Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/07D68F0E732311F1AC03BCBCCE1D38B0.roa
File: 07D68F0E732311F1AC03BCBCCE1D38B0.roa (raw, json)
Hash identifier: pCSUn22wFV9C8bWy/cx+84LrPbM/PZeAZFzP1IcJqW4=
Subject key identifier: 35:D3:AD:66:32:C6:DA:55:B5:D3:89:56:49:CE:3C:18:01:A1:09:0F
Certificate issuer: /CN=F36A44EAAR/serialNumber=F85BB49854392228FB8B30DB05D96AC664CE83AB
Certificate serial: 0C39
Authority key identifier: F8:5B:B4:98:54:39:22:28:FB:8B:30:DB:05:D9:6A:C6:64:CE:83:AB
Authority info access: rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/07D68F0E732311F1AC03BCBCCE1D38B0.roa
Signing time: Sun 28 Jun 2026 18:56:12 +0000
ROA not before: Sun 28 Jun 2026 18:56:06 +0000
ROA not after: Wed 31 Dec 2036 18:56:06 +0000
asID: 834
IP address blocks: 165.49.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.mft
rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 01 Jul 2026 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3129 (0xc39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A44EAAR, serialNumber=F85BB49854392228FB8B30DB05D96AC664CE83AB
Validity
Not Before: Jun 28 18:56:06 2026 GMT
Not After : Dec 31 18:56:06 2036 GMT
Subject: CN=6a416e4c-b9a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:36:22:b4:32:7f:02:7f:65:e3:39:f6:37:6b:
2a:70:66:3f:b3:5f:96:f1:3a:ad:49:92:9b:b5:c9:
b9:95:e5:3e:51:9a:b2:4e:83:04:80:3c:7d:46:c6:
9d:75:d0:e6:3f:3b:26:19:7a:86:85:c7:91:b3:45:
2b:f2:31:04:3c:87:c8:b4:4f:9a:6e:93:aa:41:fd:
03:fc:f5:69:49:78:31:65:64:b2:e0:0d:ce:21:e6:
1d:fb:c8:06:4d:71:57:c8:91:d0:86:40:45:cf:d5:
33:3a:9e:d0:d6:9b:83:62:95:81:b6:17:b4:88:32:
62:f7:0f:c6:35:c9:81:41:ee:ba:2b:7f:07:d4:7a:
69:10:0d:d6:a7:e3:e4:f1:66:e2:d3:f0:be:dc:8c:
04:6b:24:5c:63:f2:c2:02:fc:2f:a8:a6:26:dd:6f:
86:94:a7:a6:7b:1f:51:37:a4:ea:fb:55:9b:07:77:
55:e1:09:ce:64:ba:98:34:c2:76:2d:44:d8:d4:8c:
f5:9e:b9:18:7b:37:08:8e:df:12:85:01:59:6d:31:
56:c5:cc:cb:ad:19:3e:8d:14:f3:c8:55:38:52:31:
cf:ef:56:55:da:0f:22:c7:d9:7b:bd:8d:db:bd:68:
68:06:7f:36:dd:77:13:92:70:21:ee:d1:e1:2e:17:
2d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:D3:AD:66:32:C6:DA:55:B5:D3:89:56:49:CE:3C:18:01:A1:09:0F
X509v3 Authority Key Identifier:
keyid:F8:5B:B4:98:54:39:22:28:FB:8B:30:DB:05:D9:6A:C6:64:CE:83:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/07D68F0E732311F1AC03BCBCCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.49.255.0/24
Signature Algorithm: sha256WithRSAEncryption
74:52:36:57:dd:8e:62:20:ab:87:2f:9e:27:1f:e1:f7:3e:3a:
ea:9b:8c:40:f8:64:be:dd:1b:5b:5b:c8:9d:9f:05:3f:16:1e:
86:f5:e9:8b:fa:74:90:bd:01:c1:72:d0:fa:94:1d:91:e1:e2:
31:35:de:bc:11:32:ff:ce:42:d6:11:7b:da:50:6b:ff:07:a2:
02:ae:73:02:9c:15:b0:d3:c0:61:6b:ad:29:a6:ca:84:94:9b:
11:92:b9:d4:68:10:4a:ef:95:76:df:2d:ee:f2:fd:50:e4:e3:
e6:1d:91:6b:e7:ea:67:ef:a9:54:7a:4f:bb:4f:35:a0:58:ab:
09:aa:9b:85:62:62:5a:51:aa:12:4b:88:60:48:4a:e6:cf:82:
bc:c1:b4:04:96:6b:eb:c7:93:46:44:e2:60:9a:34:78:b1:ee:
de:e5:b7:44:d0:b6:3e:cd:24:d7:1f:85:0e:5c:1c:1d:28:fb:
f1:b0:e5:b2:6b:86:95:a5:89:cd:14:5a:82:02:a2:c2:e0:6a:
15:28:8c:ea:20:e5:70:09:e8:7b:93:a5:af:55:bc:20:e9:d1:
a1:6a:ae:35:d3:10:8b:60:b9:d2:d8:e7:b2:e3:cb:ac:35:2f:
0e:dd:c6:70:3c:e8:df:72:36:cc:e0:84:30:9e:03:11:7d:79:
07:9a:e8:93
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDDkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTQ0RUFBUjExMC8GA1UEBRMoRjg1QkI0OTg1NDM5MjIyOEZCOEIzMERCMDVEOTZB
QzY2NENFODNBQjAeFw0yNjA2MjgxODU2MDZaFw0zNjEyMzExODU2MDZaMBgxFjAU
BgNVBAMTDTZhNDE2ZTRjLWI5YTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCsNiK0Mn8Cf2XjOfY3aypwZj+zX5bxOq1Jkpu1ybmV5T5RmrJOgwSAPH1G
xp110OY/OyYZeoaFx5GzRSvyMQQ8h8i0T5puk6pB/QP89WlJeDFlZLLgDc4h5h37
yAZNcVfIkdCGQEXP1TM6ntDWm4NilYG2F7SIMmL3D8Y1yYFB7rorfwfUemkQDdan
4+TxZuLT8L7cjARrJFxj8sIC/C+opibdb4aUp6Z7H1E3pOr7VZsHd1XhCc5kupg0
wnYtRNjUjPWeuRh7NwiO3xKFAVltMVbFzMutGT6NFPPIVThSMc/vVlXaDyLH2Xu9
jdu9aGgGfzbddxOScCHu0eEuFy1LAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUNdOt
ZjLG2lW104lWSc48GAGhCQ8wHwYDVR0jBBgwFoAU+Fu0mFQ5Iij7izDbBdlqxmTO
g6swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE0NEVBL0E4QjdFQzFDODkwOTExRTlCNTdFNjg1RkY4QUVBMjI4Ly1GdTBt
RlE1SWlqN2l6RGJCZGxxeG1UT2c2cy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
Ly1GdTBtRlE1SWlqN2l6RGJCZGxxeG1UT2c2cy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkE0NEVBL0E4QjdFQzFDODkwOTExRTlCNTdFNjg1RkY4QUVB
MjI4LzA3RDY4RjBFNzMyMzExRjFBQzAzQkNCQ0NFMUQzOEIwLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAClMf8wDQYJKoZIhvcNAQELBQAD
ggEBAHRSNlfdjmIgq4cvnicf4fc+OuqbjED4ZL7dG1tbyJ2fBT8WHob16Yv6dJC9
AcFy0PqUHZHh4jE13rwRMv/OQtYRe9pQa/8HogKucwKcFbDTwGFrrSmmyoSUmxGS
udRoEErvlXbfLe7y/VDk4+YdkWvn6mfvqVR6T7tPNaBYqwmqm4ViYlpRqhJLiGBI
SubPgrzBtASWa+vHk0ZE4mCaNHix7t7lt0TQtj7NJNcfhQ5cHB0o+/Gw5bJrhpWl
ic0UWoICosLgahUojOog5XAJ6HuTpa9VvCDp0aFqrjXTEItgudLY57Ljy6w1Lw7d
xnA86N9yNszghDCeAxF9eQea6JM=
-----END CERTIFICATE-----
Generated at Mon Jun 29 10:00:17 2026 by rpki-client