Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/A1712AF481BE11F0B9ECEF94DAE4EC9C.roa
File: A1712AF481BE11F0B9ECEF94DAE4EC9C.roa (raw, json)
Hash identifier: lWqYmr9MEwquu55wtOWZGAMycUgOZtg1R8HCBAzdTTs=
Subject key identifier: 33:91:09:E5:6F:40:60:05:6E:2C:E3:8B:50:13:7E:B9:78:A3:60:C5
Certificate issuer: /CN=F36A44EAAR/serialNumber=F85BB49854392228FB8B30DB05D96AC664CE83AB
Certificate serial: 094B
Authority key identifier: F8:5B:B4:98:54:39:22:28:FB:8B:30:DB:05:D9:6A:C6:64:CE:83:AB
Authority info access: rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/A1712AF481BE11F0B9ECEF94DAE4EC9C.roa
Signing time: Mon 25 Aug 2025 14:20:20 +0000
ROA not before: Mon 25 Aug 2025 14:20:15 +0000
ROA not after: Mon 31 Dec 2035 14:20:15 +0000
asID: 214432
IP address blocks: 165.49.81.0/24 maxlen: 24
165.49.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.mft
rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 10 Sep 2025 01:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2379 (0x94b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A44EAAR, serialNumber=F85BB49854392228FB8B30DB05D96AC664CE83AB
Validity
Not Before: Aug 25 14:20:15 2025 GMT
Not After : Dec 31 14:20:15 2035 GMT
Subject: CN=68ac7124-b3a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2b:6d:c7:12:79:85:4d:52:21:3a:bd:5f:c0:
d7:63:a6:92:36:5c:2b:62:47:c7:5e:dc:4a:cb:be:
4f:18:95:80:43:b6:ed:42:6a:c6:bb:fa:22:ed:94:
e5:47:e0:6a:32:da:61:bf:fa:4c:65:95:d8:68:6e:
a2:62:b8:25:a1:23:3e:65:e0:e7:fb:6f:e8:b1:98:
93:49:89:98:87:f5:b0:08:81:d8:4d:0f:59:33:ac:
c9:84:64:a5:1d:c8:37:5d:3f:9f:81:06:7d:27:27:
10:02:75:72:81:b3:f4:40:f9:ff:bb:6e:4f:ee:90:
72:35:00:f3:ce:23:d5:a7:80:35:d0:01:38:38:1d:
8f:8a:cc:37:40:59:5c:34:b7:56:59:c9:e6:17:4b:
9e:c8:8b:61:aa:f2:6d:61:0c:c5:a2:96:a0:cb:72:
5b:4e:b4:91:c7:85:74:66:89:95:cd:0f:82:0c:ca:
77:0e:47:79:2e:9b:96:62:68:1f:b2:12:ea:8b:04:
5a:0c:e9:a5:69:48:a4:8d:71:e5:1a:01:70:cf:bf:
e2:42:e3:95:39:e4:41:6e:d6:f6:82:de:ce:3b:6d:
15:28:9b:f1:20:50:1f:59:7c:d2:e0:2c:06:93:ce:
01:19:3b:67:d5:f7:30:45:45:2c:b3:03:a5:a3:e5:
fb:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:91:09:E5:6F:40:60:05:6E:2C:E3:8B:50:13:7E:B9:78:A3:60:C5
X509v3 Authority Key Identifier:
keyid:F8:5B:B4:98:54:39:22:28:FB:8B:30:DB:05:D9:6A:C6:64:CE:83:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/-Fu0mFQ5Iij7izDbBdlqxmTOg6s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A44EA/A8B7EC1C890911E9B57E685FF8AEA228/A1712AF481BE11F0B9ECEF94DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.49.81.0/24
165.49.108.0/24
Signature Algorithm: sha256WithRSAEncryption
52:97:67:96:4b:c9:3a:68:12:d2:9c:4c:6f:99:a5:e9:cc:96:
fa:ae:94:2e:1d:0c:f8:cc:a9:92:1b:56:c5:c7:c8:5f:47:9a:
b3:54:66:1e:9e:41:f5:aa:e3:5d:c0:a8:bd:08:4d:61:ff:a2:
0f:b6:77:b6:b5:af:d1:3a:79:b2:c4:b2:cd:2a:47:77:ba:e0:
8f:07:07:da:97:15:d9:d9:04:8e:2f:b1:f2:a7:65:d2:8b:23:
af:4e:92:33:43:21:f2:b6:c5:01:59:85:fb:1e:d3:e7:3e:3e:
54:0f:8a:e3:b1:66:83:36:5b:91:42:e2:b6:20:c9:c6:54:d0:
86:48:ae:c0:0a:d0:0d:d6:15:46:ca:d6:a0:e5:a7:ee:7c:dc:
58:00:b5:e6:b7:99:62:78:80:6e:18:8b:00:8d:55:ee:9b:66:
e5:87:fa:5b:bf:58:d4:1a:01:03:57:56:33:b4:da:cf:73:2f:
a6:85:a1:c5:0c:9b:15:c0:52:4b:f2:a2:7a:cf:da:9f:7c:85:
1e:44:a5:47:ba:ff:26:48:0f:d3:9f:19:da:9a:78:dd:c0:55:
86:20:88:76:81:5e:47:f1:c1:15:19:73:77:19:a3:96:84:76:
d6:bf:3c:48:9e:bc:c7:2d:90:a6:05:94:f2:5c:70:a3:a3:8c:
34:97:1d:3c
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCUswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTQ0RUFBUjExMC8GA1UEBRMoRjg1QkI0OTg1NDM5MjIyOEZCOEIzMERCMDVEOTZB
QzY2NENFODNBQjAeFw0yNTA4MjUxNDIwMTVaFw0zNTEyMzExNDIwMTVaMBgxFjAU
BgNVBAMTDTY4YWM3MTI0LWIzYTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC0K23HEnmFTVIhOr1fwNdjppI2XCtiR8de3ErLvk8YlYBDtu1Casa7+iLt
lOVH4Goy2mG/+kxlldhobqJiuCWhIz5l4Of7b+ixmJNJiZiH9bAIgdhND1kzrMmE
ZKUdyDddP5+BBn0nJxACdXKBs/RA+f+7bk/ukHI1APPOI9WngDXQATg4HY+KzDdA
WVw0t1ZZyeYXS57Ii2Gq8m1hDMWilqDLcltOtJHHhXRmiZXND4IMyncOR3kum5Zi
aB+yEuqLBFoM6aVpSKSNceUaAXDPv+JC45U55EFu1vaC3s47bRUom/EgUB9ZfNLg
LAaTzgEZO2fV9zBFRSyzA6Wj5fuBAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUM5EJ
5W9AYAVuLOOLUBN+uXijYMUwHwYDVR0jBBgwFoAU+Fu0mFQ5Iij7izDbBdlqxmTO
g6swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE0NEVBL0E4QjdFQzFDODkwOTExRTlCNTdFNjg1RkY4QUVBMjI4Ly1GdTBt
RlE1SWlqN2l6RGJCZGxxeG1UT2c2cy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
Ly1GdTBtRlE1SWlqN2l6RGJCZGxxeG1UT2c2cy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkE0NEVBL0E4QjdFQzFDODkwOTExRTlCNTdFNjg1RkY4QUVB
MjI4L0ExNzEyQUY0ODFCRTExRjBCOUVDRUY5NERBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
JQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAClMVEDBAClMWwwDQYJKoZIhvcN
AQELBQADggEBAFKXZ5ZLyTpoEtKcTG+ZpenMlvqulC4dDPjMqZIbVsXHyF9HmrNU
Zh6eQfWq413AqL0ITWH/og+2d7a1r9E6ebLEss0qR3e64I8HB9qXFdnZBI4vsfKn
ZdKLI69OkjNDIfK2xQFZhfse0+c+PlQPiuOxZoM2W5FC4rYgycZU0IZIrsAK0A3W
FUbK1qDlp+583FgAtea3mWJ4gG4YiwCNVe6bZuWH+lu/WNQaAQNXVjO02s9zL6aF
ocUMmxXAUkvyonrP2p98hR5EpUe6/yZID9OfGdqaeN3AVYYgiHaBXkfxwRUZc3cZ
o5aEdta/PEievMctkKYFlPJccKOjjDSXHTw=
-----END CERTIFICATE-----
Generated at Tue Sep 9 02:29:55 2025 by rpki-client