Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/02BA631C591E11F0BEDA7FECDAE4EC9C.roa
File: 02BA631C591E11F0BEDA7FECDAE4EC9C.roa (raw, json)
Hash identifier: zDQDt7cdfZDrFnmgRDDtKt9CdnhCm1XZrqaOXdNL4FE=
Subject key identifier: 50:D1:F4:AE:F1:91:4D:B6:B9:C3:1C:70:2B:DB:63:05:45:97:47:93
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01614C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/02BA631C591E11F0BEDA7FECDAE4EC9C.roa
Signing time: Fri 04 Jul 2025 21:29:49 +0000
ROA not before: Fri 04 Jul 2025 21:29:43 +0000
ROA not after: Fri 17 Jul 2026 21:29:43 +0000
asID: 21859
IP address blocks: 156.241.129.0/24 maxlen: 24
156.241.133.0/24 maxlen: 24
156.241.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Jul 2025 23:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90444 (0x1614c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 4 21:29:43 2025 GMT
Not After : Jul 17 21:29:43 2026 GMT
Subject: CN=686847cd-0bc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:da:05:9a:c4:cc:b6:7e:32:1c:47:cf:e4:ef:
71:0d:da:d4:db:ef:97:5c:69:b1:8f:42:8d:c9:62:
d8:2f:fa:33:23:19:2c:5c:47:c2:16:62:3c:52:0b:
c5:85:c5:eb:ae:50:8d:d9:28:b4:89:04:10:71:0b:
de:d5:00:4c:a2:e1:5c:43:2c:11:26:f8:3f:43:ba:
ba:52:3b:c3:0d:e1:84:68:27:76:d7:8e:55:5a:03:
0e:9f:24:99:96:bf:86:12:d9:6c:5d:f0:30:94:bf:
dc:01:b7:d3:86:93:8b:96:a1:a2:09:b3:0a:74:8a:
9a:8e:da:f5:b9:a8:90:c1:8e:27:fd:3f:78:37:82:
e6:8a:3b:d7:5a:cc:59:02:d5:51:e4:78:07:11:b2:
76:bc:17:cd:d7:1d:04:fb:14:21:c2:6f:41:c5:cf:
de:23:2b:1e:ad:a2:40:83:65:e1:bb:11:e7:db:b2:
ee:89:05:99:bb:ba:37:2b:f8:a0:30:76:ad:64:e7:
23:e3:79:43:6f:13:01:fd:59:99:c2:94:ac:e7:54:
50:91:00:6c:f7:34:a0:4b:35:c4:1d:bc:ee:96:4a:
b9:5e:b1:58:fe:67:8d:13:5b:a8:cf:83:a7:14:aa:
42:70:a8:99:f4:5c:06:a6:ed:b0:39:25:19:6f:79:
df:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:D1:F4:AE:F1:91:4D:B6:B9:C3:1C:70:2B:DB:63:05:45:97:47:93
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/02BA631C591E11F0BEDA7FECDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.129.0/24
156.241.133.0/24
156.241.135.0/24
Signature Algorithm: sha256WithRSAEncryption
89:d7:c3:32:ef:ee:8b:14:34:b1:5f:c0:e8:22:2e:a9:e1:06:
a5:4c:64:17:0b:fb:06:a1:4d:1f:5d:59:62:27:09:ef:ec:a0:
e2:be:fa:07:7a:6c:1d:60:5b:01:e4:5e:60:f4:f8:88:83:df:
8b:d0:30:0b:09:69:c9:67:cc:93:d6:b2:69:35:a8:25:dd:48:
01:97:13:22:da:f7:65:9d:d6:3f:73:b7:67:21:ba:8c:4b:28:
43:64:6e:f1:f5:f4:96:24:3a:c5:72:72:d1:39:e3:9b:a7:97:
6c:f5:a8:21:48:bb:08:09:fc:b9:0d:67:02:27:ce:39:f1:3f:
a3:c0:6c:9c:62:3b:19:e7:6c:60:a9:97:01:4b:70:70:a7:12:
a3:75:87:7f:de:1e:6b:ce:e5:04:03:b3:e7:cb:a9:d8:0e:08:
60:c8:2d:f6:8b:cf:61:c2:62:52:fa:e2:e7:75:f8:ac:48:8a:
54:90:e9:c3:45:dd:30:68:b0:5d:57:c8:ec:ff:9e:13:d8:90:
a1:81:0c:ad:d1:63:26:43:88:e6:48:86:fe:bb:cf:1f:e9:f3:
0e:97:50:ab:64:af:8d:fa:57:2b:af:5e:53:29:ab:b2:5e:60:
c2:31:10:cd:5a:27:60:4a:20:b2:d7:33:49:0b:34:e7:ad:11:
d2:d7:f7:56
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAWFMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA0MjEyOTQzWhcNMjYwNzE3MjEyOTQzWjAYMRYw
FAYDVQQDEw02ODY4NDdjZC0wYmM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu9oFmsTMtn4yHEfP5O9xDdrU2++XXGmxj0KNyWLYL/ozIxksXEfCFmI8
UgvFhcXrrlCN2Si0iQQQcQve1QBMouFcQywRJvg/Q7q6UjvDDeGEaCd2145VWgMO
nySZlr+GEtlsXfAwlL/cAbfThpOLlqGiCbMKdIqajtr1uaiQwY4n/T94N4LmijvX
WsxZAtVR5HgHEbJ2vBfN1x0E+xQhwm9Bxc/eIyseraJAg2XhuxHn27LuiQWZu7o3
K/igMHatZOcj43lDbxMB/VmZwpSs51RQkQBs9zSgSzXEHbzulkq5XrFY/meNE1uo
z4OnFKpCcKiZ9FwGpu2wOSUZb3nf1QIDAQABo4ICrjCCAqowHQYDVR0OBBYEFFDR
9K7xkU22ucMccCvbYwVFl0eTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMkJBNjMxQzU5MUUxMUYwQkVEQTdGRUNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAnPGBAwQAnPGFAwQAnPGHMA0G
CSqGSIb3DQEBCwUAA4IBAQCJ18My7+6LFDSxX8DoIi6p4QalTGQXC/sGoU0fXVli
Jwnv7KDivvoHemwdYFsB5F5g9PiIg9+L0DALCWnJZ8yT1rJpNagl3UgBlxMi2vdl
ndY/c7dnIbqMSyhDZG7x9fSWJDrFcnLROeObp5ds9aghSLsICfy5DWcCJ8458T+j
wGycYjsZ52xgqZcBS3BwpxKjdYd/3h5rzuUEA7Pny6nYDghgyC32i89hwmJS+uLn
dfisSIpUkOnDRd0waLBdV8js/54T2JChgQyt0WMmQ4jmSIb+u88f6fMOl1CrZK+N
+lcrr15TKauyXmDCMRDNWidgSiCy1zNJCzTnrRHS1/dW
-----END CERTIFICATE-----
Generated at Mon Jul 7 01:56:14 2025 by rpki-client