Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36862C7/51F2BC40F0F411EBB1823F30D8A014CE/9CCFAF803B0E11F086191DD3DAE4EC9C.roa
File:                     9CCFAF803B0E11F086191DD3DAE4EC9C.roa (raw, json)
Hash identifier:          LpuWWsVevaLsONGBPOWroSuUfwidPT8wZ+6qZPVLZQI=
Subject key identifier:   F5:DA:18:85:F7:5E:B5:64:70:07:3F:28:EF:BA:5A:BA:9E:FE:C7:98
Certificate issuer:       /CN=F36862C7AF/serialNumber=D154ABC2A31E0FD603D7C705CC0F95DD1A9CE208
Certificate serial:       05A1
Authority key identifier: D1:54:AB:C2:A3:1E:0F:D6:03:D7:C7:05:CC:0F:95:DD:1A:9C:E2:08
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/0VSrwqMeD9YD18cFzA-V3Rqc4gg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36862C7/51F2BC40F0F411EBB1823F30D8A014CE/9CCFAF803B0E11F086191DD3DAE4EC9C.roa
Signing time:             Tue 27 May 2025 15:24:00 +0000
ROA not before:           Tue 27 May 2025 15:23:55 +0000
ROA not after:            Mon 31 Dec 2035 15:23:55 +0000
asID:                     37334
IP address blocks:        41.76.96.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36862C7/51F2BC40F0F411EBB1823F30D8A014CE/0VSrwqMeD9YD18cFzA-V3Rqc4gg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36862C7/51F2BC40F0F411EBB1823F30D8A014CE/0VSrwqMeD9YD18cFzA-V3Rqc4gg.mft
                          rsync://rpki.afrinic.net/repository/afrinic/0VSrwqMeD9YD18cFzA-V3Rqc4gg.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 12 Jun 2025 00:06:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1441 (0x5a1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36862C7AF, serialNumber=D154ABC2A31E0FD603D7C705CC0F95DD1A9CE208
        Validity
            Not Before: May 27 15:23:55 2025 GMT
            Not After : Dec 31 15:23:55 2035 GMT
        Subject: CN=6835d910-f896
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:8c:c6:6f:ce:55:a5:c0:b5:e9:62:7f:31:48:
                    30:a3:ae:f5:22:bd:2e:de:28:aa:cc:1e:ca:b0:27:
                    09:fc:a5:b9:81:03:ef:d5:5b:af:c4:75:41:91:59:
                    2b:35:64:a3:57:cc:e8:f4:b6:ce:f3:03:a6:03:79:
                    84:c4:6a:57:b0:23:2a:fb:4c:79:2d:87:74:b3:c3:
                    a3:7c:d4:23:9b:d3:dc:bf:f1:59:85:71:fe:99:95:
                    00:fe:67:3f:d3:8f:a0:b0:34:22:79:5c:05:75:ee:
                    a2:77:68:c7:25:9e:5a:c7:19:46:54:19:b2:ea:c5:
                    5f:58:60:53:73:b7:85:9e:6a:c2:96:b8:f1:57:22:
                    27:cc:00:63:b5:9f:19:95:bd:22:4f:53:96:5b:e4:
                    49:5b:b4:b5:64:fe:3a:19:a6:d8:3d:8d:c9:fe:a5:
                    73:8f:34:a7:11:62:19:ed:dc:10:6e:f8:8a:ec:76:
                    0c:e1:6e:54:45:e9:22:ff:73:a2:a9:90:d2:53:19:
                    a7:b7:8d:c2:da:03:98:61:57:e4:d6:2c:f5:0c:77:
                    f0:b2:10:fa:6b:f8:d7:51:fd:d1:2e:16:75:90:9a:
                    d0:b3:0d:dc:1e:07:a9:41:20:55:e6:9f:c9:4b:20:
                    73:9f:1f:2f:ff:97:36:08:eb:85:a3:76:75:d6:6a:
                    4f:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:DA:18:85:F7:5E:B5:64:70:07:3F:28:EF:BA:5A:BA:9E:FE:C7:98
            X509v3 Authority Key Identifier:
                keyid:D1:54:AB:C2:A3:1E:0F:D6:03:D7:C7:05:CC:0F:95:DD:1A:9C:E2:08

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36862C7/51F2BC40F0F411EBB1823F30D8A014CE/0VSrwqMeD9YD18cFzA-V3Rqc4gg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/0VSrwqMeD9YD18cFzA-V3Rqc4gg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36862C7/51F2BC40F0F411EBB1823F30D8A014CE/9CCFAF803B0E11F086191DD3DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.76.96.0/21

    Signature Algorithm: sha256WithRSAEncryption
         85:23:c5:7d:9b:83:fe:e9:3c:bf:c2:cd:5c:d7:cb:2a:45:99:
         38:c8:5d:33:7b:ba:52:93:fa:50:7d:17:9d:4d:df:6a:98:da:
         25:da:c9:91:cd:9e:ca:14:b5:b6:28:1c:64:e4:21:dd:cb:1e:
         5d:45:76:ad:19:ba:c6:5e:67:3a:56:60:de:2b:4a:d0:c8:35:
         6d:55:cd:0c:1a:40:a4:02:d6:6d:bf:69:d4:8b:9d:e6:0a:ca:
         34:4f:09:31:9e:ff:59:a8:0f:92:60:bd:9f:26:f7:0d:fb:e6:
         53:08:97:68:cc:49:bf:52:4e:6f:7e:53:36:c2:04:14:a6:d4:
         d6:9a:15:05:82:1b:03:62:8b:20:39:ac:43:38:cf:1c:c4:d4:
         51:f0:14:98:d3:88:22:4e:e8:7b:76:43:03:9d:20:be:16:b4:
         54:89:fb:82:c9:a4:d2:18:18:8b:d1:af:a5:10:8b:2e:d8:c6:
         e1:fc:67:20:63:67:c4:e3:8b:ad:fc:3f:de:aa:28:06:57:1d:
         72:73:aa:a5:51:c4:5d:b6:10:42:3e:c5:2d:af:de:72:53:c5:
         d6:c3:9a:01:7b:d6:da:95:f0:4b:cb:ed:10:5e:1d:bf:e3:72:
         2f:8f:51:ed:6b:a3:e7:32:a8:ed:6b:00:5e:a1:c0:d5:ce:93:
         ab:fe:7c:f1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBaEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODYyQzdBRjExMC8GA1UEBRMoRDE1NEFCQzJBMzFFMEZENjAzRDdDNzA1Q0MwRjk1
REQxQTlDRTIwODAeFw0yNTA1MjcxNTIzNTVaFw0zNTEyMzExNTIzNTVaMBgxFjAU
BgNVBAMTDTY4MzVkOTEwLWY4OTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDajMZvzlWlwLXpYn8xSDCjrvUivS7eKKrMHsqwJwn8pbmBA+/VW6/EdUGR
WSs1ZKNXzOj0ts7zA6YDeYTEalewIyr7THkth3Szw6N81COb09y/8VmFcf6ZlQD+
Zz/Tj6CwNCJ5XAV17qJ3aMclnlrHGUZUGbLqxV9YYFNzt4WeasKWuPFXIifMAGO1
nxmVvSJPU5Zb5ElbtLVk/joZptg9jcn+pXOPNKcRYhnt3BBu+IrsdgzhblRF6SL/
c6KpkNJTGae3jcLaA5hhV+TWLPUMd/CyEPpr+NdR/dEuFnWQmtCzDdweB6lBIFXm
n8lLIHOfHy//lzYI64WjdnXWak9ZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU9doY
hfdetWRwBz8o77paup7+x5gwHwYDVR0jBBgwFoAU0VSrwqMeD9YD18cFzA+V3Rqc
4ggwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjg2MkM3LzUxRjJCQzQwRjBGNDExRUJCMTgyM0YzMEQ4QTAxNENFLzBWU3J3
cU1lRDlZRDE4Y0Z6QS1WM1JxYzRnZy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzBWU3J3cU1lRDlZRDE4Y0Z6QS1WM1JxYzRnZy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjg2MkM3LzUxRjJCQzQwRjBGNDExRUJCMTgyM0YzMEQ4
QTAxNENFLzlDQ0ZBRjgwM0IwRTExRjA4NjE5MUREM0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMpTGAwDQYJKoZIhvcNAQEL
BQADggEBAIUjxX2bg/7pPL/CzVzXyypFmTjIXTN7ulKT+lB9F51N32qY2iXayZHN
nsoUtbYoHGTkId3LHl1Fdq0ZusZeZzpWYN4rStDINW1VzQwaQKQC1m2/adSLneYK
yjRPCTGe/1moD5JgvZ8m9w375lMIl2jMSb9STm9+UzbCBBSm1NaaFQWCGwNiiyA5
rEM4zxzE1FHwFJjTiCJO6Ht2QwOdIL4WtFSJ+4LJpNIYGIvRr6UQiy7YxuH8ZyBj
Z8Tji638P96qKAZXHXJzqqVRxF22EEI+xS2v3nJTxdbDmgF71tqV8EvL7RBeHb/j
ci+PUe1ro+cyqO1rAF6hwNXOk6v+fPE=
-----END CERTIFICATE-----
Generated at Tue Jun 10 10:32:19 2025 by rpki-client