Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/3A5DFE28A54F11F0B13F0497DAE4EC9C.roa
File: 3A5DFE28A54F11F0B13F0497DAE4EC9C.roa (raw, json)
Hash identifier: NNO5sSw/UFwKzwGiRkwN/NVCGsBggo3J2TIyujyX1ho=
Subject key identifier: CF:04:D5:2F:A9:DC:AC:1C:CA:F0:A6:2B:02:4E:72:6F:35:B2:F6:FD
Certificate issuer: /CN=F36A44EAAR/serialNumber=F85BB49854392228FB8B30DB05D96AC664CE83AB
Certificate serial: 09A3
Authority key identifier: F8:5B:B4:98:54:39:22:28:FB:8B:30:DB:05:D9:6A:C6:64:CE:83:AB
Authority info access: rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/3A5DFE28A54F11F0B13F0497DAE4EC9C.roa
Signing time: Thu 09 Oct 2025 20:33:35 +0000
ROA not before: Thu 09 Oct 2025 20:33:25 +0000
ROA not after: Mon 31 Dec 2035 20:33:25 +0000
asID: 984
IP address blocks: 165.49.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.mft
rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2467 (0x9a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A44EAAR, serialNumber=F85BB49854392228FB8B30DB05D96AC664CE83AB
Validity
Not Before: Oct 9 20:33:25 2025 GMT
Not After : Dec 31 20:33:25 2035 GMT
Subject: CN=68e81c1f-e9d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d6:96:24:11:56:92:9d:13:fc:07:2a:9e:a1:
7e:9f:e6:dd:71:33:21:48:21:d5:31:05:ad:7a:10:
b0:c6:72:ac:c2:c1:e2:eb:98:e9:6b:6a:eb:b6:0e:
0b:d2:29:3c:cb:0b:71:a0:e1:60:5b:d7:f7:cc:dd:
8a:8f:f5:6d:b5:bb:57:07:b3:8e:51:04:b4:29:dd:
c7:9b:3a:23:4c:95:37:72:e2:63:31:85:8d:62:e8:
e5:a7:aa:b8:c2:1c:55:0a:a7:fa:8d:c8:f8:34:42:
be:b2:47:46:5e:cd:9b:cd:e6:8d:66:92:f1:37:8f:
6f:32:8a:8b:d1:72:34:9e:40:6d:24:ed:f8:c3:f2:
56:1f:7b:6d:26:85:c3:a9:d0:4d:46:9c:54:78:bb:
9a:59:33:cf:be:c8:e9:7a:34:32:85:d1:fe:89:74:
1b:b5:bb:08:89:5d:f7:43:42:ed:37:19:36:86:3d:
b7:b1:da:18:d7:25:36:f9:f4:0a:08:1f:0e:5e:9c:
e5:fb:d7:02:88:b3:81:49:ef:0f:08:d1:68:2a:ae:
8c:78:b3:11:9a:1f:de:c6:00:e7:e3:90:96:8b:02:
05:27:42:4c:21:83:43:2e:46:49:73:17:ba:03:34:
9d:99:54:d4:97:79:2e:19:a0:e9:1f:1f:f2:6b:c0:
73:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:04:D5:2F:A9:DC:AC:1C:CA:F0:A6:2B:02:4E:72:6F:35:B2:F6:FD
X509v3 Authority Key Identifier:
keyid:F8:5B:B4:98:54:39:22:28:FB:8B:30:DB:05:D9:6A:C6:64:CE:83:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/3A5DFE28A54F11F0B13F0497DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.49.254.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:9e:4b:af:13:07:e3:66:86:57:2e:cb:32:d1:cc:db:05:50:
70:ee:4c:76:86:d1:6b:b7:07:77:67:e8:a8:4c:b3:13:6b:ef:
3d:87:11:d3:f1:30:81:20:c7:5d:fd:7f:7c:dc:ca:79:ba:aa:
ce:f6:9f:0d:94:24:5a:9b:c1:ff:5f:a5:7c:1f:88:84:7f:f8:
6e:b6:e2:85:35:c6:db:37:ce:78:8e:ae:f8:1c:f3:4d:3d:bf:
8f:8d:9c:71:6c:e6:14:b5:5e:47:8f:2a:14:e0:b5:25:2d:2c:
03:40:84:13:c2:75:0c:81:5f:c6:07:86:f5:5f:52:cd:a2:92:
df:52:07:f0:25:5f:63:9a:e6:d9:5e:11:26:76:fd:84:27:e3:
d9:4d:2b:25:c9:aa:e7:bb:c3:ec:3a:44:71:b4:6a:62:02:53:
d3:07:96:cd:b0:9b:74:d5:6f:89:f2:10:e5:fe:e3:1a:8f:09:
0e:a4:30:2d:e0:a6:2f:80:75:8e:7d:4f:6e:e4:a9:de:4a:13:
93:00:ae:84:b6:fc:f7:62:9f:ff:0c:ff:f8:1f:94:7e:66:08:
91:9d:c3:8b:a7:b4:85:90:b5:a5:19:48:4f:e3:6b:5e:c4:0f:
82:73:f5:77:d8:bb:00:dd:f9:87:5a:d9:2f:63:62:61:5a:2f:
e7:b2:bc:b9
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCaMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTQ0RUFBUjExMC8GA1UEBRMoRjg1QkI0OTg1NDM5MjIyOEZCOEIzMERCMDVEOTZB
QzY2NENFODNBQjAeFw0yNTEwMDkyMDMzMjVaFw0zNTEyMzEyMDMzMjVaMBgxFjAU
BgNVBAMTDTY4ZTgxYzFmLWU5ZDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC51pYkEVaSnRP8ByqeoX6f5t1xMyFIIdUxBa16ELDGcqzCweLrmOlrauu2
DgvSKTzLC3Gg4WBb1/fM3YqP9W21u1cHs45RBLQp3cebOiNMlTdy4mMxhY1i6OWn
qrjCHFUKp/qNyPg0Qr6yR0ZezZvN5o1mkvE3j28yiovRcjSeQG0k7fjD8lYfe20m
hcOp0E1GnFR4u5pZM8++yOl6NDKF0f6JdBu1uwiJXfdDQu03GTaGPbex2hjXJTb5
9AoIHw5enOX71wKIs4FJ7w8I0Wgqrox4sxGaH97GAOfjkJaLAgUnQkwhg0MuRklz
F7oDNJ2ZVNSXeS4ZoOkfH/JrwHP9AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUzwTV
L6ncrBzK8KYrAk5ybzWy9v0wHwYDVR0jBBgwFoAU+Fu0mFQ5Iij7izDbBdlqxmTO
g6swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE0NEVBL0E4QjdFQzFDODkwOTExRTlCNTdFNjg1RkY4QUVBMjI4Ly1GdTBt
RlE1SWlqN2l6RGJCZGxxeG1UT2c2cy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
Ly1GdTBtRlE1SWlqN2l6RGJCZGxxeG1UT2c2cy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkE0NEVBL0E4QjdFQzFDODkwOTExRTlCNTdFNjg1RkY4QUVB
MjI4LzNBNURGRTI4QTU0RjExRjBCMTNGMDQ5N0RBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAClMf4wDQYJKoZIhvcNAQELBQAD
ggEBAKueS68TB+NmhlcuyzLRzNsFUHDuTHaG0Wu3B3dn6KhMsxNr7z2HEdPxMIEg
x139f3zcynm6qs72nw2UJFqbwf9fpXwfiIR/+G624oU1xts3zniOrvgc8009v4+N
nHFs5hS1XkePKhTgtSUtLANAhBPCdQyBX8YHhvVfUs2ikt9SB/AlX2Oa5tleESZ2
/YQn49lNKyXJque7w+w6RHG0amICU9MHls2wm3TVb4nyEOX+4xqPCQ6kMC3gpi+A
dY59T27kqd5KE5MAroS2/Pdin/8M//gflH5mCJGdw4untIWQtaUZSE/ja17ED4Jz
9XfYuwDd+Yda2S9jYmFaL+eyvLk=
-----END CERTIFICATE-----
Generated at Sun Oct 19 16:05:33 2025 by rpki-client