Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/02BE601A567711F094767CB3DAE4EC9C.roa
File: 02BE601A567711F094767CB3DAE4EC9C.roa (raw, json)
Hash identifier: QVguJg0c9LJPbOD7a71m5ukGtCWhcW1aQjPB8mg9D1I=
Subject key identifier: 7A:89:18:45:F0:A4:0E:C6:9B:5B:A8:51:A5:47:07:F5:14:BB:25:89
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015FED
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/02BE601A567711F094767CB3DAE4EC9C.roa
Signing time: Tue 01 Jul 2025 12:29:20 +0000
ROA not before: Tue 01 Jul 2025 12:29:15 +0000
ROA not after: Sat 23 Aug 2025 12:29:15 +0000
asID: 401739
IP address blocks: 156.247.40.0/24 maxlen: 24
156.247.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90093 (0x15fed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 1 12:29:15 2025 GMT
Not After : Aug 23 12:29:15 2025 GMT
Subject: CN=6863d4a0-9ab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:71:13:21:58:04:30:2a:a4:96:1b:89:5a:db:
91:0a:f3:ad:e3:90:7a:8b:b5:8c:cb:c5:d4:bc:56:
04:d0:1e:9f:48:d3:bd:00:bd:42:1c:b1:ae:4f:d9:
71:60:a7:90:80:00:6c:55:39:c5:81:39:5e:a4:d7:
ad:cf:1e:cf:3f:a6:a2:65:f4:a3:c5:51:d9:58:c1:
96:c2:e0:25:5b:97:3f:ef:00:32:16:58:1c:80:fc:
29:d1:a6:4f:65:ba:9b:86:de:c4:6b:fe:2f:a3:24:
70:c1:9a:9d:a2:c5:7a:20:87:c5:fd:e7:ac:16:e7:
9c:6e:aa:9b:c8:a0:c9:f3:97:1f:e1:ce:3b:bc:9e:
ef:8e:ca:99:06:87:6d:ff:80:2b:ab:50:8d:bd:2c:
ec:be:67:ac:00:55:e9:54:a1:89:13:fd:8c:ec:a2:
e1:f6:98:58:94:c0:de:2d:72:43:17:1f:09:d2:80:
36:00:a1:d3:0c:9e:f8:6b:6d:23:a0:e7:b4:c3:06:
b1:19:3d:40:60:03:f7:38:cb:60:b8:11:57:d8:41:
ae:bb:82:68:b8:98:43:15:3f:b8:cd:56:b9:01:83:
4d:6e:ea:85:e2:0b:b5:2d:4a:42:a6:fc:47:8c:ed:
3b:55:91:f5:fe:86:07:c4:af:43:61:05:30:9e:bf:
1d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:89:18:45:F0:A4:0E:C6:9B:5B:A8:51:A5:47:07:F5:14:BB:25:89
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/02BE601A567711F094767CB3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.40.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:92:92:00:c0:89:a6:45:5e:d6:09:ec:27:14:48:6b:34:61:
e1:4e:b3:0e:df:7c:21:7a:a3:6d:32:1a:57:86:a2:04:ff:cc:
b3:1a:92:77:9c:f5:2e:01:2e:97:70:e6:ef:56:2e:93:6e:f3:
b3:5d:44:bc:6d:bd:83:0d:34:7a:a7:3d:d2:13:e3:a0:4b:dd:
e5:e2:e3:b5:1c:9a:96:fe:86:5c:90:cf:3e:86:d1:38:89:56:
45:90:f7:30:fe:e8:9b:94:57:13:a2:ff:a9:4e:19:8c:3b:a5:
f9:3b:ba:f2:07:33:df:22:f8:5f:24:37:ba:20:41:74:a0:ff:
65:26:a7:cc:c6:1b:09:1d:d8:8f:00:10:12:ba:c8:7f:e2:01:
53:02:75:9b:4b:78:bb:5d:90:e9:f7:46:57:a9:be:33:69:c0:
cf:c9:63:e3:0e:cd:f2:b1:62:99:ef:b8:fe:e1:2b:57:d9:e4:
ea:cd:12:d2:7f:38:8f:ce:00:79:38:9e:f1:fe:e1:44:0b:8e:
68:de:7d:4f:05:f9:36:45:90:4f:57:55:10:eb:89:ea:d1:8d:
a6:0b:e2:8a:01:51:21:d2:39:3e:66:1e:b5:e9:08:3c:56:38:
51:9e:e6:ae:05:3e:3c:ff:4a:66:65:be:c1:fc:e0:35:b1:f6:
40:bb:b2:3a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAV/tMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzAxMTIyOTE1WhcNMjUwODIzMTIyOTE1WjAYMRYw
FAYDVQQDEw02ODYzZDRhMC05YWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsnETIVgEMCqklhuJWtuRCvOt45B6i7WMy8XUvFYE0B6fSNO9AL1CHLGu
T9lxYKeQgABsVTnFgTlepNetzx7PP6aiZfSjxVHZWMGWwuAlW5c/7wAyFlgcgPwp
0aZPZbqbht7Ea/4voyRwwZqdosV6IIfF/eesFuecbqqbyKDJ85cf4c47vJ7vjsqZ
Bodt/4Arq1CNvSzsvmesAFXpVKGJE/2M7KLh9phYlMDeLXJDFx8J0oA2AKHTDJ74
a20joOe0wwaxGT1AYAP3OMtguBFX2EGuu4JouJhDFT+4zVa5AYNNbuqF4gu1LUpC
pvxHjO07VZH1/oYHxK9DYQUwnr8d/wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHqJ
GEXwpA7Gm1uoUaVHB/UUuyWJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMkJFNjAxQTU2NzcxMUYwOTQ3NjdDQjNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPcoMA0GCSqGSIb3DQEBCwUA
A4IBAQAakpIAwImmRV7WCewnFEhrNGHhTrMO33wheqNtMhpXhqIE/8yzGpJ3nPUu
AS6XcObvVi6TbvOzXUS8bb2DDTR6pz3SE+OgS93l4uO1HJqW/oZckM8+htE4iVZF
kPcw/uiblFcTov+pThmMO6X5O7ryBzPfIvhfJDe6IEF0oP9lJqfMxhsJHdiPABAS
ush/4gFTAnWbS3i7XZDp90ZXqb4zacDPyWPjDs3ysWKZ77j+4StX2eTqzRLSfziP
zgB5OJ7x/uFEC45o3n1PBfk2RZBPV1UQ64nq0Y2mC+KKAVEh0jk+Zh616Qg8VjhR
nuauBT48/0pmZb7B/OA1sfZAu7I6
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:37:25 2025 by rpki-client