Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/39212F2CA45E11F0A7C32C83DAE4EC9C.roa
File: 39212F2CA45E11F0A7C32C83DAE4EC9C.roa (raw, json)
Hash identifier: 84rG0vyGjgOUsGFzmBt2p/gBzPkl98Zkl4fuQ/mQf8U=
Subject key identifier: 4D:1F:B7:9D:AC:41:50:2D:87:2C:F8:DB:AF:67:23:90:C7:C6:2A:29
Certificate issuer: /CN=F36A44EAAR/serialNumber=F85BB49854392228FB8B30DB05D96AC664CE83AB
Certificate serial: 09A0
Authority key identifier: F8:5B:B4:98:54:39:22:28:FB:8B:30:DB:05:D9:6A:C6:64:CE:83:AB
Authority info access: rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/39212F2CA45E11F0A7C32C83DAE4EC9C.roa
Signing time: Wed 08 Oct 2025 15:48:24 +0000
ROA not before: Wed 08 Oct 2025 15:48:20 +0000
ROA not after: Mon 31 Dec 2035 15:48:20 +0000
asID: 63199
IP address blocks: 165.49.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.mft
rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2464 (0x9a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A44EAAR, serialNumber=F85BB49854392228FB8B30DB05D96AC664CE83AB
Validity
Not Before: Oct 8 15:48:20 2025 GMT
Not After : Dec 31 15:48:20 2035 GMT
Subject: CN=68e687c8-1fdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:15:ca:e5:8e:8d:b9:7e:92:30:99:64:4e:4f:
9a:96:c7:b5:2d:60:e2:d6:cf:83:06:d9:22:b5:b6:
ce:19:8b:95:ee:dc:08:ee:ff:49:ac:a8:e2:2f:cf:
08:a7:85:1e:b9:46:08:63:28:14:fc:15:73:9e:ac:
fd:e7:4c:c9:e8:37:2d:7f:35:4e:19:17:d2:e2:4b:
31:42:17:c0:2b:bf:ed:0a:94:4a:db:c3:67:09:05:
e0:57:71:6c:10:ab:14:af:08:d4:e6:f2:3a:32:51:
4d:2c:bd:89:87:83:1e:d6:27:a2:25:54:97:62:2f:
7d:ee:9b:27:e4:ff:1f:e8:61:f9:22:cf:7a:20:87:
95:47:a2:ad:12:04:9c:bf:16:1c:84:ef:0b:9f:fb:
87:80:7d:80:92:e4:52:17:c9:77:b8:c3:00:c6:e1:
5e:e0:c7:bb:ca:3c:8a:af:1c:da:b6:37:12:36:85:
72:15:a9:1c:1a:50:73:86:cd:70:32:7d:86:eb:41:
ed:69:27:f5:fd:4c:71:28:26:82:e0:4a:0d:b9:b3:
e2:6a:7c:ca:1e:79:9a:fc:09:10:26:0e:93:dc:79:
c4:e0:bd:5d:49:50:43:4a:d1:c3:98:1a:4d:1c:9a:
9e:70:e6:c7:69:e1:51:47:c8:ad:d1:a2:46:57:33:
80:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:1F:B7:9D:AC:41:50:2D:87:2C:F8:DB:AF:67:23:90:C7:C6:2A:29
X509v3 Authority Key Identifier:
keyid:F8:5B:B4:98:54:39:22:28:FB:8B:30:DB:05:D9:6A:C6:64:CE:83:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/39212F2CA45E11F0A7C32C83DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.49.208.0/24
Signature Algorithm: sha256WithRSAEncryption
be:e5:36:31:2d:26:e7:5f:93:63:dc:e0:f1:ef:ac:0b:cf:69:
94:a0:86:6d:7d:1a:a7:71:c3:31:fe:a9:04:75:e2:c1:07:7c:
bf:ae:5a:ec:9e:98:62:07:8c:2c:c8:f5:15:49:a4:48:60:d1:
cc:0e:12:e5:9a:74:a2:81:22:f7:81:c8:84:3d:47:d4:02:8a:
b1:3f:45:af:f0:6f:24:58:d9:d8:d9:78:62:4f:70:ad:a9:58:
e8:be:02:da:9a:23:c6:27:6e:c5:a0:79:38:96:50:a6:1b:4e:
58:d8:ff:0c:be:1d:c8:18:06:10:f4:c2:26:86:05:26:44:25:
2c:83:40:b5:9b:ba:b6:00:8e:e4:6c:7f:6a:f6:16:30:84:ee:
b4:17:3d:eb:1c:34:19:60:20:3e:36:f6:aa:2d:b2:1f:4d:91:
49:d4:95:0e:fb:23:46:8e:08:f1:2f:65:f6:05:98:1e:e8:d8:
79:06:d9:2d:8f:3c:a2:f1:ae:7b:5e:0f:fe:d3:d7:e1:41:51:
0a:0f:0d:ea:47:70:4e:26:d6:5f:44:62:7a:6e:7e:b0:b9:3e:
2e:0c:05:45:ec:1e:7b:64:27:cc:55:a6:96:67:61:50:6d:7e:
94:1e:3f:11:d1:9c:e5:a5:6c:fc:62:7f:42:f9:97:98:c3:18:
67:04:79:2b
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCaAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTQ0RUFBUjExMC8GA1UEBRMoRjg1QkI0OTg1NDM5MjIyOEZCOEIzMERCMDVEOTZB
QzY2NENFODNBQjAeFw0yNTEwMDgxNTQ4MjBaFw0zNTEyMzExNTQ4MjBaMBgxFjAU
BgNVBAMTDTY4ZTY4N2M4LTFmZGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/Fcrljo25fpIwmWROT5qWx7UtYOLWz4MG2SK1ts4Zi5Xu3Aju/0msqOIv
zwinhR65RghjKBT8FXOerP3nTMnoNy1/NU4ZF9LiSzFCF8Arv+0KlErbw2cJBeBX
cWwQqxSvCNTm8joyUU0svYmHgx7WJ6IlVJdiL33umyfk/x/oYfkiz3ogh5VHoq0S
BJy/FhyE7wuf+4eAfYCS5FIXyXe4wwDG4V7gx7vKPIqvHNq2NxI2hXIVqRwaUHOG
zXAyfYbrQe1pJ/X9THEoJoLgSg25s+JqfMoeeZr8CRAmDpPcecTgvV1JUENK0cOY
Gk0cmp5w5sdp4VFHyK3RokZXM4C5AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUTR+3
naxBUC2HLPjbr2cjkMfGKikwHwYDVR0jBBgwFoAU+Fu0mFQ5Iij7izDbBdlqxmTO
g6swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE0NEVBL0E4QjdFQzFDODkwOTExRTlCNTdFNjg1RkY4QUVBMjI4Ly1GdTBt
RlE1SWlqN2l6RGJCZGxxeG1UT2c2cy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
Ly1GdTBtRlE1SWlqN2l6RGJCZGxxeG1UT2c2cy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkE0NEVBL0E4QjdFQzFDODkwOTExRTlCNTdFNjg1RkY4QUVB
MjI4LzM5MjEyRjJDQTQ1RTExRjBBN0MzMkM4M0RBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAClMdAwDQYJKoZIhvcNAQELBQAD
ggEBAL7lNjEtJudfk2Pc4PHvrAvPaZSghm19GqdxwzH+qQR14sEHfL+uWuyemGIH
jCzI9RVJpEhg0cwOEuWadKKBIveByIQ9R9QCirE/Ra/wbyRY2djZeGJPcK2pWOi+
AtqaI8YnbsWgeTiWUKYbTljY/wy+HcgYBhD0wiaGBSZEJSyDQLWburYAjuRsf2r2
FjCE7rQXPescNBlgID429qotsh9NkUnUlQ77I0aOCPEvZfYFmB7o2HkG2S2PPKLx
rnteD/7T1+FBUQoPDepHcE4m1l9EYnpufrC5Pi4MBUXsHntkJ8xVppZnYVBtfpQe
PxHRnOWlbPxif0L5l5jDGGcEeSs=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:05:53 2025 by rpki-client