Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/17B5F81CF69011EF90B047B5762E951A.roa
File: 17B5F81CF69011EF90B047B5762E951A.roa (raw, json)
Hash identifier: 2jmrOlDmaY5uXgFY7J+Fy6zk5YuG2R7pzs01aAiJQIc=
Subject key identifier: 93:E3:40:DD:90:56:1F:E2:A0:F5:FA:D1:8B:80:0A:E2:59:24:63:B7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016E01
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/17B5F81CF69011EF90B047B5762E951A.roa
Signing time: Sat 01 Mar 2025 11:27:01 +0000
ROA not before: Sat 01 Mar 2025 11:26:57 +0000
ROA not after: Sat 05 Apr 2025 11:26:57 +0000
asID: 203020
IP address blocks: 154.209.8.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93697 (0x16e01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 1 11:26:57 2025 GMT
Not After : Apr 5 11:26:57 2025 GMT
Subject: CN=67c2ef04-d29e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:dd:2a:29:df:aa:95:57:47:2a:de:b6:1d:bf:
bd:01:62:67:a7:83:0d:14:73:d6:b9:92:41:ea:25:
3a:8d:04:ae:94:9f:9a:54:cc:c5:79:36:bb:89:c6:
ae:93:dd:da:d1:de:3b:40:44:bc:75:f3:0c:fa:74:
50:e1:3e:d6:61:12:c1:3c:06:e7:34:6b:ea:14:ef:
37:d5:f2:40:e1:40:0e:a8:3f:51:f8:30:c0:08:18:
e9:78:16:f1:ba:16:c4:be:98:f2:dc:cc:dd:9e:5c:
80:4b:ac:9d:6d:12:b6:65:3f:d0:dc:4b:1a:37:58:
48:4a:ac:10:32:cf:8e:e6:41:af:ae:8c:9f:eb:c9:
21:42:f5:41:43:1a:2c:cb:7f:e0:d1:bd:e8:b0:83:
a4:ef:5c:f9:84:2a:97:53:4f:43:7f:75:2c:48:e3:
54:72:8d:e3:e5:75:db:9c:44:16:18:ce:d8:6f:46:
e9:4d:d5:4c:f8:48:44:95:de:c3:ec:4c:02:39:da:
cc:03:8d:dd:36:15:3f:73:be:8a:2f:5c:6e:aa:8f:
50:09:16:30:9c:62:1f:bd:2b:62:03:f7:bc:1c:25:
f4:0a:bb:3b:84:4f:cd:5a:a4:e0:e0:6a:3a:cf:ba:
19:a5:12:b4:a2:5a:b1:d8:5a:b8:2a:f7:ca:e2:9c:
e6:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:E3:40:DD:90:56:1F:E2:A0:F5:FA:D1:8B:80:0A:E2:59:24:63:B7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/17B5F81CF69011EF90B047B5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.8.0/21
Signature Algorithm: sha256WithRSAEncryption
1c:51:bf:01:b9:c6:49:46:ed:a3:85:0d:eb:34:73:8e:ef:46:
37:a7:ff:cd:3f:f7:23:c2:77:35:01:a7:9a:31:75:fd:c6:29:
f4:8f:42:00:59:d7:ed:45:8c:82:b0:52:86:86:06:88:c6:90:
aa:5b:35:17:b2:94:39:f2:c8:ed:69:43:67:ef:41:af:dd:47:
7e:87:bc:39:e6:f0:10:32:5f:4d:5d:d7:46:fe:1b:8c:84:00:
b2:ed:74:e9:dd:df:18:e3:2c:f8:c2:3b:ad:5f:55:04:7d:68:
89:51:5e:cc:fa:13:28:7a:e4:1e:29:6c:5b:1d:c0:9d:57:10:
0c:54:da:21:4e:b9:04:17:06:92:be:44:03:87:6c:5e:2c:6f:
61:6c:1a:60:cb:c2:d2:a4:fb:8d:06:fe:d2:43:e4:55:2f:68:
6b:e6:86:6a:f0:b1:d3:b9:69:45:83:e5:31:b7:15:6f:77:81:
33:3f:0f:96:81:f7:b0:62:0c:44:47:37:e9:02:6f:37:b9:f8:
10:e0:8e:7e:55:ba:c8:b4:db:e2:f8:f9:6e:44:07:21:66:cc:
5a:2f:cf:ad:c4:d7:5d:aa:7a:1e:db:2d:a3:04:43:0a:30:2b:
90:da:9f:f8:1c:33:e8:04:fc:f4:1c:b2:e2:7d:2d:7d:58:e1:
ee:2e:bc:52
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW4BMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTEyNjU3WhcNMjUwNDA1MTEyNjU3WjAYMRYw
FAYDVQQDEw02N2MyZWYwNC1kMjllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA090qKd+qlVdHKt62Hb+9AWJnp4MNFHPWuZJB6iU6jQSulJ+aVMzFeTa7
icauk93a0d47QES8dfMM+nRQ4T7WYRLBPAbnNGvqFO831fJA4UAOqD9R+DDACBjp
eBbxuhbEvpjy3MzdnlyAS6ydbRK2ZT/Q3EsaN1hISqwQMs+O5kGvroyf68khQvVB
Qxosy3/g0b3osIOk71z5hCqXU09Df3UsSONUco3j5XXbnEQWGM7Yb0bpTdVM+EhE
ld7D7EwCOdrMA43dNhU/c76KL1xuqo9QCRYwnGIfvStiA/e8HCX0Crs7hE/NWqTg
4Go6z7oZpRK0olqx2Fq4KvfK4pzm6QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJPj
QN2QVh/ioPX60YuACuJZJGO3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xN0I1RjgxQ0Y2OTAxMUVGOTBCMDQ3QjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmtEIMA0GCSqGSIb3DQEB
CwUAA4IBAQAcUb8BucZJRu2jhQ3rNHOO70Y3p//NP/cjwnc1AaeaMXX9xin0j0IA
WdftRYyCsFKGhgaIxpCqWzUXspQ58sjtaUNn70Gv3Ud+h7w55vAQMl9NXddG/huM
hACy7XTp3d8Y4yz4wjutX1UEfWiJUV7M+hMoeuQeKWxbHcCdVxAMVNohTrkEFwaS
vkQDh2xeLG9hbBpgy8LSpPuNBv7SQ+RVL2hr5oZq8LHTuWlFg+UxtxVvd4EzPw+W
gfewYgxERzfpAm83ufgQ4I5+VbrItNvi+PluRAchZsxaL8+txNddqnoe2y2jBEMK
MCuQ2p/4HDPoBPz0HLLifS19WOHuLrxS
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:50:20 2025 by rpki-client