Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F2D680AF65511EFBA1EDEA5762E951A.roa
File: 0F2D680AF65511EFBA1EDEA5762E951A.roa (raw, json)
Hash identifier: 5fug21q2NYl+TZ3rx509mb+PlNbHt81RKu5l1z4QJxE=
Subject key identifier: 12:97:39:9D:02:F3:61:69:0C:AA:BF:B0:46:E4:B0:ED:4D:E0:EA:A6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016D08
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F2D680AF65511EFBA1EDEA5762E951A.roa
Signing time: Sat 01 Mar 2025 04:24:26 +0000
ROA not before: Sat 01 Mar 2025 04:24:22 +0000
ROA not after: Fri 20 Feb 2026 04:24:22 +0000
asID: 984
IP address blocks: 154.213.162.0/24 maxlen: 24
154.213.163.0/24 maxlen: 24
154.213.164.0/24 maxlen: 24
154.213.165.0/24 maxlen: 24
154.213.166.0/24 maxlen: 24
154.213.167.0/24 maxlen: 24
154.213.192.0/24 maxlen: 24
154.213.200.0/24 maxlen: 24
154.213.201.0/24 maxlen: 24
154.213.206.0/24 maxlen: 24
154.213.210.0/24 maxlen: 24
154.213.213.0/24 maxlen: 24
154.213.214.0/24 maxlen: 24
154.213.216.0/24 maxlen: 24
154.213.217.0/24 maxlen: 24
154.213.218.0/24 maxlen: 24
154.213.221.0/24 maxlen: 24
154.213.222.0/24 maxlen: 24
154.213.223.0/24 maxlen: 24
154.223.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93448 (0x16d08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 1 04:24:22 2025 GMT
Not After : Feb 20 04:24:22 2026 GMT
Subject: CN=67c28bfa-a5e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e1:13:dc:02:dc:63:cb:17:b8:32:fb:49:51:
5b:e5:ff:d8:f8:37:da:d5:60:ac:a3:87:66:bb:06:
ef:36:ac:41:f6:eb:44:db:b7:e9:d8:dd:84:dd:ac:
3a:95:e7:af:8e:ca:1e:f3:3a:bd:e9:ea:40:f9:3e:
6f:89:70:26:97:22:18:a5:55:5f:6e:09:2a:4a:93:
25:6b:03:2f:f1:70:69:dd:f4:e1:40:a5:46:01:50:
d4:60:29:34:dd:88:cc:c7:17:3a:4d:dc:9c:ad:4c:
68:4f:a5:71:e7:28:07:f0:d4:2c:66:5d:11:a0:af:
d0:fc:63:94:4d:b9:91:99:42:f9:ac:4c:79:fd:2a:
68:c2:0b:c4:08:22:bb:5a:61:71:f8:57:b9:53:4e:
00:07:e5:f9:c3:df:f9:8f:49:de:28:fd:a7:f2:a0:
27:d1:2d:45:5f:2f:b2:20:8c:0a:5b:42:9c:a2:43:
86:c3:31:e7:fd:02:cd:83:6f:ab:1d:ab:0d:58:59:
77:7c:fe:6e:09:86:74:e6:bf:fd:1e:0c:d3:95:a5:
44:77:e2:64:19:d8:b2:1b:b7:a1:1f:e1:11:96:68:
97:1e:66:fa:ab:4b:c6:ac:21:55:f5:e3:66:a3:35:
53:2a:21:3c:8d:47:97:d6:47:3b:f3:8f:9f:45:bf:
0d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:97:39:9D:02:F3:61:69:0C:AA:BF:B0:46:E4:B0:ED:4D:E0:EA:A6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F2D680AF65511EFBA1EDEA5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.162.0-154.213.167.255
154.213.192.0/24
154.213.200.0/23
154.213.206.0/24
154.213.210.0/24
154.213.213.0-154.213.214.255
154.213.216.0-154.213.218.255
154.213.221.0-154.213.223.255
154.223.0.0/24
Signature Algorithm: sha256WithRSAEncryption
48:e3:25:63:43:49:82:3e:18:61:3b:5a:e0:9e:d4:11:b3:e8:
6d:85:e0:58:88:ec:90:37:4c:6f:05:f1:c2:ad:91:1a:44:45:
ec:c4:b0:09:6e:87:05:b6:93:bb:25:74:fd:92:3a:08:66:70:
46:b9:21:ed:6f:38:c6:f3:6b:3a:aa:0d:83:48:ee:13:e3:93:
c2:8c:a5:98:06:f4:ec:27:c8:a0:ce:40:0a:9f:a1:13:d4:82:
18:b9:57:f6:20:39:40:70:5a:09:a9:0a:d8:3b:0b:cf:ed:e3:
1a:21:42:0d:cf:fb:75:ba:87:d4:61:d3:b4:51:93:e9:f2:e2:
89:cd:2b:32:00:c6:7b:fe:b5:6a:b3:9c:3b:1d:77:e7:aa:c3:
10:8a:ff:60:6b:e7:6c:d1:f8:c8:67:10:77:49:be:8f:b4:e9:
9b:c8:db:a0:c3:d3:b3:03:d2:07:2f:8f:62:20:ed:a4:3d:d8:
70:dd:9e:c7:d3:64:ce:0a:8b:99:a6:7f:c5:fc:39:00:1e:7f:
d4:96:9e:c0:2e:15:83:92:c0:70:ce:c8:23:00:4b:71:53:81:
fc:93:8e:e7:fe:f8:e9:10:7d:e6:ab:08:3c:43:27:58:e7:35:
d2:af:ee:2b:34:46:33:61:96:03:85:15:71:3f:f5:ad:72:03:
20:91:25:84
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgIDAW0IMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMDQyNDIyWhcNMjYwMjIwMDQyNDIyWjAYMRYw
FAYDVQQDEw02N2MyOGJmYS1hNWU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAveET3ALcY8sXuDL7SVFb5f/Y+Dfa1WCso4dmuwbvNqxB9utE27fp2N2E
3aw6leevjsoe8zq96epA+T5viXAmlyIYpVVfbgkqSpMlawMv8XBp3fThQKVGAVDU
YCk03YjMxxc6TdycrUxoT6Vx5ygH8NQsZl0RoK/Q/GOUTbmRmUL5rEx5/SpowgvE
CCK7WmFx+Fe5U04AB+X5w9/5j0neKP2n8qAn0S1FXy+yIIwKW0KcokOGwzHn/QLN
g2+rHasNWFl3fP5uCYZ05r/9HgzTlaVEd+JkGdiyG7ehH+ERlmiXHmb6q0vGrCFV
9eNmozVTKiE8jUeX1kc784+fRb8N+QIDAQABo4IC9TCCAvEwHQYDVR0OBBYEFBKX
OZ0C82FpDKq/sEbksO1N4OqmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRjJENjgwQUY2NTUxMUVGQkExRURFQTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWMAwDBAGa1aIDBAOa1aADBACa
1cADBAGa1cgDBACa1c4DBACa1dIwDAMEAJrV1QMEAJrV1jAMAwQDmtXYAwQAmtXa
MAwDBACa1d0DBAWa1cADBACa3wAwDQYJKoZIhvcNAQELBQADggEBAEjjJWNDSYI+
GGE7WuCe1BGz6G2F4FiI7JA3TG8F8cKtkRpERezEsAluhwW2k7sldP2SOghmcEa5
Ie1vOMbzazqqDYNI7hPjk8KMpZgG9OwnyKDOQAqfoRPUghi5V/YgOUBwWgmpCtg7
C8/t4xohQg3P+3W6h9Rh07RRk+ny4onNKzIAxnv+tWqznDsdd+eqwxCK/2Br52zR
+MhnEHdJvo+06ZvI26DD07MD0gcvj2Ig7aQ92HDdnsfTZM4Ki5mmf8X8OQAef9SW
nsAuFYOSwHDOyCMAS3FTgfyTjuf++OkQfearCDxDJ1jnNdKv7is0RjNhlgOFFXE/
9a1yAyCRJYQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:50:53 2025 by rpki-client