Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/F7099FB692FB11F08BF3BAE3DAE4EC9C.roa
File: F7099FB692FB11F08BF3BAE3DAE4EC9C.roa (raw, json)
Hash identifier: GCdMKgaPjOwTrFS3tnr+SlFlctfGkmjLu62+/rbMiHM=
Subject key identifier: 2F:2D:57:25:25:5A:37:C4:E8:CA:99:E3:0F:A1:F2:89:28:26:8E:67
Certificate issuer: /CN=F36A44EAAR/serialNumber=F85BB49854392228FB8B30DB05D96AC664CE83AB
Certificate serial: 0978
Authority key identifier: F8:5B:B4:98:54:39:22:28:FB:8B:30:DB:05:D9:6A:C6:64:CE:83:AB
Authority info access: rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/F7099FB692FB11F08BF3BAE3DAE4EC9C.roa
Signing time: Tue 16 Sep 2025 12:52:13 +0000
ROA not before: Tue 16 Sep 2025 12:52:05 +0000
ROA not after: Mon 31 Dec 2035 12:52:05 +0000
asID: 5511
IP address blocks: 165.49.75.0/24 maxlen: 24
165.49.252.0/24 maxlen: 24
165.49.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.mft
rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2424 (0x978)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A44EAAR, serialNumber=F85BB49854392228FB8B30DB05D96AC664CE83AB
Validity
Not Before: Sep 16 12:52:05 2025 GMT
Not After : Dec 31 12:52:05 2035 GMT
Subject: CN=68c95d7d-863a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ce:95:d9:1a:f0:11:15:b8:3c:d7:3c:1e:1d:
0e:a9:9a:41:04:df:7c:81:b6:d6:e6:48:88:16:9d:
dc:e6:70:86:5a:c9:d5:96:69:74:4f:ff:a4:10:15:
43:f9:0e:79:ab:fd:d8:31:a5:be:02:ac:ff:51:c7:
e8:66:b4:5e:47:cf:20:ea:7c:83:ea:72:f7:12:16:
7c:a3:86:be:1f:be:7f:96:23:96:f3:0a:3a:51:0a:
aa:66:61:6b:d6:14:e8:b0:d7:6c:8e:01:4c:0e:a4:
25:17:98:4d:22:89:30:6f:26:4a:31:f0:cc:ee:5a:
33:c9:f7:b8:fd:e6:9a:a7:ee:d1:54:cf:1d:d5:51:
c3:b8:64:dc:80:2c:c2:ec:f1:0a:c5:2d:97:46:3f:
df:78:0e:3d:2c:fe:ed:ff:01:74:d8:b1:91:46:6b:
35:fe:5f:43:52:52:08:98:e6:e4:da:5d:ab:ff:03:
a7:b3:eb:db:00:64:b5:9b:7c:62:44:d7:c5:76:4d:
b0:8a:56:c6:e4:75:c2:1c:fa:02:fc:0e:f1:a1:9b:
81:d0:b7:75:53:90:9b:83:1f:5b:91:24:5f:d1:0e:
1f:02:37:bc:86:26:23:cb:6a:9f:46:31:7b:ec:c8:
3d:a6:88:a5:54:cc:c8:0c:78:21:1e:fe:39:9e:41:
35:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:2D:57:25:25:5A:37:C4:E8:CA:99:E3:0F:A1:F2:89:28:26:8E:67
X509v3 Authority Key Identifier:
keyid:F8:5B:B4:98:54:39:22:28:FB:8B:30:DB:05:D9:6A:C6:64:CE:83:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/F7099FB692FB11F08BF3BAE3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.49.75.0/24
165.49.252.0/24
165.49.255.0/24
Signature Algorithm: sha256WithRSAEncryption
16:49:39:09:56:31:aa:97:7a:ad:00:52:5f:08:2a:35:c9:4b:
d6:00:d6:b4:c4:dd:26:b1:f2:06:be:95:66:06:2b:77:f8:24:
61:d8:a5:16:37:c9:6d:ae:a6:e0:18:8e:a6:3e:fd:a2:40:4f:
5d:b8:40:dd:9f:38:13:a1:b4:0a:e3:da:64:2d:16:1e:0e:b6:
c8:f1:d0:4a:ab:40:c7:7a:86:46:87:8a:95:1d:cb:b3:64:b3:
02:25:1d:d5:fe:41:36:cf:f4:fc:1a:84:7f:0a:b1:19:e7:a7:
af:c3:0b:d7:f1:49:a3:e0:c2:73:1a:1f:12:70:a6:93:80:c0:
58:d5:40:09:a3:34:d4:e7:60:4a:f2:d9:5f:51:3c:0e:cc:a7:
b4:d3:38:25:6a:6d:69:56:98:0b:1c:72:3b:ce:c0:ae:81:6a:
77:27:d9:2a:40:cd:23:f2:5e:96:a6:a2:70:45:59:eb:95:a8:
ad:da:17:d4:50:4d:c7:69:41:1a:1e:ca:40:6c:03:5f:a4:6f:
89:fe:6e:12:b0:be:e0:28:d9:68:ed:cd:c0:65:47:62:a4:56:
64:5f:d7:1d:01:07:3c:3c:81:0c:75:75:f6:e8:2a:3f:c5:29:
37:c1:62:b6:c0:72:50:0f:77:97:4d:a7:07:45:ea:f2:18:ec:
40:b7:34:f3
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICCXgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTQ0RUFBUjExMC8GA1UEBRMoRjg1QkI0OTg1NDM5MjIyOEZCOEIzMERCMDVEOTZB
QzY2NENFODNBQjAeFw0yNTA5MTYxMjUyMDVaFw0zNTEyMzExMjUyMDVaMBgxFjAU
BgNVBAMTDTY4Yzk1ZDdkLTg2M2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDOzpXZGvARFbg81zweHQ6pmkEE33yBttbmSIgWndzmcIZaydWWaXRP/6QQ
FUP5Dnmr/dgxpb4CrP9Rx+hmtF5HzyDqfIPqcvcSFnyjhr4fvn+WI5bzCjpRCqpm
YWvWFOiw12yOAUwOpCUXmE0iiTBvJkox8MzuWjPJ97j95pqn7tFUzx3VUcO4ZNyA
LMLs8QrFLZdGP994Dj0s/u3/AXTYsZFGazX+X0NSUgiY5uTaXav/A6ez69sAZLWb
fGJE18V2TbCKVsbkdcIc+gL8DvGhm4HQt3VTkJuDH1uRJF/RDh8CN7yGJiPLap9G
MXvsyD2miKVUzMgMeCEe/jmeQTX1AgMBAAGjggKuMIICqjAdBgNVHQ4EFgQULy1X
JSVaN8ToypnjD6HyiSgmjmcwHwYDVR0jBBgwFoAU+Fu0mFQ5Iij7izDbBdlqxmTO
g6swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE0NEVBL0E4QjdFQzFDODkwOTExRTlCNTdFNjg1RkY4QUVBMjI4Ly1GdTBt
RlE1SWlqN2l6RGJCZGxxeG1UT2c2cy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
Ly1GdTBtRlE1SWlqN2l6RGJCZGxxeG1UT2c2cy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkE0NEVBL0E4QjdFQzFDODkwOTExRTlCNTdFNjg1RkY4QUVB
MjI4L0Y3MDk5RkI2OTJGQjExRjA4QkYzQkFFM0RBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
KwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAClMUsDBAClMfwDBAClMf8wDQYJ
KoZIhvcNAQELBQADggEBABZJOQlWMaqXeq0AUl8IKjXJS9YA1rTE3Sax8ga+lWYG
K3f4JGHYpRY3yW2upuAYjqY+/aJAT124QN2fOBOhtArj2mQtFh4Otsjx0EqrQMd6
hkaHipUdy7NkswIlHdX+QTbP9PwahH8KsRnnp6/DC9fxSaPgwnMaHxJwppOAwFjV
QAmjNNTnYEry2V9RPA7Mp7TTOCVqbWlWmAsccjvOwK6Bancn2SpAzSPyXpamonBF
WeuVqK3aF9RQTcdpQRoeykBsA1+kb4n+bhKwvuAo2WjtzcBlR2KkVmRf1x0BBzw8
gQx1dfboKj/FKTfBYrbAclAPd5dNpwdF6vIY7EC3NPM=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:52 2025 by rpki-client