Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0235662CFF2211EF96EAEE5F762E951A.roa
File: 0235662CFF2211EF96EAEE5F762E951A.roa (raw, json)
Hash identifier: POwJflKA4a13Oqd50LSzKNVZgMVmgm6RTIGdauvbRYQ=
Subject key identifier: AC:91:1F:14:16:6D:FA:DB:7E:8D:5F:FC:78:D1:A9:24:E5:E8:96:D9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0173C3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0235662CFF2211EF96EAEE5F762E951A.roa
Signing time: Wed 12 Mar 2025 09:11:40 +0000
ROA not before: Wed 12 Mar 2025 09:11:36 +0000
ROA not after: Thu 24 Apr 2025 09:11:36 +0000
asID: 214451
IP address blocks: 154.200.202.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95171 (0x173c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 12 09:11:36 2025 GMT
Not After : Apr 24 09:11:36 2025 GMT
Subject: CN=67d14fcc-ad3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1b:ac:73:47:5a:25:1e:15:d4:c4:fd:e2:25:
3a:d1:65:3a:de:08:95:85:1f:a2:11:3d:70:75:cf:
43:31:09:a1:db:9e:13:a8:47:3a:39:57:ea:1d:7c:
72:b4:a6:fe:77:25:01:4a:fa:b0:10:5f:3a:c2:3a:
37:17:79:c3:73:0f:ba:66:12:c9:68:87:57:38:68:
10:9d:08:c9:4d:94:72:1a:22:1a:26:dd:cf:15:fa:
2b:70:3a:76:7b:b5:3c:33:a1:b6:d0:aa:02:88:4d:
8a:d1:04:b7:68:8a:66:aa:4f:16:61:68:13:fd:86:
2b:07:89:8a:36:9f:83:8f:24:56:6f:3c:7a:ef:4e:
4f:28:48:1d:ea:b0:26:99:5d:6c:b4:b9:97:21:82:
65:4f:16:15:e6:a3:a8:1a:ac:da:55:2d:cf:a9:95:
43:9b:b3:7e:a4:39:83:bd:ab:24:d7:f9:00:c4:14:
a6:3d:64:45:46:01:22:1e:b8:f4:b2:e7:de:69:3b:
ef:9f:32:fe:6f:14:86:aa:b1:cd:9c:a9:f6:f3:77:
7d:02:11:8d:29:3f:9b:af:c4:e0:40:16:ad:9d:d2:
cf:e1:07:ff:e4:51:0f:ba:18:38:38:ef:cf:4f:37:
cb:32:31:78:37:1e:67:5a:0c:89:12:9d:1e:5b:25:
2f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:91:1F:14:16:6D:FA:DB:7E:8D:5F:FC:78:D1:A9:24:E5:E8:96:D9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0235662CFF2211EF96EAEE5F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.202.0/23
Signature Algorithm: sha256WithRSAEncryption
42:3b:f9:54:2c:67:16:33:fd:47:6b:bf:75:8e:f9:cc:a5:02:
75:42:de:0c:1b:bd:0d:cf:fb:f2:c3:d5:e0:41:47:a4:50:0e:
af:db:4d:d0:c0:64:27:66:b2:1a:2e:fa:c0:d7:65:9f:3c:d7:
99:eb:80:63:84:e2:db:1d:80:a8:fe:5d:55:f9:55:0d:82:91:
67:3d:9b:5f:ee:6b:6d:1a:be:3f:8c:25:21:f6:b7:0d:f4:02:
7e:66:e3:09:64:bf:dd:63:fa:42:93:48:65:7e:38:5e:98:59:
f0:f4:c7:d9:5d:18:05:6c:04:75:2d:da:c9:73:c0:bc:84:ef:
ca:d0:16:30:b0:9d:52:8f:5b:7b:df:ee:0f:c5:75:77:1f:c9:
f4:47:7b:a2:f3:b6:8f:8c:b6:ac:ed:be:e6:ce:71:bf:a7:68:
1d:ff:d3:65:bf:2d:e8:2a:83:d5:66:36:59:5a:4a:d3:f6:51:
ec:98:e8:0f:3b:ea:0b:d3:8a:52:8a:38:6d:dd:fe:f5:ed:51:
9c:b7:37:23:58:9f:fd:be:14:8d:f2:81:46:cc:fb:26:8a:72:
69:7e:58:0e:84:51:b5:20:e0:7e:d6:ec:fa:54:48:05:3f:e7:
aa:dd:f2:a1:36:13:49:c1:ec:51:20:dc:27:65:79:36:3a:70:
d7:ec:d2:8c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXPDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzEyMDkxMTM2WhcNMjUwNDI0MDkxMTM2WjAYMRYw
FAYDVQQDEw02N2QxNGZjYy1hZDNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyhusc0daJR4V1MT94iU60WU63giVhR+iET1wdc9DMQmh254TqEc6OVfq
HXxytKb+dyUBSvqwEF86wjo3F3nDcw+6ZhLJaIdXOGgQnQjJTZRyGiIaJt3PFfor
cDp2e7U8M6G20KoCiE2K0QS3aIpmqk8WYWgT/YYrB4mKNp+DjyRWbzx6705PKEgd
6rAmmV1stLmXIYJlTxYV5qOoGqzaVS3PqZVDm7N+pDmDvask1/kAxBSmPWRFRgEi
Hrj0sufeaTvvnzL+bxSGqrHNnKn283d9AhGNKT+br8TgQBatndLP4Qf/5FEPuhg4
OO/PTzfLMjF4Nx5nWgyJEp0eWyUv3wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKyR
HxQWbfrbfo1f/HjRqSTl6JbZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMjM1NjYyQ0ZGMjIxMUVGOTZFQUVFNUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsjKMA0GCSqGSIb3DQEB
CwUAA4IBAQBCO/lULGcWM/1Ha791jvnMpQJ1Qt4MG70Nz/vyw9XgQUekUA6v203Q
wGQnZrIaLvrA12WfPNeZ64BjhOLbHYCo/l1V+VUNgpFnPZtf7mttGr4/jCUh9rcN
9AJ+ZuMJZL/dY/pCk0hlfjhemFnw9MfZXRgFbAR1LdrJc8C8hO/K0BYwsJ1Sj1t7
3+4PxXV3H8n0R3ui87aPjLas7b7mznG/p2gd/9Nlvy3oKoPVZjZZWkrT9lHsmOgP
O+oL04pSijht3f717VGctzcjWJ/9vhSN8oFGzPsminJpflgOhFG1IOB+1uz6VEgF
P+eq3fKhNhNJwexRINwnZXk2OnDX7NKM
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:17 2025 by rpki-client