Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/502F0294501B11F0B9C9E2DDDAE4EC9C.roa
File: 502F0294501B11F0B9C9E2DDDAE4EC9C.roa (raw, json)
Hash identifier: CKRjIJYLmRGQ339/TEo4YQrS++Qv3JCDISoMaehhxuA=
Subject key identifier: B8:49:56:25:89:EB:B2:F3:96:99:48:2A:FB:58:0E:D1:62:BE:E4:6E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015DE6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/502F0294501B11F0B9C9E2DDDAE4EC9C.roa
Signing time: Mon 23 Jun 2025 10:17:49 +0000
ROA not before: Mon 23 Jun 2025 10:17:45 +0000
ROA not after: Tue 19 Aug 2025 10:17:45 +0000
asID: 139923
IP address blocks: 156.254.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:26:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89574 (0x15de6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 23 10:17:45 2025 GMT
Not After : Aug 19 10:17:45 2025 GMT
Subject: CN=685929cd-b45f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:af:09:f7:78:f8:b7:ed:25:fc:e2:41:49:64:
a7:b4:21:7b:d3:eb:8f:a5:17:fb:ca:af:33:7d:7e:
16:40:0d:7b:c6:26:33:59:81:c2:9c:19:7d:12:d1:
4e:ce:e5:65:59:80:89:e8:9f:a6:b6:9f:37:6a:f6:
b4:15:f2:f0:1b:3a:00:d8:cc:f2:4a:0f:a5:cd:04:
cc:b3:e1:4c:70:60:80:e8:96:9c:a4:c2:35:6e:c8:
b1:84:c3:1c:59:7d:b0:59:07:90:6d:4e:ab:dd:96:
88:8f:fa:b8:87:9c:05:47:43:52:4e:d6:47:24:97:
b8:8d:05:ab:19:7c:6c:92:f1:8d:28:8e:49:0e:75:
e6:bd:c2:b7:bc:97:11:7d:cd:cb:a4:6d:d0:69:27:
eb:1c:0b:29:74:96:79:a4:17:1f:af:17:ea:4f:df:
78:a6:21:51:9e:08:f2:3b:76:9d:9f:2e:55:15:8b:
1e:66:30:07:84:67:00:24:fc:b3:93:db:75:f4:59:
98:17:61:29:d6:cc:16:4a:e1:22:44:90:9e:9e:3b:
a1:4e:de:06:9d:97:dd:60:5b:e8:f6:d0:32:b3:9c:
a8:7c:d9:6c:ef:37:83:8c:54:6b:cc:5a:1d:d7:ae:
4e:cd:20:8c:12:27:1d:84:37:0a:70:df:05:62:db:
6f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:49:56:25:89:EB:B2:F3:96:99:48:2A:FB:58:0E:D1:62:BE:E4:6E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/502F0294501B11F0B9C9E2DDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.5.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:90:1a:d4:d4:ed:92:81:2c:28:ef:ea:a9:c4:6b:77:32:61:
71:00:64:60:ea:21:b8:4b:24:fd:de:8f:c0:3d:83:d4:e4:03:
69:cf:8d:b0:d9:15:cc:0c:f5:6c:50:31:4c:54:21:d5:e4:b3:
14:13:df:d3:66:e0:ad:6e:4d:a3:54:d1:ca:e2:ab:7b:4f:9e:
e4:4a:e3:8c:05:49:58:98:3a:d5:b5:e8:79:0f:bb:fa:9a:30:
08:56:ea:f3:e9:0c:53:00:0b:1c:cc:43:3e:33:a3:b8:b3:01:
d6:2d:08:aa:23:e2:c1:d7:b8:15:ae:46:ac:d1:7c:bd:c0:f1:
78:70:e8:8e:fc:a6:a3:df:9b:f5:fc:a5:63:b3:da:2a:83:36:
0c:1c:25:d1:a7:72:64:c5:b8:7f:ef:0e:db:07:47:76:71:dd:
df:6c:95:56:b5:de:7b:6a:60:88:e8:94:14:e2:34:f1:a4:97:
b4:46:ca:0b:f4:03:83:55:e1:32:b1:29:60:ac:e9:b4:09:01:
36:f1:56:90:0d:3b:c3:4a:d6:ee:4c:ca:70:d2:ec:23:d9:c7:
d9:90:3a:79:0c:d4:c2:f4:d3:a8:8d:59:0a:80:09:57:b8:a7:
c6:a5:68:e9:e2:93:9f:ee:40:7d:c6:19:85:ae:c2:40:05:c7:
ef:7e:d2:87
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAV3mMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjIzMTAxNzQ1WhcNMjUwODE5MTAxNzQ1WjAYMRYw
FAYDVQQDEw02ODU5MjljZC1iNDVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAra8J93j4t+0l/OJBSWSntCF70+uPpRf7yq8zfX4WQA17xiYzWYHCnBl9
EtFOzuVlWYCJ6J+mtp83ava0FfLwGzoA2MzySg+lzQTMs+FMcGCA6JacpMI1bsix
hMMcWX2wWQeQbU6r3ZaIj/q4h5wFR0NSTtZHJJe4jQWrGXxskvGNKI5JDnXmvcK3
vJcRfc3LpG3QaSfrHAspdJZ5pBcfrxfqT994piFRngjyO3adny5VFYseZjAHhGcA
JPyzk9t19FmYF2Ep1swWSuEiRJCenjuhTt4GnZfdYFvo9tAys5yofNls7zeDjFRr
zFod165OzSCMEicdhDcKcN8FYttvZQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLhJ
ViWJ67LzlplIKvtYDtFivuRuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MDJGMDI5NDUwMUIxMUYwQjlDOUUyREREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP4FMA0GCSqGSIb3DQEBCwUA
A4IBAQArkBrU1O2SgSwo7+qpxGt3MmFxAGRg6iG4SyT93o/APYPU5ANpz42w2RXM
DPVsUDFMVCHV5LMUE9/TZuCtbk2jVNHK4qt7T57kSuOMBUlYmDrVteh5D7v6mjAI
Vurz6QxTAAsczEM+M6O4swHWLQiqI+LB17gVrkas0Xy9wPF4cOiO/Kaj35v1/KVj
s9oqgzYMHCXRp3Jkxbh/7w7bB0d2cd3fbJVWtd57amCI6JQU4jTxpJe0RsoL9AOD
VeEysSlgrOm0CQE28VaQDTvDStbuTMpw0uwj2cfZkDp5DNTC9NOojVkKgAlXuKfG
pWjp4pOf7kB9xhmFrsJABcfvftKH
-----END CERTIFICATE-----
Generated at Fri Jul 4 17:45:36 2025 by rpki-client