Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/F2869CE2631511F1AB7816F4CE1D38B0.roa
File:                     F2869CE2631511F1AB7816F4CE1D38B0.roa (raw, json)
Hash identifier:          w337w6lFswzcMoF6XmD+yS8pjZh65kRgsDRKhjEyxsg=
Subject key identifier:   84:09:1E:9D:CD:E0:18:19:D5:30:DF:12:67:6C:13:76:A3:6C:5E:92
Certificate issuer:       /CN=F36E1028AF/serialNumber=7ECE78AE81BF4072B1DC4F6FB7E6CB9166252B34
Certificate serial:       0624
Authority key identifier: 7E:CE:78:AE:81:BF:40:72:B1:DC:4F:6F:B7:E6:CB:91:66:25:2B:34
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/fs54roG_QHKx3E9vt-bLkWYlKzQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/F2869CE2631511F1AB7816F4CE1D38B0.roa
Signing time:             Mon 08 Jun 2026 08:42:14 +0000
ROA not before:           Tue 09 Jun 2026 08:42:10 +0000
ROA not after:            Sun 09 Jun 2030 08:42:10 +0000
asID:                     29286
IP address blocks:        196.200.240.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/fs54roG_QHKx3E9vt-bLkWYlKzQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/fs54roG_QHKx3E9vt-bLkWYlKzQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/fs54roG_QHKx3E9vt-bLkWYlKzQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 13 Jun 2026 00:07:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1572 (0x624)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E1028AF, serialNumber=7ECE78AE81BF4072B1DC4F6FB7E6CB9166252B34
        Validity
            Not Before: Jun  9 08:42:10 2026 GMT
            Not After : Jun  9 08:42:10 2030 GMT
        Subject: CN=6a268066-7fc7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:0a:55:21:9a:3c:10:31:2e:c9:02:11:eb:16:
                    fe:6d:bc:a6:81:ba:75:4e:f7:66:10:0d:bb:d8:5c:
                    86:14:e1:8f:42:7c:51:dc:49:31:39:11:2f:0e:77:
                    51:c9:8e:1c:dd:63:0b:85:3c:53:8d:98:61:c3:4c:
                    a6:8e:30:02:8f:4f:bf:a9:1c:ca:d0:d6:25:8f:97:
                    ef:e1:3b:c4:7d:d6:d3:ef:bd:28:f3:b7:8c:e3:4e:
                    d6:ab:ad:bd:ef:50:82:72:7f:17:ca:76:1a:91:7d:
                    02:69:fd:ad:e9:1e:27:c1:58:b6:5b:8a:6f:54:62:
                    be:a6:df:eb:bd:5e:98:1c:f7:dd:ac:b3:8a:c6:df:
                    48:c1:4d:54:ad:76:4b:69:0c:93:61:2d:3b:93:d9:
                    54:ec:54:3a:bf:94:4b:cc:5f:60:31:26:40:a1:92:
                    c8:d0:9f:0e:18:28:14:53:63:6e:cc:39:5e:d2:fa:
                    9d:60:c0:a9:61:c1:48:07:90:37:0b:dd:92:1e:96:
                    f5:87:43:c8:7a:c4:04:52:04:c7:9e:1e:22:be:65:
                    ca:a2:08:29:9a:d2:9b:fa:2a:d3:06:10:17:f6:f2:
                    67:75:25:c4:3a:a3:ff:2b:8f:f1:91:e2:6f:1a:a8:
                    dd:1f:66:2c:b7:67:f0:7c:c4:31:96:9c:60:b4:71:
                    2e:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:09:1E:9D:CD:E0:18:19:D5:30:DF:12:67:6C:13:76:A3:6C:5E:92
            X509v3 Authority Key Identifier:
                keyid:7E:CE:78:AE:81:BF:40:72:B1:DC:4F:6F:B7:E6:CB:91:66:25:2B:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/fs54roG_QHKx3E9vt-bLkWYlKzQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/fs54roG_QHKx3E9vt-bLkWYlKzQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E1028/10D59DBCC8A411ECB5E23199F1222468/F2869CE2631511F1AB7816F4CE1D38B0.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.200.240.0/20

    Signature Algorithm: sha256WithRSAEncryption
         95:3d:a4:04:c8:39:4f:3e:4c:d8:e8:58:a1:26:8b:c4:3f:86:
         19:73:d8:13:d8:4e:a1:37:2f:06:b0:79:c4:29:dd:3c:9d:5f:
         91:78:f9:d6:4a:42:ce:5f:7e:12:5c:3b:cb:53:a0:21:a0:d1:
         cd:78:e7:ce:74:81:89:26:25:bf:21:51:bd:6a:88:2b:bc:cc:
         6d:38:80:12:9d:f1:2a:4d:00:ce:f0:60:4b:d6:5c:1a:7c:bc:
         b4:18:b0:4c:8d:9b:29:f5:df:b9:f3:7b:00:29:14:ca:d3:5b:
         d6:8a:20:ac:04:96:c6:84:1b:d0:f0:36:64:b6:32:e9:d9:e5:
         73:fe:85:55:68:4e:27:b3:5d:fe:ea:3f:69:f5:39:c8:a2:d5:
         b8:13:b8:06:f2:5f:98:5d:89:03:66:ee:e0:dc:f8:75:42:2d:
         43:bb:97:13:4a:e1:96:af:f5:6a:e0:66:3e:18:5a:96:da:6d:
         4e:5b:73:b5:0b:07:c0:ae:d5:47:f3:c8:6c:3e:8d:a2:92:49:
         66:71:1e:17:a2:ff:e5:1c:80:b6:03:21:ae:83:9d:9c:8b:90:
         73:05:c5:30:7b:ac:3e:76:67:58:39:3e:b4:77:85:cd:9c:f7:
         00:94:3b:af:e0:63:c1:31:4f:d6:b3:89:95:7e:e2:cd:9a:bc:
         7c:33:74:24
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBiQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RTEwMjhBRjExMC8GA1UEBRMoN0VDRTc4QUU4MUJGNDA3MkIxREM0RjZGQjdFNkNC
OTE2NjI1MkIzNDAeFw0yNjA2MDkwODQyMTBaFw0zMDA2MDkwODQyMTBaMBgxFjAU
BgNVBAMTDTZhMjY4MDY2LTdmYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDVClUhmjwQMS7JAhHrFv5tvKaBunVO92YQDbvYXIYU4Y9CfFHcSTE5ES8O
d1HJjhzdYwuFPFONmGHDTKaOMAKPT7+pHMrQ1iWPl+/hO8R91tPvvSjzt4zjTtar
rb3vUIJyfxfKdhqRfQJp/a3pHifBWLZbim9UYr6m3+u9Xpgc992ss4rG30jBTVSt
dktpDJNhLTuT2VTsVDq/lEvMX2AxJkChksjQnw4YKBRTY27MOV7S+p1gwKlhwUgH
kDcL3ZIelvWHQ8h6xARSBMeeHiK+ZcqiCCma0pv6KtMGEBf28md1JcQ6o/8rj/GR
4m8aqN0fZiy3Z/B8xDGWnGC0cS5zAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUhAke
nc3gGBnVMN8SZ2wTdqNsXpIwHwYDVR0jBBgwFoAUfs54roG/QHKx3E9vt+bLkWYl
KzQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUxMDI4LzEwRDU5REJDQzhBNDExRUNCNUUyMzE5OUYxMjIyNDY4L2ZzNTRy
b0dfUUhLeDNFOXZ0LWJMa1dZbEt6US5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2ZzNTRyb0dfUUhLeDNFOXZ0LWJMa1dZbEt6US5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUxMDI4LzEwRDU5REJDQzhBNDExRUNCNUUyMzE5OUYx
MjIyNDY4L0YyODY5Q0UyNjMxNTExRjFBQjc4MTZGNENFMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATEyPAwDQYJKoZIhvcNAQEL
BQADggEBAJU9pATIOU8+TNjoWKEmi8Q/hhlz2BPYTqE3LwawecQp3TydX5F4+dZK
Qs5ffhJcO8tToCGg0c145850gYkmJb8hUb1qiCu8zG04gBKd8SpNAM7wYEvWXBp8
vLQYsEyNmyn137nzewApFMrTW9aKIKwElsaEG9DwNmS2MunZ5XP+hVVoTiezXf7q
P2n1Ocii1bgTuAbyX5hdiQNm7uDc+HVCLUO7lxNK4Zav9WrgZj4YWpbabU5bc7UL
B8Cu1UfzyGw+jaKSSWZxHhei/+UcgLYDIa6DnZyLkHMFxTB7rD52Z1g5PrR3hc2c
9wCUO6/gY8ExT9aziZV+4s2avHwzdCQ=
-----END CERTIFICATE-----