Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F96897AF60F11EFA543C2B8762E951A.roa
File: 0F96897AF60F11EFA543C2B8762E951A.roa (raw, json)
Hash identifier: TXv71FfX+TQVcjQwXOaqxXvt93FY6BlqTJqf8V9OYWY=
Subject key identifier: F7:7A:F9:3B:4A:CC:C9:17:19:45:B3:39:03:2F:6D:D3:2D:B3:34:46
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016BE7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F96897AF60F11EFA543C2B8762E951A.roa
Signing time: Fri 28 Feb 2025 20:03:22 +0000
ROA not before: Fri 28 Feb 2025 20:03:18 +0000
ROA not after: Sun 13 Apr 2025 20:03:18 +0000
asID: 138915
IP address blocks: 154.206.116.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93159 (0x16be7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 28 20:03:18 2025 GMT
Not After : Apr 13 20:03:18 2025 GMT
Subject: CN=67c2168a-f944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a4:11:0d:da:50:13:68:fd:27:81:3c:c1:d2:
77:72:2f:b6:94:06:4f:17:b7:c6:97:80:b3:45:28:
ce:c0:5c:3a:7d:e9:48:2d:29:72:88:8e:98:fe:f1:
1e:93:5c:5d:f8:97:f5:25:46:ff:90:41:2b:3b:a6:
ef:e5:a4:6d:ec:ff:2e:46:63:ec:f6:80:f0:3a:cc:
ca:4f:f3:3e:8a:dc:45:e4:de:5f:da:e3:49:44:1c:
c9:16:53:15:20:25:e9:5f:00:8e:76:6c:75:66:8f:
54:b3:e0:67:db:94:9b:86:2e:05:d5:33:72:7c:db:
01:48:77:12:79:b7:14:cd:ae:c4:a7:6e:4c:a4:50:
6d:a1:0e:d2:df:87:78:2b:b7:0e:de:c1:ab:2b:91:
1d:9a:14:71:16:f5:a7:05:30:e1:91:4e:35:ca:62:
7c:25:d8:07:24:b8:f4:1f:cd:d0:76:29:dc:3b:6a:
42:e9:4f:aa:ac:ff:1d:b0:c5:5c:d6:7d:a0:e2:47:
13:a8:2a:85:90:a3:ec:f9:8f:f5:e3:24:08:83:02:
13:7a:73:4a:ae:f2:29:e2:52:67:7f:ed:4f:08:e6:
fb:2b:70:43:fb:3a:e5:fd:33:6e:6a:cf:0c:88:84:
77:a0:23:7b:da:20:93:13:8d:18:46:c6:0d:3e:6c:
ef:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:7A:F9:3B:4A:CC:C9:17:19:45:B3:39:03:2F:6D:D3:2D:B3:34:46
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F96897AF60F11EFA543C2B8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.116.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:04:b5:21:90:a3:00:73:2e:51:33:f1:5c:5d:1f:27:43:35:
4f:49:f5:8e:dc:a0:d6:ba:68:3f:4d:eb:e5:e4:85:bd:9f:8d:
23:55:3a:37:3a:a7:a9:a1:6d:1e:d8:f1:64:88:a3:93:19:28:
87:a8:86:15:00:35:21:c1:04:d6:be:7e:83:14:2e:e3:0e:ef:
ba:c7:ac:df:6d:d0:72:7d:dc:1f:3d:28:7a:2b:4f:03:62:96:
b7:75:60:5f:11:02:08:66:b5:f0:a4:dd:5c:72:45:3a:0f:03:
46:84:f1:76:7b:de:30:9a:a6:0c:93:60:90:63:14:3d:be:24:
48:d9:d1:8f:60:61:19:72:b2:db:eb:5d:f7:3f:fb:41:30:1e:
6c:d5:c3:84:40:5b:c9:23:24:ae:97:e9:29:db:7c:bb:82:f3:
e6:c7:1b:c9:6e:ed:1c:5a:c3:93:12:30:8e:e8:66:e3:0e:41:
c3:ae:6c:22:a0:9d:59:ee:2f:54:70:31:94:f2:a0:57:7f:0e:
60:6f:6b:8c:f1:e9:96:73:8b:92:a2:c7:c3:21:5e:97:40:03:
3f:9a:72:d3:70:49:f5:7b:76:3e:37:62:f3:f5:f8:f8:46:73:
db:f1:e0:f6:4f:a6:0b:80:1c:80:db:86:e3:5b:f9:e3:d4:25:
ac:50:28:6e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWvnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjAwMzE4WhcNMjUwNDEzMjAwMzE4WjAYMRYw
FAYDVQQDEw02N2MyMTY4YS1mOTQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoKQRDdpQE2j9J4E8wdJ3ci+2lAZPF7fGl4CzRSjOwFw6felILSlyiI6Y
/vEek1xd+Jf1JUb/kEErO6bv5aRt7P8uRmPs9oDwOszKT/M+itxF5N5f2uNJRBzJ
FlMVICXpXwCOdmx1Zo9Us+Bn25Sbhi4F1TNyfNsBSHcSebcUza7Ep25MpFBtoQ7S
34d4K7cO3sGrK5EdmhRxFvWnBTDhkU41ymJ8JdgHJLj0H83QdincO2pC6U+qrP8d
sMVc1n2g4kcTqCqFkKPs+Y/14yQIgwITenNKrvIp4lJnf+1PCOb7K3BD+zrl/TNu
as8MiIR3oCN72iCTE40YRsYNPmzvZwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPd6
+TtKzMkXGUWzOQMvbdMtszRGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRjk2ODk3QUY2MEYxMUVGQTU0M0MyQjg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms50MA0GCSqGSIb3DQEB
CwUAA4IBAQB9BLUhkKMAcy5RM/FcXR8nQzVPSfWO3KDWumg/Tevl5IW9n40jVTo3
OqepoW0e2PFkiKOTGSiHqIYVADUhwQTWvn6DFC7jDu+6x6zfbdByfdwfPSh6K08D
Ypa3dWBfEQIIZrXwpN1cckU6DwNGhPF2e94wmqYMk2CQYxQ9viRI2dGPYGEZcrLb
6133P/tBMB5s1cOEQFvJIySul+kp23y7gvPmxxvJbu0cWsOTEjCO6GbjDkHDrmwi
oJ1Z7i9UcDGU8qBXfw5gb2uM8emWc4uSosfDIV6XQAM/mnLTcEn1e3Y+N2Lz9fj4
RnPb8eD2T6YLgByA24bjW/nj1CWsUChu
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:35:46 2025 by rpki-client