Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/AF2966AABA2311F0A8F9F5D4DAE4EC9C.roa
File: AF2966AABA2311F0A8F9F5D4DAE4EC9C.roa (raw, json)
Hash identifier: 7/2oVyNqBreP+EobCGj41BCdBK1bHMyhB+L9CZMC/+Q=
Subject key identifier: D9:F2:2D:5C:FD:56:E4:06:A5:07:E4:08:A3:C7:48:77:73:42:3C:91
Certificate issuer: /CN=F36A44EAAR/serialNumber=F85BB49854392228FB8B30DB05D96AC664CE83AB
Certificate serial: 09CD
Authority key identifier: F8:5B:B4:98:54:39:22:28:FB:8B:30:DB:05:D9:6A:C6:64:CE:83:AB
Authority info access: rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/AF2966AABA2311F0A8F9F5D4DAE4EC9C.roa
Signing time: Wed 05 Nov 2025 08:44:49 +0000
ROA not before: Wed 05 Nov 2025 08:44:41 +0000
ROA not after: Mon 31 Dec 2035 08:44:41 +0000
asID: 7029
IP address blocks: 165.49.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.mft
rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2509 (0x9cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A44EAAR, serialNumber=F85BB49854392228FB8B30DB05D96AC664CE83AB
Validity
Not Before: Nov 5 08:44:41 2025 GMT
Not After : Dec 31 08:44:41 2035 GMT
Subject: CN=690b0e81-d9c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:47:25:d6:f9:46:47:90:04:19:71:c8:dd:c7:
be:10:99:91:db:8a:5f:ea:48:cb:e9:f5:9f:0c:82:
ed:29:55:29:b7:f0:a9:97:5b:89:22:8a:15:d5:8c:
b5:f8:e3:c7:3f:38:05:49:1c:e2:f8:c3:c0:89:08:
c7:9b:c7:ce:de:43:47:38:1e:c7:17:c1:c2:b0:72:
c3:ac:85:03:97:7e:87:c9:d0:01:3d:cb:5d:7c:01:
f4:c6:17:59:de:86:9e:53:c3:03:f9:f4:37:2a:03:
b4:8d:19:fc:7b:24:6f:e6:db:0c:df:10:dc:a5:c4:
f1:3b:de:93:a8:ba:02:a3:a8:28:ee:69:a5:f3:83:
ce:57:19:75:e6:8b:a8:38:1a:97:19:ef:fb:95:7f:
00:5c:59:a6:9b:c4:ec:e0:d1:4a:f6:d7:00:91:ae:
8a:18:eb:26:12:40:09:6d:9e:f7:8d:2f:1f:ef:d6:
62:05:e3:0c:50:22:b6:e1:4d:3c:a5:1c:43:39:9a:
e9:de:11:af:37:8f:cd:4d:38:d6:b8:8c:b8:1c:65:
ed:11:fa:13:80:3c:2d:85:e3:58:f0:01:97:f3:3d:
a6:c1:51:4c:7d:d4:70:b2:d8:7d:e5:66:d7:f1:d6:
14:6a:7c:19:7d:0d:c2:56:ff:e2:d4:8e:00:5c:2a:
07:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F2:2D:5C:FD:56:E4:06:A5:07:E4:08:A3:C7:48:77:73:42:3C:91
X509v3 Authority Key Identifier:
keyid:F8:5B:B4:98:54:39:22:28:FB:8B:30:DB:05:D9:6A:C6:64:CE:83:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/AF2966AABA2311F0A8F9F5D4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.49.221.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:11:e3:86:ff:e1:17:f8:9c:86:60:1c:51:d0:97:a6:ee:ce:
31:77:23:9d:c6:f2:87:83:1e:b3:4a:a4:f8:83:54:63:16:22:
42:4c:ee:ea:f9:8a:3d:e1:ea:76:a6:f7:18:41:30:c0:ac:a2:
3d:b8:50:1a:e3:65:1e:61:fb:c1:2f:43:fc:f4:63:52:95:c6:
41:cd:5b:9c:35:ba:bf:16:b9:79:5a:50:4b:95:9a:89:52:16:
48:ea:15:10:ef:15:5c:27:b5:84:36:56:8a:cd:03:12:6b:48:
7b:de:d5:c4:a5:12:ec:bd:b1:36:7c:a5:73:c1:d0:c8:fe:92:
e8:e9:39:a1:4a:5c:11:8c:6a:6c:6c:9d:0e:49:1c:10:cf:9e:
b6:69:99:42:70:71:d5:65:be:4e:28:6a:be:3e:93:53:93:af:
d2:38:d1:9e:64:f6:2b:e9:d2:e7:f7:3d:c1:bb:29:0a:4f:cb:
f0:c3:14:0a:d9:a9:7c:be:b0:1b:ff:2a:b0:45:f4:37:ca:24:
e7:47:a6:58:d5:17:c5:d6:46:3d:ae:c0:3a:2c:96:07:de:b3:
1e:aa:03:fe:53:fa:62:33:25:ef:06:64:56:af:bb:f2:d8:52:
74:cc:d9:95:56:ab:c4:17:8d:4f:0d:f5:e7:69:ff:bc:1e:42:
c5:03:3f:18
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCc0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTQ0RUFBUjExMC8GA1UEBRMoRjg1QkI0OTg1NDM5MjIyOEZCOEIzMERCMDVEOTZB
QzY2NENFODNBQjAeFw0yNTExMDUwODQ0NDFaFw0zNTEyMzEwODQ0NDFaMBgxFjAU
BgNVBAMTDTY5MGIwZTgxLWQ5YzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDcRyXW+UZHkAQZccjdx74QmZHbil/qSMvp9Z8Mgu0pVSm38KmXW4kiihXV
jLX448c/OAVJHOL4w8CJCMebx87eQ0c4HscXwcKwcsOshQOXfofJ0AE9y118AfTG
F1nehp5TwwP59DcqA7SNGfx7JG/m2wzfENylxPE73pOougKjqCjuaaXzg85XGXXm
i6g4GpcZ7/uVfwBcWaabxOzg0Ur21wCRrooY6yYSQAltnveNLx/v1mIF4wxQIrbh
TTylHEM5muneEa83j81NONa4jLgcZe0R+hOAPC2F41jwAZfzPabBUUx91HCy2H3l
Ztfx1hRqfBl9DcJW/+LUjgBcKgfFAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQU2fIt
XP1W5AalB+QIo8dId3NCPJEwHwYDVR0jBBgwFoAU+Fu0mFQ5Iij7izDbBdlqxmTO
g6swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE0NEVBL0E4QjdFQzFDODkwOTExRTlCNTdFNjg1RkY4QUVBMjI4Ly1GdTBt
RlE1SWlqN2l6RGJCZGxxeG1UT2c2cy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
Ly1GdTBtRlE1SWlqN2l6RGJCZGxxeG1UT2c2cy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkE0NEVBL0E4QjdFQzFDODkwOTExRTlCNTdFNjg1RkY4QUVB
MjI4L0FGMjk2NkFBQkEyMzExRjBBOEY5RjVENERBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAClMd0wDQYJKoZIhvcNAQELBQAD
ggEBAF4R44b/4Rf4nIZgHFHQl6buzjF3I53G8oeDHrNKpPiDVGMWIkJM7ur5ij3h
6nam9xhBMMCsoj24UBrjZR5h+8EvQ/z0Y1KVxkHNW5w1ur8WuXlaUEuVmolSFkjq
FRDvFVwntYQ2VorNAxJrSHve1cSlEuy9sTZ8pXPB0Mj+kujpOaFKXBGMamxsnQ5J
HBDPnrZpmUJwcdVlvk4oar4+k1OTr9I40Z5k9ivp0uf3PcG7KQpPy/DDFArZqXy+
sBv/KrBF9DfKJOdHpljVF8XWRj2uwDoslgfesx6qA/5T+mIzJe8GZFavu/LYUnTM
2ZVWq8QXjU8N9edp/7weQsUDPxg=
-----END CERTIFICATE-----
Generated at Wed Nov 5 17:26:09 2025 by rpki-client