Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/539B59FC37B911F0AFEC70A5DAE4EC9C.roa
File: 539B59FC37B911F0AFEC70A5DAE4EC9C.roa (raw, json)
Hash identifier: xq32l3trS0zimDyf+Nm1LUwmuSjSyvruEBvFPy+PofY=
Subject key identifier: 06:6B:9B:52:FF:43:EE:BD:7D:D8:89:F7:C0:09:6D:7D:96:CB:A3:D1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0156BA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/539B59FC37B911F0AFEC70A5DAE4EC9C.roa
Signing time: Fri 23 May 2025 09:35:56 +0000
ROA not before: Fri 23 May 2025 09:35:51 +0000
ROA not after: Wed 02 Jul 2025 09:35:51 +0000
asID: 138915
IP address blocks: 156.244.56.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87738 (0x156ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 23 09:35:51 2025 GMT
Not After : Jul 2 09:35:51 2025 GMT
Subject: CN=6830417c-4a10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:a2:f3:fa:85:0b:44:3d:84:b3:4b:6e:6f:4a:
73:b5:08:00:45:86:76:44:46:32:c9:b0:17:ec:4d:
86:75:a9:98:0f:1a:2f:f8:34:5b:45:f9:14:a6:e5:
d5:23:c4:bc:ae:14:55:3a:14:55:48:e7:5f:c9:52:
c6:c6:3c:e6:ad:ac:19:03:82:ca:c6:d3:af:f4:a0:
42:83:4e:3f:90:ea:ee:1d:b5:15:4b:c6:f5:dd:31:
15:dd:ea:37:ee:89:7a:a2:95:7d:62:d6:e3:21:e7:
a3:f0:7c:09:71:5f:76:cd:83:9b:7e:3a:2b:d0:44:
6d:3f:4b:92:a5:45:de:7b:9e:55:f9:02:89:17:38:
2b:e7:ff:1d:fa:2d:94:b6:36:b2:68:ce:c9:e9:89:
fd:5c:a4:19:e7:8d:36:64:6e:fb:54:b9:1e:bf:c2:
31:98:b9:7b:fa:3e:9f:31:02:f3:32:6a:3d:3e:74:
76:ce:29:14:60:31:60:98:dd:24:ca:a1:6f:66:2f:
ed:da:2f:bb:a1:af:0d:93:7f:2e:99:32:4f:23:78:
02:e6:77:33:9d:2c:95:58:f2:5b:63:07:ea:17:8e:
05:03:c7:0c:0a:4d:52:b5:15:28:3d:c5:27:2c:78:
ef:ef:fc:bb:1a:5a:95:c6:28:2b:c5:02:09:72:fe:
c8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:6B:9B:52:FF:43:EE:BD:7D:D8:89:F7:C0:09:6D:7D:96:CB:A3:D1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/539B59FC37B911F0AFEC70A5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.56.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:49:34:71:65:e5:19:ba:e4:be:5d:50:67:2b:72:47:52:57:
db:19:54:9e:c7:4a:48:71:ab:83:25:4f:33:c2:d8:16:7d:f5:
79:99:76:76:30:33:61:a6:a0:c4:a1:2b:ee:b9:2d:1f:6b:32:
9b:62:b2:c5:4b:38:f3:f5:55:60:8e:6e:33:3f:f7:c9:e9:5c:
75:5c:67:d8:b1:05:c4:87:01:82:73:19:4e:9d:5b:6c:48:80:
63:7a:54:cd:e3:75:7b:5b:a0:b5:59:f7:e8:d4:12:77:07:00:
0b:69:99:6b:95:56:31:02:8f:15:ed:16:ce:f0:e3:32:10:aa:
a9:c5:d7:38:1c:39:eb:14:41:f2:a2:0e:a2:21:51:26:55:94:
82:63:34:30:ff:38:03:3a:12:bd:a6:5e:d5:84:69:09:87:a8:
f7:74:b1:a0:df:2a:f3:8c:55:71:0a:0f:5f:a9:8a:d2:23:32:
91:61:5f:c4:d1:84:c1:d3:08:94:7e:c3:04:64:70:a0:75:8f:
8c:f4:91:8d:95:24:83:48:e0:ee:7e:5f:48:1d:d5:96:5a:4a:
8e:a6:0f:4c:0a:ad:09:05:66:24:72:74:a5:2f:0c:af:6e:0c:
5d:4f:b3:fc:62:21:a9:05:99:6c:94:38:0f:3a:72:5f:6e:a5:
61:a8:de:16
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVa6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTIzMDkzNTUxWhcNMjUwNzAyMDkzNTUxWjAYMRYw
FAYDVQQDEw02ODMwNDE3Yy00YTEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8qLz+oULRD2Es0tub0pztQgARYZ2REYyybAX7E2GdamYDxov+DRbRfkU
puXVI8S8rhRVOhRVSOdfyVLGxjzmrawZA4LKxtOv9KBCg04/kOruHbUVS8b13TEV
3eo37ol6opV9YtbjIeej8HwJcV92zYObfjor0ERtP0uSpUXee55V+QKJFzgr5/8d
+i2UtjayaM7J6Yn9XKQZ5402ZG77VLkev8IxmLl7+j6fMQLzMmo9PnR2zikUYDFg
mN0kyqFvZi/t2i+7oa8Nk38umTJPI3gC5ncznSyVWPJbYwfqF44FA8cMCk1StRUo
PcUnLHjv7/y7GlqVxigrxQIJcv7IrQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAZr
m1L/Q+69fdiJ98AJbX2Wy6PRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MzlCNTlGQzM3QjkxMUYwQUZFQzcwQTVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPQ4MA0GCSqGSIb3DQEBCwUA
A4IBAQBrSTRxZeUZuuS+XVBnK3JHUlfbGVSex0pIcauDJU8zwtgWffV5mXZ2MDNh
pqDEoSvuuS0fazKbYrLFSzjz9VVgjm4zP/fJ6Vx1XGfYsQXEhwGCcxlOnVtsSIBj
elTN43V7W6C1Wffo1BJ3BwALaZlrlVYxAo8V7RbO8OMyEKqpxdc4HDnrFEHyog6i
IVEmVZSCYzQw/zgDOhK9pl7VhGkJh6j3dLGg3yrzjFVxCg9fqYrSIzKRYV/E0YTB
0wiUfsMEZHCgdY+M9JGNlSSDSODufl9IHdWWWkqOpg9MCq0JBWYkcnSlLwyvbgxd
T7P8YiGpBZlslDgPOnJfbqVhqN4W
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:35:06 2025 by rpki-client