Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/26F9EAEE988A11F096DB04D3DAE4EC9C.roa
File: 26F9EAEE988A11F096DB04D3DAE4EC9C.roa (raw, json)
Hash identifier: /X2OiNg09temYTzhojyeYD1597tIB2prMTfasOSu0HQ=
Subject key identifier: A0:E8:B8:C0:2B:14:47:71:05:7C:AF:51:BC:FA:01:A2:9A:F4:C6:3A
Certificate issuer: /CN=F36A44EAAR/serialNumber=F85BB49854392228FB8B30DB05D96AC664CE83AB
Certificate serial: 0983
Authority key identifier: F8:5B:B4:98:54:39:22:28:FB:8B:30:DB:05:D9:6A:C6:64:CE:83:AB
Authority info access: rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/26F9EAEE988A11F096DB04D3DAE4EC9C.roa
Signing time: Tue 23 Sep 2025 14:32:38 +0000
ROA not before: Tue 23 Sep 2025 14:32:30 +0000
ROA not after: Mon 31 Dec 2035 14:32:30 +0000
asID: 9304
IP address blocks: 165.49.70.0/24 maxlen: 24
165.49.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.mft
rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2435 (0x983)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A44EAAR, serialNumber=F85BB49854392228FB8B30DB05D96AC664CE83AB
Validity
Not Before: Sep 23 14:32:30 2025 GMT
Not After : Dec 31 14:32:30 2035 GMT
Subject: CN=68d2af86-b2bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:dd:7f:71:87:33:d5:70:da:e0:57:38:1f:43:
41:36:4c:63:b8:41:64:97:f0:a7:fe:c1:2e:1d:91:
40:e1:e1:fc:91:8f:0e:24:a3:f4:06:7f:67:2b:9e:
45:83:64:12:8c:c5:9c:bd:61:75:a2:6e:ca:5e:fd:
e9:83:6a:e5:7f:a1:77:a4:33:99:9d:56:75:63:46:
de:e9:66:8e:09:49:d7:b6:8d:72:c8:f9:93:16:e7:
3a:d1:aa:c9:a5:b1:b8:81:84:e7:e6:05:62:a3:7c:
b7:dc:87:bd:ae:3d:a6:b1:dd:a0:1f:ad:c8:44:5b:
6e:53:ef:06:cc:49:54:2e:1c:88:63:96:12:b7:10:
88:01:d5:0c:05:ca:9b:5c:a9:69:0b:f0:fa:58:4b:
eb:12:1d:b8:11:67:a2:e2:8d:60:8e:6b:8f:dc:e9:
d5:12:95:63:83:59:2e:8a:3c:53:66:05:e7:86:fa:
83:d3:25:83:9a:42:b7:24:45:de:93:59:ba:9f:79:
56:15:8b:32:97:31:14:d6:03:c9:fd:21:b6:71:8d:
8c:18:c2:28:0b:53:bb:dc:89:4f:2c:61:cb:63:c7:
d3:56:60:ae:a1:fd:fd:c2:30:6f:0e:fa:be:59:50:
90:55:3f:64:ca:f9:a6:68:7d:b2:3b:8e:c5:88:06:
19:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:E8:B8:C0:2B:14:47:71:05:7C:AF:51:BC:FA:01:A2:9A:F4:C6:3A
X509v3 Authority Key Identifier:
keyid:F8:5B:B4:98:54:39:22:28:FB:8B:30:DB:05:D9:6A:C6:64:CE:83:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/26F9EAEE988A11F096DB04D3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.49.70.0/24
165.49.242.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:f4:e9:d1:4c:60:fc:7b:53:f5:5b:ba:ee:5b:09:58:67:40:
e7:da:97:4a:c3:da:f1:1c:d3:f0:d5:2a:95:27:80:67:36:43:
6f:7e:85:0b:18:64:1f:ac:32:9e:f2:30:6d:6b:cb:d0:26:10:
bd:97:29:06:ad:7d:ed:dc:78:76:e0:99:2b:69:ef:e7:95:0a:
24:e2:85:21:df:32:1e:2a:27:69:77:7b:d0:5d:e1:c3:11:18:
64:bc:8a:b4:e2:ae:5b:01:08:74:a2:85:99:06:77:63:0c:a0:
e7:41:92:2d:12:c1:a8:23:e2:f6:e5:ff:07:d6:91:ea:04:9f:
df:be:e8:be:a4:b1:23:be:bb:70:0c:23:a8:6f:8e:d4:12:14:
89:83:41:40:a6:dd:82:68:ff:91:c3:af:d4:25:0d:55:92:a9:
7d:50:fc:46:82:4e:a1:53:bf:b8:ca:35:9f:99:54:77:ca:27:
83:28:bd:58:bb:65:be:da:30:91:e7:e5:ed:ce:fc:93:8e:4f:
15:2c:73:ad:62:0b:68:1c:f8:4a:c1:ed:02:61:64:e4:e9:7d:
5a:7a:c0:ad:a5:a1:99:bd:18:53:f2:a5:86:cd:65:7e:89:05:
00:7e:0e:f0:44:a9:5a:2d:50:42:72:15:6f:f5:96:11:02:be:
0a:17:d2:f7
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCYMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTQ0RUFBUjExMC8GA1UEBRMoRjg1QkI0OTg1NDM5MjIyOEZCOEIzMERCMDVEOTZB
QzY2NENFODNBQjAeFw0yNTA5MjMxNDMyMzBaFw0zNTEyMzExNDMyMzBaMBgxFjAU
BgNVBAMTDTY4ZDJhZjg2LWIyYmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDV3X9xhzPVcNrgVzgfQ0E2TGO4QWSX8Kf+wS4dkUDh4fyRjw4ko/QGf2cr
nkWDZBKMxZy9YXWibspe/emDauV/oXekM5mdVnVjRt7pZo4JSde2jXLI+ZMW5zrR
qsmlsbiBhOfmBWKjfLfch72uPaax3aAfrchEW25T7wbMSVQuHIhjlhK3EIgB1QwF
yptcqWkL8PpYS+sSHbgRZ6LijWCOa4/c6dUSlWODWS6KPFNmBeeG+oPTJYOaQrck
Rd6TWbqfeVYVizKXMRTWA8n9IbZxjYwYwigLU7vciU8sYctjx9NWYK6h/f3CMG8O
+r5ZUJBVP2TK+aZofbI7jsWIBhnfAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUoOi4
wCsUR3EFfK9RvPoBopr0xjowHwYDVR0jBBgwFoAU+Fu0mFQ5Iij7izDbBdlqxmTO
g6swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE0NEVBL0E4QjdFQzFDODkwOTExRTlCNTdFNjg1RkY4QUVBMjI4Ly1GdTBt
RlE1SWlqN2l6RGJCZGxxeG1UT2c2cy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
Ly1GdTBtRlE1SWlqN2l6RGJCZGxxeG1UT2c2cy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkE0NEVBL0E4QjdFQzFDODkwOTExRTlCNTdFNjg1RkY4QUVB
MjI4LzI2RjlFQUVFOTg4QTExRjA5NkRCMDREM0RBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
JQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAClMUYDBAClMfIwDQYJKoZIhvcN
AQELBQADggEBAMH06dFMYPx7U/Vbuu5bCVhnQOfal0rD2vEc0/DVKpUngGc2Q29+
hQsYZB+sMp7yMG1ry9AmEL2XKQatfe3ceHbgmStp7+eVCiTihSHfMh4qJ2l3e9Bd
4cMRGGS8irTirlsBCHSihZkGd2MMoOdBki0Swagj4vbl/wfWkeoEn9++6L6ksSO+
u3AMI6hvjtQSFImDQUCm3YJo/5HDr9QlDVWSqX1Q/EaCTqFTv7jKNZ+ZVHfKJ4Mo
vVi7Zb7aMJHn5e3O/JOOTxUsc61iC2gc+ErB7QJhZOTpfVp6wK2loZm9GFPypYbN
ZX6JBQB+DvBEqVotUEJyFW/1lhECvgoX0vc=
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:34:27 2025 by rpki-client