Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/31E2BEF4455A11F1B4029F10CF1D38B0.roa
File: 31E2BEF4455A11F1B4029F10CF1D38B0.roa (raw, json)
Hash identifier: VM8OscoyQNAH58vlDan5yd1ZAE6lZ3m2UZ+rgBn9ZBs=
Subject key identifier: 5E:FD:33:E9:3C:76:9C:D2:AA:A2:AB:E8:99:33:38:E5:3E:96:07:01
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C891
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/31E2BEF4455A11F1B4029F10CF1D38B0.roa
Signing time: Fri 01 May 2026 12:35:11 +0000
ROA not before: Fri 01 May 2026 12:35:06 +0000
ROA not after: Mon 30 Apr 2029 12:35:06 +0000
asID: 17561
IP address blocks: 154.207.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116881 (0x1c891)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 1 12:35:06 2026 GMT
Not After : Apr 30 12:35:06 2029 GMT
Subject: CN=69f49dff-5a3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1f:7c:be:42:81:53:2d:ae:2e:9a:66:9d:a8:
a6:f2:2c:e5:1c:7f:e7:b4:83:17:d9:ae:92:1f:27:
a2:b4:65:0c:41:52:eb:9b:00:57:08:16:93:85:53:
09:6c:e1:e7:30:f2:e2:9e:18:d5:25:90:a3:ee:b4:
fa:47:8e:c1:a7:27:87:0d:6a:99:39:61:d0:13:64:
bb:b5:04:22:7c:82:f8:50:59:53:d4:e5:80:87:76:
66:c1:0a:49:74:40:25:f7:0a:c3:8c:b4:1d:be:23:
92:b0:07:5a:5a:c3:27:6f:99:ec:89:ab:5a:81:c5:
ec:94:91:7c:28:52:af:67:4f:61:7b:f9:59:b7:fe:
2d:24:f1:ba:cd:a9:4d:ee:2c:85:f4:30:8c:51:76:
48:33:79:d2:b2:8e:7e:c4:37:27:f9:77:aa:17:dd:
0e:27:05:e6:bd:dd:53:dd:a1:8f:89:36:05:21:8d:
09:04:86:d1:33:46:64:94:1c:3b:71:44:12:13:61:
84:59:4c:b0:88:6a:dc:a9:ca:ed:e0:f0:6b:c2:bd:
2d:64:26:84:7d:02:ed:f3:94:8b:1f:92:d0:b3:70:
52:57:a0:37:5c:bf:cc:84:51:74:85:04:ab:48:97:
36:24:3e:9e:f1:55:f2:85:d4:98:15:53:07:b9:9e:
cf:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:FD:33:E9:3C:76:9C:D2:AA:A2:AB:E8:99:33:38:E5:3E:96:07:01
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/31E2BEF4455A11F1B4029F10CF1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.253.0/24
Signature Algorithm: sha256WithRSAEncryption
51:f2:1a:86:06:39:3d:f1:db:b8:bd:10:a6:7b:fa:f1:ac:3d:
ae:37:0b:90:34:7d:f7:5f:e3:20:30:db:e2:f5:3e:af:9d:c5:
dc:d0:33:64:07:8e:9d:dc:c4:f0:6d:7b:9a:c6:f3:3c:bb:4c:
b0:f5:f2:eb:15:82:a0:c3:cc:9c:4f:00:5c:75:12:df:44:c5:
f4:3d:d8:5c:57:91:58:ff:14:bb:8f:69:ea:8d:df:91:9f:69:
e4:13:cf:ee:5c:70:aa:c3:5b:a3:9e:f2:e1:b3:69:6f:80:5e:
f3:f8:83:ce:0e:18:e3:27:19:f9:46:8e:33:07:8c:b6:8b:d8:
9f:28:ad:6b:e9:01:1c:9a:02:7c:5d:dd:42:ff:49:4a:8b:70:
14:53:04:42:b1:ff:ff:c5:0b:83:47:59:7d:91:5c:5a:41:b3:
8b:ec:23:93:56:57:0f:01:e7:fd:ef:a4:12:e7:1b:57:27:fc:
72:73:ca:e8:33:02:00:14:81:b4:93:b7:e2:21:e2:dc:d6:34:
92:41:19:81:2f:df:3e:a5:36:b4:38:9c:0a:76:91:54:d4:12:
9d:33:52:a8:2d:46:84:7c:fb:af:be:dc:19:79:94:3d:ad:c5:
12:c1:a1:85:4c:c6:24:a8:dc:74:01:17:9e:e1:a0:a6:cd:60:
9a:58:9f:71
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAciRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNTAxMTIzNTA2WhcNMjkwNDMwMTIzNTA2WjAYMRYw
FAYDVQQDEw02OWY0OWRmZi01YTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvB98vkKBUy2uLppmnaim8izlHH/ntIMX2a6SHyeitGUMQVLrmwBXCBaT
hVMJbOHnMPLinhjVJZCj7rT6R47BpyeHDWqZOWHQE2S7tQQifIL4UFlT1OWAh3Zm
wQpJdEAl9wrDjLQdviOSsAdaWsMnb5nsiatagcXslJF8KFKvZ09he/lZt/4tJPG6
zalN7iyF9DCMUXZIM3nSso5+xDcn+XeqF90OJwXmvd1T3aGPiTYFIY0JBIbRM0Zk
lBw7cUQSE2GEWUywiGrcqcrt4PBrwr0tZCaEfQLt85SLH5LQs3BSV6A3XL/MhFF0
hQSrSJc2JD6e8VXyhdSYFVMHuZ7POQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF79
M+k8dpzSqqKr6JkzOOU+lgcBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMUUyQkVGNDQ1NUExMUYxQjQwMjlGMTBDRjFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms/9MA0GCSqGSIb3DQEB
CwUAA4IBAQBR8hqGBjk98du4vRCme/rxrD2uNwuQNH33X+MgMNvi9T6vncXc0DNk
B46d3MTwbXuaxvM8u0yw9fLrFYKgw8ycTwBcdRLfRMX0PdhcV5FY/xS7j2nqjd+R
n2nkE8/uXHCqw1ujnvLhs2lvgF7z+IPODhjjJxn5Ro4zB4y2i9ifKK1r6QEcmgJ8
Xd1C/0lKi3AUUwRCsf//xQuDR1l9kVxaQbOL7COTVlcPAef976QS5xtXJ/xyc8ro
MwIAFIG0k7fiIeLc1jSSQRmBL98+pTa0OJwKdpFU1BKdM1KoLUaEfPuvvtwZeZQ9
rcUSwaGFTMYkqNx0ARee4aCmzWCaWJ9x
-----END CERTIFICATE-----
Generated at Sat May 9 11:02:00 2026 by rpki-client