Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/F5D219905CAD11F0A4E9D9ACDAE4EC9C.roa
File:                     F5D219905CAD11F0A4E9D9ACDAE4EC9C.roa (raw, json)
Hash identifier:          E0mIDm1W7m6U3cc2aBTow4RrHyw/dh4ay5EbgUAHlvk=
Subject key identifier:   A5:D6:6C:FE:A6:05:92:B9:0C:38:F6:7E:A2:5A:06:FF:20:AF:99:EB
Certificate issuer:       /CN=F369591CAF/serialNumber=C1090D37DA9FFEEE1A9C229BAFF1190BD22E8934
Certificate serial:       03AD
Authority key identifier: C1:09:0D:37:DA:9F:FE:EE:1A:9C:22:9B:AF:F1:19:0B:D2:2E:89:34
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/F5D219905CAD11F0A4E9D9ACDAE4EC9C.roa
Signing time:             Wed 09 Jul 2025 10:17:48 +0000
ROA not before:           Wed 09 Jul 2025 10:17:43 +0000
ROA not after:            Tue 31 Dec 2030 10:17:43 +0000
asID:                     15964
IP address blocks:        197.159.29.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 29 Jul 2025 00:06:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 941 (0x3ad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369591CAF, serialNumber=C1090D37DA9FFEEE1A9C229BAFF1190BD22E8934
        Validity
            Not Before: Jul  9 10:17:43 2025 GMT
            Not After : Dec 31 10:17:43 2030 GMT
        Subject: CN=686e41cb-3f77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:c7:96:21:19:44:db:41:03:19:91:54:1c:90:
                    0a:eb:69:fe:39:da:21:45:3d:47:01:61:28:e1:08:
                    ff:04:07:5a:58:79:67:a2:48:04:c4:42:6d:6f:86:
                    04:db:2c:77:ce:d8:76:a1:de:03:28:19:5b:ed:be:
                    81:62:51:77:c2:95:e1:ad:93:72:83:b1:b2:6d:85:
                    e5:f0:c0:eb:f6:4a:07:41:91:03:e3:a3:97:77:df:
                    aa:05:b9:44:57:ba:d6:5d:31:11:e5:a4:40:9e:8f:
                    e7:0e:38:50:c5:00:a8:2f:cd:ba:7c:eb:e1:31:3c:
                    4f:37:18:ef:85:3c:d4:b2:dd:fc:12:6e:1c:bd:b4:
                    60:a4:32:56:0c:b5:cd:aa:85:1e:f6:57:c7:7f:bf:
                    6a:0f:de:ae:6b:45:eb:ac:6c:88:19:d1:df:0f:29:
                    a0:78:7b:49:c3:74:73:5e:05:65:3c:37:15:6e:8f:
                    b6:e8:3c:a2:72:79:c7:b2:5a:d6:43:a2:6d:62:ee:
                    22:8d:69:3e:15:f8:b0:15:20:90:69:db:f1:84:ec:
                    91:7b:90:1c:99:db:ce:36:a1:92:da:24:82:c2:c7:
                    10:98:15:40:27:3d:6a:59:2b:f0:4b:a9:9b:16:7d:
                    6e:aa:f4:49:db:a0:a1:aa:1f:ae:98:28:28:58:e5:
                    7a:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:D6:6C:FE:A6:05:92:B9:0C:38:F6:7E:A2:5A:06:FF:20:AF:99:EB
            X509v3 Authority Key Identifier:
                keyid:C1:09:0D:37:DA:9F:FE:EE:1A:9C:22:9B:AF:F1:19:0B:D2:2E:89:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/F5D219905CAD11F0A4E9D9ACDAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  197.159.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:d1:78:13:a2:d4:1c:de:70:f2:55:03:95:0d:05:04:3a:d1:
         cd:6c:75:7b:cb:6b:e0:2f:c1:7a:07:6a:fc:42:12:42:84:e1:
         0e:b1:aa:98:34:e9:ac:a7:a7:af:1e:bd:a2:ca:29:82:cf:3e:
         8a:6f:46:91:27:9c:37:bf:4f:c4:10:3b:b2:5a:e8:e2:c9:c5:
         8d:31:0b:e5:5e:1e:a2:69:ec:de:40:ce:ea:fb:01:39:ef:31:
         ab:95:3e:6b:be:2b:ca:f1:3c:b7:fb:50:97:88:04:7a:ff:24:
         92:13:cc:1d:87:1a:6a:ff:7a:7b:9f:ff:be:e2:d5:14:3b:ee:
         0a:3f:c1:a7:ff:f8:ff:df:94:b0:7b:4b:65:03:c6:04:9a:95:
         69:7a:40:84:e6:e4:a1:ae:d3:79:d2:79:dc:53:0c:92:1d:21:
         31:56:f3:55:9e:82:52:e3:fc:75:d1:c4:15:0f:4f:ab:f5:5a:
         5e:eb:6c:1a:fa:4b:c6:b8:ec:1c:d8:0b:7c:91:e6:e9:d2:3d:
         a3:9d:49:5b:68:4d:ad:d5:4d:1d:bd:1b:a5:ea:db:75:3a:5c:
         57:a4:ca:36:3a:6a:28:6b:79:73:95:08:2e:a9:b4:11:33:4d:
         4b:83:02:2d:40:a0:43:88:62:eb:61:30:42:fd:61:04:78:5f:
         3f:42:6a:33
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICA60wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTU5MUNBRjExMC8GA1UEBRMoQzEwOTBEMzdEQTlGRkVFRTFBOUMyMjlCQUZGMTE5
MEJEMjJFODkzNDAeFw0yNTA3MDkxMDE3NDNaFw0zMDEyMzExMDE3NDNaMBgxFjAU
BgNVBAMTDTY4NmU0MWNiLTNmNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCcx5YhGUTbQQMZkVQckArraf452iFFPUcBYSjhCP8EB1pYeWeiSATEQm1v
hgTbLHfO2Hah3gMoGVvtvoFiUXfCleGtk3KDsbJtheXwwOv2SgdBkQPjo5d336oF
uURXutZdMRHlpECej+cOOFDFAKgvzbp86+ExPE83GO+FPNSy3fwSbhy9tGCkMlYM
tc2qhR72V8d/v2oP3q5rReusbIgZ0d8PKaB4e0nDdHNeBWU8NxVuj7boPKJyecey
WtZDom1i7iKNaT4V+LAVIJBp2/GE7JF7kByZ2842oZLaJILCxxCYFUAnPWpZK/BL
qZsWfW6q9EnboKGqH66YKChY5XoFAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUpdZs
/qYFkrkMOPZ+oloG/yCvmeswHwYDVR0jBBgwFoAUwQkNN9qf/u4anCKbr/EZC9Iu
iTQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk1OTFDLzM0NzQwMzJFQzI0NzExRURBRkE2Qzc5RkYxMjIyNDY4L3dRa05O
OXFmX3U0YW5DS2JyX0VaQzlJdWlUUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3dRa05OOXFmX3U0YW5DS2JyX0VaQzlJdWlUUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk1OTFDLzM0NzQwMzJFQzI0NzExRURBRkE2Qzc5RkYx
MjIyNDY4L0Y1RDIxOTkwNUNBRDExRjBBNEU5RDlBQ0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADFnx0wDQYJKoZIhvcNAQEL
BQADggEBAK7ReBOi1BzecPJVA5UNBQQ60c1sdXvLa+AvwXoHavxCEkKE4Q6xqpg0
6aynp68evaLKKYLPPopvRpEnnDe/T8QQO7Ja6OLJxY0xC+VeHqJp7N5Azur7ATnv
MauVPmu+K8rxPLf7UJeIBHr/JJITzB2HGmr/enuf/77i1RQ77go/waf/+P/flLB7
S2UDxgSalWl6QITm5KGu03nSedxTDJIdITFW81WeglLj/HXRxBUPT6v1Wl7rbBr6
S8a47BzYC3yR5unSPaOdSVtoTa3VTR29G6Xq23U6XFekyjY6aihreXOVCC6ptBEz
TUuDAi1AoEOIYuthMEL9YQR4Xz9CajM=
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:57:49 2025 by rpki-client