Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/3FB6DA2A1C6E11F196E53A8ADAE4EC9C.roa
File: 3FB6DA2A1C6E11F196E53A8ADAE4EC9C.roa (raw, json)
Hash identifier: Hydk1Z5Gc0ZZiwHp8lasKVi6IHBuFNSmQhDWI16MZmI=
Subject key identifier: B2:05:CE:92:8C:CB:72:28:6C:F5:EA:97:E2:DD:74:C6:30:3D:D7:1F
Certificate issuer: /CN=F36A44EAAR/serialNumber=F85BB49854392228FB8B30DB05D96AC664CE83AB
Certificate serial: 0B29
Authority key identifier: F8:5B:B4:98:54:39:22:28:FB:8B:30:DB:05:D9:6A:C6:64:CE:83:AB
Authority info access: rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/3FB6DA2A1C6E11F196E53A8ADAE4EC9C.roa
Signing time: Tue 10 Mar 2026 10:45:27 +0000
ROA not before: Tue 10 Mar 2026 10:45:22 +0000
ROA not after: Wed 31 Dec 2036 10:45:22 +0000
asID: 63199
IP address blocks: 165.49.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.mft
rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 23 Mar 2026 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2857 (0xb29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A44EAAR, serialNumber=F85BB49854392228FB8B30DB05D96AC664CE83AB
Validity
Not Before: Mar 10 10:45:22 2026 GMT
Not After : Dec 31 10:45:22 2036 GMT
Subject: CN=69aff647-481f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:dd:f7:49:14:aa:37:7f:11:dd:dc:fc:bf:b2:
0b:88:e9:59:51:58:8f:22:9e:35:d9:b0:d9:34:42:
e7:04:09:66:3c:66:35:e5:fa:a7:5d:25:93:09:5a:
6f:11:81:fe:ee:e5:4c:e9:30:c5:2e:5d:38:a5:91:
ce:8c:02:ec:5a:4a:ee:19:dc:48:95:e5:14:2a:6b:
a8:3b:59:db:92:21:52:e8:08:58:81:3c:c6:ff:56:
10:85:09:d1:28:13:4e:d7:35:bb:b5:aa:40:b6:b5:
eb:4b:f6:5d:d0:aa:0c:71:90:f7:df:ef:ec:dc:9a:
07:c8:06:42:c8:31:ef:ac:e9:a7:c1:b8:78:02:bf:
7b:13:15:da:e5:b5:d8:c9:bb:05:df:19:0b:28:80:
3e:a0:9b:cd:b5:0c:aa:b5:58:78:eb:67:78:48:cc:
3e:3b:b6:ce:2d:85:00:53:21:78:62:bb:e0:f1:c2:
6a:b5:86:7b:94:80:9d:51:dd:58:54:a4:39:0c:d7:
1f:76:08:f8:7e:71:87:59:10:96:ac:a2:89:77:51:
89:b1:cc:f1:eb:15:ec:9a:25:6f:ca:b5:cd:20:98:
38:a2:d1:d0:82:88:39:08:1f:94:c2:dc:95:e7:4e:
5b:14:3f:44:63:8f:5e:67:26:6d:b6:82:14:72:e2:
93:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:05:CE:92:8C:CB:72:28:6C:F5:EA:97:E2:DD:74:C6:30:3D:D7:1F
X509v3 Authority Key Identifier:
keyid:F8:5B:B4:98:54:39:22:28:FB:8B:30:DB:05:D9:6A:C6:64:CE:83:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/3FB6DA2A1C6E11F196E53A8ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.49.64.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:33:9e:c4:48:eb:59:94:3e:c8:26:ee:10:34:f9:46:49:68:
2c:35:da:5b:9f:29:19:2c:c2:88:58:4e:d7:e8:16:c1:65:b0:
1b:66:97:42:e6:56:59:45:1c:a1:50:0f:72:2a:d4:a6:ec:b4:
55:ea:53:21:f0:5e:0f:a9:7f:dc:06:dc:b3:97:4d:e8:b6:88:
05:fc:e2:a2:1a:4e:ee:d1:4a:00:73:d1:2b:b1:91:38:a8:8c:
b2:ba:a0:ce:f5:ea:50:e9:bf:c7:44:b2:65:c3:1b:3f:cd:61:
65:11:26:5b:79:57:f0:36:bb:1d:2d:5f:eb:34:61:7e:7b:82:
9b:64:fb:e9:b7:1c:20:76:52:31:df:8b:a8:e5:ed:30:bf:1c:
8d:11:5d:65:e3:3e:ce:26:16:0d:ca:bc:0b:33:c8:26:91:14:
c2:c7:6e:b7:a1:6c:18:55:19:36:bc:85:44:11:07:f4:b2:1b:
e2:47:0f:6b:aa:7e:27:e8:84:89:38:fb:bb:91:cc:4d:aa:20:
ee:3b:10:ad:6d:83:5c:e1:18:5f:7e:22:03:6d:05:c0:a0:0b:
d9:cc:36:00:47:28:78:24:5a:a3:30:a7:48:66:42:e0:06:4a:
e5:8c:c6:02:d5:f2:92:b2:57:4e:0e:93:90:7c:a5:e5:5b:80:
6c:0d:68:de
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCykwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTQ0RUFBUjExMC8GA1UEBRMoRjg1QkI0OTg1NDM5MjIyOEZCOEIzMERCMDVEOTZB
QzY2NENFODNBQjAeFw0yNjAzMTAxMDQ1MjJaFw0zNjEyMzExMDQ1MjJaMBgxFjAU
BgNVBAMTDTY5YWZmNjQ3LTQ4MWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCq3fdJFKo3fxHd3Py/sguI6VlRWI8injXZsNk0QucECWY8ZjXl+qddJZMJ
Wm8Rgf7u5UzpMMUuXTilkc6MAuxaSu4Z3EiV5RQqa6g7WduSIVLoCFiBPMb/VhCF
CdEoE07XNbu1qkC2tetL9l3QqgxxkPff7+zcmgfIBkLIMe+s6afBuHgCv3sTFdrl
tdjJuwXfGQsogD6gm821DKq1WHjrZ3hIzD47ts4thQBTIXhiu+Dxwmq1hnuUgJ1R
3VhUpDkM1x92CPh+cYdZEJasool3UYmxzPHrFeyaJW/Ktc0gmDii0dCCiDkIH5TC
3JXnTlsUP0Rjj15nJm22ghRy4pPtAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUsgXO
kozLcihs9eqX4t10xjA91x8wHwYDVR0jBBgwFoAU+Fu0mFQ5Iij7izDbBdlqxmTO
g6swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE0NEVBL0E4QjdFQzFDODkwOTExRTlCNTdFNjg1RkY4QUVBMjI4Ly1GdTBt
RlE1SWlqN2l6RGJCZGxxeG1UT2c2cy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
Ly1GdTBtRlE1SWlqN2l6RGJCZGxxeG1UT2c2cy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkE0NEVBL0E4QjdFQzFDODkwOTExRTlCNTdFNjg1RkY4QUVB
MjI4LzNGQjZEQTJBMUM2RTExRjE5NkU1M0E4QURBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAClMUAwDQYJKoZIhvcNAQELBQAD
ggEBALQznsRI61mUPsgm7hA0+UZJaCw12lufKRkswohYTtfoFsFlsBtml0LmVllF
HKFQD3Iq1KbstFXqUyHwXg+pf9wG3LOXTei2iAX84qIaTu7RSgBz0SuxkTiojLK6
oM716lDpv8dEsmXDGz/NYWURJlt5V/A2ux0tX+s0YX57gptk++m3HCB2UjHfi6jl
7TC/HI0RXWXjPs4mFg3KvAszyCaRFMLHbrehbBhVGTa8hUQRB/SyG+JHD2uqfifo
hIk4+7uRzE2qIO47EK1tg1zhGF9+IgNtBcCgC9nMNgBHKHgkWqMwp0hmQuAGSuWM
xgLV8pKyV04Ok5B8peVbgGwNaN4=
-----END CERTIFICATE-----
Generated at Sat Mar 21 10:03:02 2026 by rpki-client