Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CD10ACF2F9CE11EFA74211B2762E951A.roa
File: CD10ACF2F9CE11EFA74211B2762E951A.roa (raw, json)
Hash identifier: EEZxj1w3h+3fBrZ0ErwRboruomOGAfJSfXBAxnZqi90=
Subject key identifier: 43:1E:D7:86:CA:1F:28:A2:D7:50:CB:A5:F0:09:4B:C7:C9:F6:D6:DE
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1A40
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CD10ACF2F9CE11EFA74211B2762E951A.roa
Signing time: Wed 05 Mar 2025 14:33:27 +0000
ROA not before: Wed 05 Mar 2025 14:33:22 +0000
ROA not after: Fri 05 Mar 2027 14:33:22 +0000
asID: 834
IP address blocks: 154.16.125.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6720 (0x1a40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Mar 5 14:33:22 2025 GMT
Not After : Mar 5 14:33:22 2027 GMT
Subject: CN=67c860b7-2213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:11:95:ba:1b:db:27:7a:88:f0:16:52:bb:92:
43:8a:43:2f:8a:0d:eb:11:2b:3e:51:5a:8f:1f:a2:
13:c6:38:02:b5:91:44:81:5b:d8:ad:1f:1d:16:cd:
d5:05:c2:87:60:df:a9:32:53:0a:69:93:ab:8f:ac:
ac:b3:8c:46:b3:b4:81:b1:bb:3f:ed:26:cd:30:d1:
c0:5b:25:e3:6b:e5:a6:02:60:7d:f4:7f:fc:97:2c:
ad:b1:2e:4c:98:61:46:82:8d:a6:21:f3:85:8e:91:
0d:9c:46:6d:4b:4e:12:2b:ba:ff:70:7e:f7:e9:09:
a5:85:5d:a5:26:aa:ac:3f:b4:52:82:84:8b:be:c1:
02:cd:1d:c5:7f:c6:d1:bb:cf:44:5e:2e:50:a6:73:
9f:35:d7:0a:07:d2:c3:39:ad:f9:eb:c2:f6:ed:97:
1b:63:0f:47:b5:dc:c6:eb:dd:23:f0:17:d1:31:6c:
c9:bd:07:03:99:af:c5:cb:ec:80:b1:a9:32:ba:a4:
42:77:4f:71:0a:ad:8d:bf:a0:ac:bc:9c:e3:ff:30:
cb:98:a2:91:69:97:45:d4:72:ac:c6:27:8e:b7:27:
c5:44:84:cd:ca:36:c4:b0:8a:cd:3d:6c:fc:d8:b0:
b5:dd:bc:a3:f1:74:19:c1:b2:ef:60:d5:48:05:00:
6c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:1E:D7:86:CA:1F:28:A2:D7:50:CB:A5:F0:09:4B:C7:C9:F6:D6:DE
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CD10ACF2F9CE11EFA74211B2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.125.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:54:16:29:98:ef:7e:4a:71:54:83:77:44:67:1e:81:01:72:
b3:43:2d:94:71:93:c8:da:ab:64:ea:bc:e5:36:9d:0c:1b:9a:
77:41:54:c7:97:ae:eb:db:1e:fb:8e:ec:b1:da:b1:83:7b:a1:
b5:fd:79:38:8a:01:ec:53:2e:0a:d3:e9:3a:aa:7b:93:79:85:
02:aa:b3:2f:7e:a3:bf:80:2b:a1:68:1e:f6:1a:eb:3a:b6:f1:
3e:d4:2c:2b:3c:bd:81:64:99:f0:30:59:91:a3:75:db:9e:b8:
28:50:07:4d:15:af:15:c0:28:3e:90:2b:84:09:9e:cd:72:9b:
35:90:1b:e2:0f:87:09:8e:96:73:0d:62:e1:8f:a7:08:fb:b5:
30:4a:ce:de:40:1f:98:ab:27:ab:ed:40:c0:f7:4b:d7:5b:1a:
98:e8:fb:c0:89:2a:7d:39:85:23:0e:27:ed:49:67:bf:fd:10:
d9:85:88:0c:44:e2:68:f2:01:f8:64:38:2f:ff:73:89:25:1e:
f3:23:e3:92:55:f0:92:2a:ce:7f:bb:3b:23:ef:f0:ab:dc:b6:
a4:12:cc:08:16:76:c2:e3:b3:33:54:bd:e3:a5:4c:10:2f:93:
bc:80:9c:fb:e7:b1:46:b2:4a:8c:11:c4:aa:9b:25:d4:f8:9b:
5c:32:3a:04
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGkAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTAzMDUxNDMzMjJaFw0yNzAzMDUxNDMzMjJaMBgxFjAU
BgNVBAMTDTY3Yzg2MGI3LTIyMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDEEZW6G9sneojwFlK7kkOKQy+KDesRKz5RWo8fohPGOAK1kUSBW9itHx0W
zdUFwodg36kyUwppk6uPrKyzjEaztIGxuz/tJs0w0cBbJeNr5aYCYH30f/yXLK2x
LkyYYUaCjaYh84WOkQ2cRm1LThIruv9wfvfpCaWFXaUmqqw/tFKChIu+wQLNHcV/
xtG7z0ReLlCmc5811woH0sM5rfnrwvbtlxtjD0e13Mbr3SPwF9ExbMm9BwOZr8XL
7ICxqTK6pEJ3T3EKrY2/oKy8nOP/MMuYopFpl0XUcqzGJ463J8VEhM3KNsSwis09
bPzYsLXdvKPxdBnBsu9g1UgFAGxxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUQx7X
hsofKKLXUMul8AlLx8n21t4wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0NEMTBBQ0YyRjlDRTExRUZBNzQyMTFCMjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEH0wDQYJKoZIhvcNAQEL
BQADggEBAFpUFimY735KcVSDd0RnHoEBcrNDLZRxk8jaq2TqvOU2nQwbmndBVMeX
ruvbHvuO7LHasYN7obX9eTiKAexTLgrT6Tqqe5N5hQKqsy9+o7+AK6FoHvYa6zq2
8T7ULCs8vYFkmfAwWZGjddueuChQB00VrxXAKD6QK4QJns1ymzWQG+IPhwmOlnMN
YuGPpwj7tTBKzt5AH5irJ6vtQMD3S9dbGpjo+8CJKn05hSMOJ+1JZ7/9ENmFiAxE
4mjyAfhkOC//c4klHvMj45JV8JIqzn+7OyPv8KvctqQSzAgWdsLjszNUveOlTBAv
k7yAnPvnsUaySowRxKqbJdT4m1wyOgQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:12:54 2025 by rpki-client