:d2:9e:51:ac:b4:04:3d:1a:23:97:
         db:87:f9:7f:6e:af:73:f3:d6:75:27:47:51:d3:19:1f:7a:f9:
         99:5d:ec:da:6c:54:63:fb:09:e6:2f:6c:0a:ef:2f:7a:8f:01:
         60:d9:40:bf:c2:b2:e0:be:59:4e:ce:68:e5:99:8d:87:c0:6d:
         b2:9c:c6:4c:f0:92:89:58:ad:59:3b:03:d6:58:d9:6e:09:63:
         3c:99:b5:a0:65:f4:57:e3:07:49:fd:0c:9c:a0:64:04:46:7c:
         de:5b:30:22:23:24:23:73:85:5a:76:7c:66:59:3b:6c:46:25:
         04:d3:a7:bd:ff:b0:f0:80:aa:54:97:ef:a8:37:ad:71:aa:92:
         1e:38:df:52:11:54:49:0a:70:66:1b:99:84:2a:dd:1b:a2:d3:
         c7:3e:f4:91:55:43:e7:c3:53:28:83:8c:a5:1d:f9:ab:94:d8:
         e8:ea:7b:34:16:b2:b2:71:a0:59:ae:89:42:f1:a1:40:f8:58:
         ce:a2:6b:19:f3:4c:88:5d:7b:c2:dd:a9:48:2f:93:bc:f3:e6:
         0b:27:a1:72
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXpwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDIyMDc1MjQ3WhcNMjUwNTI3MDc1MjQ3WjAYMRYw
FAYDVQQDEw02ODA3NGFkNC1hZDc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqsOqYdsGcdQ/ECyOegaw8Gyy/KF0a1Jug9hCh6ZEhSIMt6vVh2XcZyBs
SqVuBAYEt07Lw1PFUG0LalZeFkHvp++dmCP14L/odiGE+CSxOOSoot7I7x8WWGC3
s9EOuY6z/EIts0lN+n6ezPmE8+HTb1gwYWPWyI4/0BZky6V5MNg9N6myjbo+57y8
VXuHAu7YVn2ZXDC4RUm7AsY9ryAssFqGE4Gyjb/jbn+x8sXceGVOWBu4ZdCLk0kc
Vc8M1Zp1CTVLTNsnbsM/q+oMFR4yzYNQ9I6lz8s0ggw30qiHJZ1uSg9IfdDzGLb+
D12LD8bO2sSVJCw6F+HXR22ENLSgBQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJOK
gO6elaGyw29hZZtoB7dXqgMFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQUJCRTE2QTFGNEUxMUYwOTFCMzczRUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmttgMA0GCSqGSIb3DQEB
CwUAA4IBAQCBXsOc/w/UQbjYb+9IBrbYC1l0fIrYeKqY8JgYygSPPGTTKb2uM2/r
bcNmA9KeUay0BD0aI5fbh/l/bq9z89Z1J0dR0xkfevmZXezabFRj+wnmL2wK7y96
jwFg2UC/wrLgvllOzmjlmY2HwG2ynMZM8JKJWK1ZOwPWWNluCWM8mbWgZfRX4wdJ
/QycoGQERnzeWzAiIyQjc4VadnxmWTtsRiUE06e9/7DwgKpUl++oN61xqpIeON9S
EVRJCnBmG5mEKt0botPHPvSRVUPnw1Mog4ylHfmrlNjo6ns0FrKycaBZrolC8aFA
+FjOomsZ80yIXXvC3alIL5O88+YLJ6Fy
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:57:30 2025 by rpki-client on console.sobornost.net