Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/34FA4DB081BE11F0A10E9B90DAE4EC9C.roa
File: 34FA4DB081BE11F0A10E9B90DAE4EC9C.roa (raw, json)
Hash identifier: 8x4FmUmzHihFdkS67NoG3yrA6GRH5uIQZ2IBLk/Ypnc=
Subject key identifier: 93:E3:78:FC:C9:83:62:54:6F:29:A1:BF:BD:4F:AC:D8:DD:65:54:72
Certificate issuer: /CN=F36A44EAAR/serialNumber=F85BB49854392228FB8B30DB05D96AC664CE83AB
Certificate serial: 0949
Authority key identifier: F8:5B:B4:98:54:39:22:28:FB:8B:30:DB:05:D9:6A:C6:64:CE:83:AB
Authority info access: rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/34FA4DB081BE11F0A10E9B90DAE4EC9C.roa
Signing time: Mon 25 Aug 2025 14:17:18 +0000
ROA not before: Mon 25 Aug 2025 14:17:12 +0000
ROA not after: Mon 31 Dec 2035 14:17:12 +0000
asID: 49608
IP address blocks: 165.49.73.0/24 maxlen: 24
165.49.82.0/24 maxlen: 24
165.49.105.0/24 maxlen: 24
165.49.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.mft
rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 28 Aug 2025 08:43:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2377 (0x949)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A44EAAR, serialNumber=F85BB49854392228FB8B30DB05D96AC664CE83AB
Validity
Not Before: Aug 25 14:17:12 2025 GMT
Not After : Dec 31 14:17:12 2035 GMT
Subject: CN=68ac706e-83e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:04:87:30:8f:eb:d6:b7:a8:63:c1:5b:21:6b:
f2:6d:d6:bb:6a:35:39:61:48:b7:42:f1:48:a7:6e:
1e:5d:7d:80:76:0d:0d:74:a6:47:2d:2b:76:06:28:
97:de:fc:46:42:c8:bf:b0:4d:a3:70:6a:5b:56:fe:
08:2c:bd:81:5c:d8:6e:c8:54:dd:77:6d:52:10:de:
c7:03:df:33:ee:2d:a8:df:ee:1b:70:7f:d1:8c:27:
65:eb:21:78:1c:91:9c:39:6a:c6:82:09:a5:0e:46:
c3:aa:85:2b:71:01:e9:f2:1a:c0:57:ae:cf:1a:1a:
42:29:ae:f8:fd:4c:39:26:27:66:1f:ec:5a:88:33:
76:c3:3a:3e:8f:2b:78:e7:27:d0:d9:f9:9c:ee:12:
cf:ef:79:87:55:aa:05:2a:c8:03:b4:0a:98:0e:b8:
32:8b:0a:b0:62:c8:27:4a:b4:92:46:d0:2b:56:33:
07:6a:91:c6:b5:49:9a:64:62:be:af:cb:30:62:5a:
4f:6b:bd:28:9e:f9:6c:df:80:04:de:3f:96:01:13:
9c:f2:80:d2:34:89:13:fb:53:1e:85:36:ad:27:53:
cd:6f:90:89:06:50:06:2a:bf:e1:cc:72:45:d1:da:
d2:63:3b:09:8b:7b:8e:5a:da:38:6b:c5:1a:0d:7a:
74:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:E3:78:FC:C9:83:62:54:6F:29:A1:BF:BD:4F:AC:D8:DD:65:54:72
X509v3 Authority Key Identifier:
keyid:F8:5B:B4:98:54:39:22:28:FB:8B:30:DB:05:D9:6A:C6:64:CE:83:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/34FA4DB081BE11F0A10E9B90DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.49.73.0/24
165.49.82.0/24
165.49.105.0/24
165.49.110.0/24
Signature Algorithm: sha256WithRSAEncryption
40:ac:4b:3f:1b:c7:3c:5e:39:9b:9c:ef:da:60:cc:8d:f7:0b:
ed:e5:3e:42:c0:74:61:2a:7a:58:e7:a3:39:5f:cd:10:65:03:
b3:47:ee:4b:94:e1:06:98:03:25:21:2f:47:52:3c:a6:69:43:
60:e7:b4:96:05:56:f2:f3:75:fe:5d:d8:1e:ba:fa:47:c4:4e:
fe:21:45:03:e5:a3:53:77:f8:b0:bb:6f:a2:d4:98:ee:59:de:
0b:58:dd:87:a9:82:e4:6a:ff:29:60:51:f0:85:16:7c:1e:9a:
ff:cf:de:40:bf:4f:58:ef:85:03:3a:de:ab:3c:3b:64:ba:eb:
36:d9:0d:de:e5:7f:1f:3d:4f:82:3b:f2:dc:81:de:24:c9:d9:
a5:00:ee:a8:6e:67:b0:ac:d3:07:17:cb:80:18:60:37:d2:8d:
35:79:7f:7e:d2:e0:94:75:2f:b6:02:8d:4e:10:ba:14:7f:d0:
1a:77:7a:f2:7e:75:94:01:87:31:c2:50:39:ed:12:23:ff:f3:
6e:9a:4c:f9:1a:ac:88:0a:6d:9c:3e:c8:c2:07:8b:62:51:89:
08:82:62:b8:49:0f:7c:d9:20:40:eb:d8:40:2a:b4:dc:67:e9:
d0:a4:19:de:c1:e8:86:20:4b:2d:57:02:bf:e1:e1:90:a7:e5:
08:a3:9e:ad
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICCUkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTQ0RUFBUjExMC8GA1UEBRMoRjg1QkI0OTg1NDM5MjIyOEZCOEIzMERCMDVEOTZB
QzY2NENFODNBQjAeFw0yNTA4MjUxNDE3MTJaFw0zNTEyMzExNDE3MTJaMBgxFjAU
BgNVBAMTDTY4YWM3MDZlLTgzZTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCkBIcwj+vWt6hjwVsha/Jt1rtqNTlhSLdC8Uinbh5dfYB2DQ10pkctK3YG
KJfe/EZCyL+wTaNwaltW/ggsvYFc2G7IVN13bVIQ3scD3zPuLajf7htwf9GMJ2Xr
IXgckZw5asaCCaUORsOqhStxAenyGsBXrs8aGkIprvj9TDkmJ2Yf7FqIM3bDOj6P
K3jnJ9DZ+ZzuEs/veYdVqgUqyAO0CpgOuDKLCrBiyCdKtJJG0CtWMwdqkca1SZpk
Yr6vyzBiWk9rvSie+WzfgATeP5YBE5zygNI0iRP7Ux6FNq0nU81vkIkGUAYqv+HM
ckXR2tJjOwmLe45a2jhrxRoNenThAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUk+N4
/MmDYlRvKaG/vU+s2N1lVHIwHwYDVR0jBBgwFoAU+Fu0mFQ5Iij7izDbBdlqxmTO
g6swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE0NEVBL0E4QjdFQzFDODkwOTExRTlCNTdFNjg1RkY4QUVBMjI4Ly1GdTBt
RlE1SWlqN2l6RGJCZGxxeG1UT2c2cy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
Ly1GdTBtRlE1SWlqN2l6RGJCZGxxeG1UT2c2cy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkE0NEVBL0E4QjdFQzFDODkwOTExRTlCNTdFNjg1RkY4QUVB
MjI4LzM0RkE0REIwODFCRTExRjBBMTBFOUI5MERBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
MQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAClMUkDBAClMVIDBAClMWkDBACl
MW4wDQYJKoZIhvcNAQELBQADggEBAECsSz8bxzxeOZuc79pgzI33C+3lPkLAdGEq
eljnozlfzRBlA7NH7kuU4QaYAyUhL0dSPKZpQ2DntJYFVvLzdf5d2B66+kfETv4h
RQPlo1N3+LC7b6LUmO5Z3gtY3YepguRq/ylgUfCFFnwemv/P3kC/T1jvhQM63qs8
O2S66zbZDd7lfx89T4I78tyB3iTJ2aUA7qhuZ7Cs0wcXy4AYYDfSjTV5f37S4JR1
L7YCjU4QuhR/0Bp3evJ+dZQBhzHCUDntEiP/826aTPkarIgKbZw+yMIHi2JRiQiC
YrhJD3zZIEDr2EAqtNxn6dCkGd7B6IYgSy1XAr/h4ZCn5Qijnq0=
-----END CERTIFICATE-----
Generated at Tue Aug 26 23:56:52 2025 by rpki-client