Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/639B8948582B11F09C9191C4DAE4EC9C.roa
File:                     639B8948582B11F09C9191C4DAE4EC9C.roa (raw, json)
Hash identifier:          bR5HPR1uB5A3pUPtLMp4f5jA1hg81oOVbLGlF7vSFUE=
Subject key identifier:   87:62:56:0C:BB:E0:88:59:06:49:D3:51:9A:70:96:42:E9:98:71:DF
Certificate issuer:       /CN=F369591CAF/serialNumber=C1090D37DA9FFEEE1A9C229BAFF1190BD22E8934
Certificate serial:       03A3
Authority key identifier: C1:09:0D:37:DA:9F:FE:EE:1A:9C:22:9B:AF:F1:19:0B:D2:2E:89:34
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/639B8948582B11F09C9191C4DAE4EC9C.roa
Signing time:             Thu 03 Jul 2025 16:33:03 +0000
ROA not before:           Thu 03 Jul 2025 16:32:58 +0000
ROA not after:            Tue 31 Dec 2030 16:32:58 +0000
asID:                     15964
IP address blocks:        154.72.173.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 06 Jul 2025 03:36:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 931 (0x3a3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369591CAF, serialNumber=C1090D37DA9FFEEE1A9C229BAFF1190BD22E8934
        Validity
            Not Before: Jul  3 16:32:58 2025 GMT
            Not After : Dec 31 16:32:58 2030 GMT
        Subject: CN=6866b0bf-1dc6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:a2:73:d3:d1:8a:4e:4e:5c:20:21:eb:e3:ff:
                    5e:70:ed:10:9d:1c:6b:f4:23:7b:8a:c2:38:c9:a1:
                    69:20:34:7a:b3:48:c8:45:7d:1a:18:44:7e:bb:76:
                    51:00:04:ae:96:00:3f:83:18:eb:68:a4:93:76:d9:
                    31:5f:ec:11:23:82:80:34:4a:f5:0c:38:f9:71:6a:
                    a5:89:cd:62:bd:b0:0f:1a:61:65:0f:98:d6:7f:55:
                    f7:59:4b:83:6f:73:1d:ac:e9:cb:0d:01:38:a0:5b:
                    fb:ee:43:ce:57:24:98:b6:7d:4c:0b:50:2d:c5:e1:
                    16:8f:36:4c:49:df:07:5a:9f:8a:ae:f7:c1:3f:99:
                    81:32:f4:85:e4:6e:1c:13:69:60:26:6c:7e:e1:8d:
                    1a:f5:2e:ad:83:58:3c:1e:da:d6:27:49:af:7e:55:
                    8f:e8:c8:8a:c2:b5:ff:9f:96:9f:84:10:3d:9e:3a:
                    f0:8f:c3:b7:8d:bf:c8:7e:18:c7:0f:c3:1e:75:8e:
                    f9:94:a8:48:96:e5:b5:b7:92:66:83:12:02:f5:8c:
                    95:57:f0:01:c6:dd:d0:ff:02:69:2f:a9:28:f3:25:
                    b7:79:d4:ac:4d:fd:3e:87:a3:77:23:92:ba:17:99:
                    2e:e0:ec:06:11:f4:5f:8c:de:3c:b8:11:c4:0c:e6:
                    b2:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:62:56:0C:BB:E0:88:59:06:49:D3:51:9A:70:96:42:E9:98:71:DF
            X509v3 Authority Key Identifier:
                keyid:C1:09:0D:37:DA:9F:FE:EE:1A:9C:22:9B:AF:F1:19:0B:D2:2E:89:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/wQkNN9qf_u4anCKbr_EZC9IuiTQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/wQkNN9qf_u4anCKbr_EZC9IuiTQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/3474032EC24711EDAFA6C79FF1222468/639B8948582B11F09C9191C4DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.72.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:97:6b:96:07:ae:16:8e:26:31:41:9a:62:c5:18:41:d3:4c:
         c7:ab:17:61:9d:a8:a5:e4:8c:88:ac:75:2f:14:46:c9:f0:a5:
         9a:9c:56:fc:d1:fa:d6:68:84:5f:f4:e3:47:02:1f:e3:a6:1d:
         88:f4:6f:0a:8a:52:79:45:a1:4a:60:83:93:47:08:b6:25:30:
         49:0b:8a:32:af:fc:87:b3:02:6d:b5:08:bb:51:93:4e:2a:85:
         cc:28:fd:fd:09:a2:06:69:0e:75:bf:ef:4b:48:53:1b:7b:0c:
         92:14:5a:af:f0:15:e2:c7:32:c0:13:f8:83:be:29:fb:c5:62:
         b5:a4:b5:7e:f7:15:cf:5c:38:5b:9f:9d:d5:bc:0c:73:7d:d7:
         e8:be:b4:c4:dc:60:be:cd:90:24:9b:52:30:fe:44:6a:60:1a:
         fe:8d:af:03:a6:63:b8:c2:ee:89:89:83:5b:52:4b:1a:b4:81:
         60:e7:82:60:f1:68:5d:ed:9c:bb:1e:b9:82:78:f0:56:23:13:
         88:8f:f0:d1:19:41:0f:62:9d:27:f7:8f:e6:4e:50:9f:04:8c:
         3f:36:da:98:b6:5b:29:28:6c:da:6d:23:2d:c4:67:62:14:a9:
         b0:35:b9:d4:53:d9:ad:48:c7:5c:bb:0b:67:ba:70:fb:38:d3:
         ee:9f:7a:cb
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICA6MwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTU5MUNBRjExMC8GA1UEBRMoQzEwOTBEMzdEQTlGRkVFRTFBOUMyMjlCQUZGMTE5
MEJEMjJFODkzNDAeFw0yNTA3MDMxNjMyNThaFw0zMDEyMzExNjMyNThaMBgxFjAU
BgNVBAMTDTY4NjZiMGJmLTFkYzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDQonPT0YpOTlwgIevj/15w7RCdHGv0I3uKwjjJoWkgNHqzSMhFfRoYRH67
dlEABK6WAD+DGOtopJN22TFf7BEjgoA0SvUMOPlxaqWJzWK9sA8aYWUPmNZ/VfdZ
S4Nvcx2s6csNATigW/vuQ85XJJi2fUwLUC3F4RaPNkxJ3wdan4qu98E/mYEy9IXk
bhwTaWAmbH7hjRr1Lq2DWDwe2tYnSa9+VY/oyIrCtf+flp+EED2eOvCPw7eNv8h+
GMcPwx51jvmUqEiW5bW3kmaDEgL1jJVX8AHG3dD/AmkvqSjzJbd51KxN/T6Ho3cj
kroXmS7g7AYR9F+M3jy4EcQM5rJ3AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUh2JW
DLvgiFkGSdNRmnCWQumYcd8wHwYDVR0jBBgwFoAUwQkNN9qf/u4anCKbr/EZC9Iu
iTQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk1OTFDLzM0NzQwMzJFQzI0NzExRURBRkE2Qzc5RkYxMjIyNDY4L3dRa05O
OXFmX3U0YW5DS2JyX0VaQzlJdWlUUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3dRa05OOXFmX3U0YW5DS2JyX0VaQzlJdWlUUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk1OTFDLzM0NzQwMzJFQzI0NzExRURBRkE2Qzc5RkYx
MjIyNDY4LzYzOUI4OTQ4NTgyQjExRjA5QzkxOTFDNERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaSK0wDQYJKoZIhvcNAQEL
BQADggEBABaXa5YHrhaOJjFBmmLFGEHTTMerF2GdqKXkjIisdS8URsnwpZqcVvzR
+tZohF/040cCH+OmHYj0bwqKUnlFoUpgg5NHCLYlMEkLijKv/IezAm21CLtRk04q
hcwo/f0JogZpDnW/70tIUxt7DJIUWq/wFeLHMsAT+IO+KfvFYrWktX73Fc9cOFuf
ndW8DHN91+i+tMTcYL7NkCSbUjD+RGpgGv6NrwOmY7jC7omJg1tSSxq0gWDngmDx
aF3tnLseuYJ48FYjE4iP8NEZQQ9inSf3j+ZOUJ8EjD822pi2WykobNptIy3EZ2IU
qbA1udRT2a1Ix1y7C2e6cPs40+6fess=
-----END CERTIFICATE-----
Generated at Fri Jul 4 13:35:51 2025 by rpki-client