Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/133D78E2F82E11EFB0BA46AB762E951A.roa
File: 133D78E2F82E11EFB0BA46AB762E951A.roa (raw, json)
Hash identifier: lnKeFzWHYn3Q25efcowc4eMRlytSQhO/8+nTOwk7214=
Subject key identifier: D1:11:8C:B2:60:91:BA:BB:37:39:87:F2:39:25:B7:D8:79:FD:43:4B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0170AF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/133D78E2F82E11EFB0BA46AB762E951A.roa
Signing time: Mon 03 Mar 2025 12:50:25 +0000
ROA not before: Mon 03 Mar 2025 12:50:21 +0000
ROA not after: Mon 31 Mar 2025 12:50:21 +0000
asID: 48031
IP address blocks: 154.216.1.0/24 maxlen: 24
154.218.1.0/24 maxlen: 24
154.218.16.0/24 maxlen: 24
154.218.18.0/24 maxlen: 24
154.218.19.0/24 maxlen: 24
154.218.20.0/24 maxlen: 24
154.218.21.0/24 maxlen: 24
154.218.23.0/24 maxlen: 24
154.218.24.0/24 maxlen: 24
154.222.208.0/24 maxlen: 24
154.222.209.0/24 maxlen: 24
154.222.210.0/24 maxlen: 24
154.222.211.0/24 maxlen: 24
154.222.212.0/24 maxlen: 24
154.222.213.0/24 maxlen: 24
154.222.220.0/24 maxlen: 24
154.222.221.0/24 maxlen: 24
154.222.222.0/24 maxlen: 24
154.222.223.0/24 maxlen: 24
154.222.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94383 (0x170af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 3 12:50:21 2025 GMT
Not After : Mar 31 12:50:21 2025 GMT
Subject: CN=67c5a591-97b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fb:dd:ac:cc:75:1f:42:de:31:64:0b:02:6f:
6d:d7:10:fb:28:8f:b9:5f:fc:3e:ce:36:04:54:ef:
f3:a6:72:f3:00:80:c0:a3:65:76:33:40:e3:5b:7c:
7b:f0:98:04:fc:6b:3f:bd:48:f4:e3:ff:c9:a2:21:
a0:e6:eb:71:7c:47:bd:26:67:6a:ba:89:aa:06:3b:
c8:c3:e6:c0:da:3b:a2:f5:30:0d:64:10:20:3d:b0:
c9:ee:a1:c5:29:2a:99:95:1b:06:c7:37:87:2f:cb:
c1:1a:a2:33:86:de:85:0c:76:ee:26:05:c7:c8:03:
e3:ce:7c:1b:6a:ea:a9:cd:55:c0:e3:f8:10:5e:3f:
ec:dd:f2:b6:6c:a2:e5:51:8c:3a:e0:1c:d7:f6:a6:
49:d5:27:c1:5b:69:95:ca:dc:2d:52:ef:44:88:6e:
d0:ad:55:1d:06:5c:58:c3:75:48:c4:96:bf:31:4c:
9c:15:87:78:0c:2c:f7:3b:ac:44:b8:a5:3a:99:23:
3e:9b:e4:bb:c7:b7:4a:c2:a1:78:1c:ec:d3:36:b2:
ec:36:41:85:91:a8:92:ff:9a:7a:de:5e:b1:6f:f7:
1f:4c:5f:a7:38:b3:c4:71:c0:12:b6:2f:c0:e2:0a:
a5:95:a2:e1:6b:47:3c:82:f5:f7:69:2b:38:37:e2:
4c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:11:8C:B2:60:91:BA:BB:37:39:87:F2:39:25:B7:D8:79:FD:43:4B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/133D78E2F82E11EFB0BA46AB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.216.1.0/24
154.218.1.0/24
154.218.16.0/24
154.218.18.0-154.218.21.255
154.218.23.0-154.218.24.255
154.222.208.0-154.222.213.255
154.222.220.0/22
154.222.247.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:b9:61:94:61:c2:5b:02:50:ff:3a:5d:52:9b:36:49:83:3e:
18:04:2e:24:55:87:c9:34:9d:ae:94:4d:44:ce:12:c3:a5:1e:
6a:35:97:40:f4:e8:26:d1:53:06:c3:58:ec:b3:3e:36:36:da:
59:67:d9:0e:65:60:f7:b8:b6:ba:af:8f:9a:ff:ce:65:fd:d5:
af:6d:4a:33:0c:6f:0f:cd:de:96:37:fb:dd:a4:f7:7e:b2:9d:
00:44:27:58:56:1e:75:0e:b3:96:fd:67:64:cb:9c:fe:0f:fa:
c8:89:7d:40:c3:f8:d4:6f:7b:b5:90:54:a1:ed:e8:1a:66:58:
39:dc:5e:61:ee:54:c0:18:fe:17:b8:a1:c2:72:9a:d5:a2:2f:
da:37:9e:cc:eb:21:91:d8:b7:cb:88:04:87:45:a9:83:87:e4:
a5:10:95:7a:c6:e1:ba:c2:2c:5d:79:b5:df:5f:e6:2d:ed:d5:
66:6a:02:f0:72:24:2b:99:ca:25:e0:32:1b:e8:fd:2d:60:3c:
4c:b0:a0:9f:17:07:c5:b3:af:33:47:c1:9f:22:93:20:cb:91:
44:14:f7:a2:71:2e:00:72:24:91:78:14:d7:34:d4:6f:fe:c7:
aa:a3:e4:ee:1c:86:3e:99:eb:08:bb:08:39:9e:f7:6b:58:ba:
23:f5:af:a0
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgIDAXCvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAzMTI1MDIxWhcNMjUwMzMxMTI1MDIxWjAYMRYw
FAYDVQQDEw02N2M1YTU5MS05N2I4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs/vdrMx1H0LeMWQLAm9t1xD7KI+5X/w+zjYEVO/zpnLzAIDAo2V2M0Dj
W3x78JgE/Gs/vUj04//JoiGg5utxfEe9JmdquomqBjvIw+bA2jui9TANZBAgPbDJ
7qHFKSqZlRsGxzeHL8vBGqIzht6FDHbuJgXHyAPjznwbauqpzVXA4/gQXj/s3fK2
bKLlUYw64BzX9qZJ1SfBW2mVytwtUu9EiG7QrVUdBlxYw3VIxJa/MUycFYd4DCz3
O6xEuKU6mSM+m+S7x7dKwqF4HOzTNrLsNkGFkaiS/5p63l6xb/cfTF+nOLPEccAS
ti/A4gqllaLha0c8gvX3aSs4N+JM+wIDAQABo4IC5zCCAuMwHQYDVR0OBBYEFNER
jLJgkbq7NzmH8jklt9h5/UNLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMzNENzhFMkY4MkUxMUVGQjBCQTQ2QUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAmtgBAwQAmtoBAwQAmtoQ
MAwDBAGa2hIDBAGa2hQwDAMEAJraFwMEAJraGDAMAwQEmt7QAwQBmt7UAwQCmt7c
AwQAmt73MA0GCSqGSIb3DQEBCwUAA4IBAQCKuWGUYcJbAlD/Ol1SmzZJgz4YBC4k
VYfJNJ2ulE1EzhLDpR5qNZdA9Ogm0VMGw1jssz42NtpZZ9kOZWD3uLa6r4+a/85l
/dWvbUozDG8Pzd6WN/vdpPd+sp0ARCdYVh51DrOW/Wdky5z+D/rIiX1Aw/jUb3u1
kFSh7egaZlg53F5h7lTAGP4XuKHCcprVoi/aN57M6yGR2LfLiASHRamDh+SlEJV6
xuG6wixdebXfX+Yt7dVmagLwciQrmcol4DIb6P0tYDxMsKCfFwfFs68zR8GfIpMg
y5FEFPeicS4AciSReBTXNNRv/seqo+TuHIY+mesIuwg5nvdrWLoj9a+g
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:58:05 2025 by rpki-client