Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/31407C0E3E1411F1867697BDCE1D38B0.roa
File: 31407C0E3E1411F1867697BDCE1D38B0.roa (raw, json)
Hash identifier: ifroiVMGBsTU37l8Ktf/K4ZuvRiGzQwbTvoGj97g0As=
Subject key identifier: 71:8C:73:54:BE:69:2F:52:8E:14:9A:B4:EA:F3:EF:93:94:80:C7:53
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C655
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/31407C0E3E1411F1867697BDCE1D38B0.roa
Signing time: Wed 22 Apr 2026 06:26:27 +0000
ROA not before: Wed 22 Apr 2026 06:26:23 +0000
ROA not after: Thu 30 Apr 2026 06:26:23 +0000
asID: 139880
IP address blocks: 154.206.128.0/18 maxlen: 24
154.215.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 29 Apr 2026 00:07:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116309 (0x1c655)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 22 06:26:23 2026 GMT
Not After : Apr 30 06:26:23 2026 GMT
Subject: CN=69e86a13-90c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:42:d6:d7:eb:53:29:11:c0:1c:eb:47:43:34:
4e:58:f8:49:b5:7e:82:78:06:0d:d3:f3:2e:4d:65:
d1:00:f1:22:db:a7:25:6d:ad:4c:c4:43:a9:0a:a5:
31:71:9d:1f:e0:e8:fc:24:54:f9:07:a0:9f:c8:0e:
c2:ea:53:bb:68:9d:6c:42:16:b1:3e:d5:c0:00:da:
70:cd:82:82:33:49:8d:1e:3a:c7:80:21:0d:0f:88:
da:74:b1:f2:f0:9c:af:4c:e1:6c:1e:03:37:fb:a7:
fa:22:d3:a0:f0:80:b4:bd:2d:af:0c:18:e4:28:9e:
e3:0f:ec:b2:d2:4a:44:ae:0d:3c:2f:2e:2d:cb:78:
fd:21:e8:db:cf:fb:f3:d4:50:ce:1c:e7:e1:77:d0:
a0:aa:9b:11:de:0b:91:39:98:ba:b5:4e:f2:61:82:
b2:47:3a:f4:d5:ce:f8:9c:76:28:c4:52:91:1b:3c:
c9:0f:b6:20:09:a2:88:2f:a6:bc:c8:3d:94:a5:93:
d6:fc:65:77:d9:dc:60:73:fa:5e:ce:00:90:3f:f1:
54:21:c3:36:4c:6e:4e:c2:42:b0:16:36:5f:59:b1:
0e:1f:ad:5d:a8:75:6e:02:0e:14:31:eb:eb:13:49:
1c:31:83:3d:09:6e:ec:af:a4:e0:1e:1d:b3:95:16:
9c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:8C:73:54:BE:69:2F:52:8E:14:9A:B4:EA:F3:EF:93:94:80:C7:53
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/31407C0E3E1411F1867697BDCE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.128.0/18
154.215.64.0/18
Signature Algorithm: sha256WithRSAEncryption
6c:5d:44:c1:49:15:a5:11:77:bd:b0:86:62:7d:ba:08:93:79:
80:9e:02:c7:b5:8f:8f:e5:9e:4e:cd:42:1a:4d:56:4b:3c:97:
6f:2a:9b:d5:89:ea:b0:64:ef:d3:fa:6a:bf:1a:de:6e:de:92:
88:ac:b1:ac:cf:f4:8d:13:92:cb:cd:ac:3c:e0:6d:5f:7b:3d:
10:9e:a5:ea:37:a0:91:0e:af:b2:13:b0:ce:72:63:a8:69:b0:
da:7b:ba:37:fa:83:2d:4e:44:30:d8:01:7d:ed:ee:3e:02:7d:
64:db:e1:9b:7b:87:27:b0:eb:bc:93:00:80:4d:2e:6d:30:03:
d9:7f:7c:a9:49:f6:27:7f:b0:c7:c5:c7:d6:f5:1f:a6:7a:22:
08:08:ae:98:76:94:a6:20:dc:51:10:c6:20:4d:45:c9:e9:52:
bd:cc:f8:cb:bd:df:99:25:62:f8:50:2f:13:e5:3d:d3:ff:6b:
f3:3e:81:ce:01:83:c3:4e:2f:3e:06:0d:0d:ba:6e:01:09:bf:
9e:28:20:f5:43:c9:80:13:4d:85:7f:95:f7:99:b5:b5:0a:a0:
52:e5:f9:ee:81:2e:0c:bd:90:8e:07:40:55:63:10:c9:c2:40:
f9:32:14:70:e8:5f:6b:0e:77:a6:6a:47:91:8a:2f:82:09:ce:
cb:94:2d:d9
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAcZVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDIyMDYyNjIzWhcNMjYwNDMwMDYyNjIzWjAYMRYw
FAYDVQQDEw02OWU4NmExMy05MGMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtkLW1+tTKRHAHOtHQzROWPhJtX6CeAYN0/MuTWXRAPEi26clba1MxEOp
CqUxcZ0f4Oj8JFT5B6CfyA7C6lO7aJ1sQhaxPtXAANpwzYKCM0mNHjrHgCEND4ja
dLHy8JyvTOFsHgM3+6f6ItOg8IC0vS2vDBjkKJ7jD+yy0kpErg08Ly4ty3j9Iejb
z/vz1FDOHOfhd9CgqpsR3guROZi6tU7yYYKyRzr01c74nHYoxFKRGzzJD7YgCaKI
L6a8yD2UpZPW/GV32dxgc/pezgCQP/FUIcM2TG5OwkKwFjZfWbEOH61dqHVuAg4U
MevrE0kcMYM9CW7sr6TgHh2zlRacIwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFHGM
c1S+aS9SjhSatOrz75OUgMdTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMTQwN0MwRTNFMTQxMUYxODY3Njk3QkRDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGms6AAwQGmtdAMA0GCSqG
SIb3DQEBCwUAA4IBAQBsXUTBSRWlEXe9sIZifboIk3mAngLHtY+P5Z5OzUIaTVZL
PJdvKpvVieqwZO/T+mq/Gt5u3pKIrLGsz/SNE5LLzaw84G1fez0QnqXqN6CRDq+y
E7DOcmOoabDae7o3+oMtTkQw2AF97e4+An1k2+Gbe4cnsOu8kwCATS5tMAPZf3yp
SfYnf7DHxcfW9R+meiIICK6YdpSmINxREMYgTUXJ6VK9zPjLvd+ZJWL4UC8T5T3T
/2vzPoHOAYPDTi8+Bg0Num4BCb+eKCD1Q8mAE02Ff5X3mbW1CqBS5fnugS4MvZCO
B0BVYxDJwkD5MhRw6F9rDnemakeRii+CCc7LlC3Z
-----END CERTIFICATE-----
Generated at Mon Apr 27 13:34:17 2026 by rpki-client