Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29421020F35711EF968C088B762E951A.roa
File: 29421020F35711EF968C088B762E951A.roa (raw, json)
Hash identifier: cflBlfohh9yqeb2gRhZYB8E01HCL8Vd7DmP1tqbrp9I=
Subject key identifier: C3:9B:83:44:B4:2B:97:75:3B:E7:F3:82:A8:85:F7:CC:1F:DC:05:EF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015DD6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29421020F35711EF968C088B762E951A.roa
Signing time: Tue 25 Feb 2025 09:01:55 +0000
ROA not before: Tue 25 Feb 2025 09:01:52 +0000
ROA not after: Mon 07 Apr 2025 09:01:52 +0000
asID: 138915
IP address blocks: 154.223.17.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89558 (0x15dd6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 25 09:01:52 2025 GMT
Not After : Apr 7 09:01:52 2025 GMT
Subject: CN=67bd8703-e935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ba:9d:d3:5a:36:75:04:18:4d:cc:af:df:a8:
bb:cc:e3:fe:a7:a2:90:39:9d:3c:bd:d1:db:16:00:
df:1e:a5:5a:be:20:43:d6:e4:3a:ba:59:99:3a:50:
c0:4c:20:0f:e3:da:48:42:ba:3b:0b:6d:3f:c6:9f:
f2:4f:c5:ed:fa:7f:a7:3b:e1:1a:ac:08:b2:7d:0f:
d4:e2:b6:a7:5d:48:6e:97:01:90:ba:fe:a6:a5:d1:
c8:49:a3:cd:ee:b3:99:92:78:24:f5:16:7d:0f:a8:
c4:8f:1f:89:f3:7e:de:1f:dc:4d:62:2e:5a:e0:3b:
69:99:ce:ae:10:cd:74:b1:41:6e:7a:00:cb:3a:49:
9e:48:f8:ea:78:d4:84:c8:23:d9:a4:a7:55:14:59:
ff:35:01:5a:63:dd:c9:af:f3:db:06:13:f5:49:40:
2a:58:df:c6:11:db:88:19:15:3f:45:44:9c:24:79:
15:d3:d8:49:14:08:eb:b2:5b:b0:c3:9e:51:c6:a0:
a5:d5:f3:9e:19:e1:7e:fb:c9:a8:b0:2e:a6:2f:66:
7d:13:7f:48:9c:4e:34:d9:f4:b6:bc:27:67:6c:0f:
71:f3:8c:67:19:50:c3:0e:81:86:4b:00:df:08:28:
94:7a:e9:eb:38:48:c6:de:8d:34:c8:72:07:2b:1c:
48:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:9B:83:44:B4:2B:97:75:3B:E7:F3:82:A8:85:F7:CC:1F:DC:05:EF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29421020F35711EF968C088B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.17.0/24
Signature Algorithm: sha256WithRSAEncryption
20:99:b2:85:1c:f4:46:f2:4e:a8:a0:b5:88:82:18:89:3d:2e:
75:e3:ad:1d:18:27:0b:8c:a5:a2:28:58:a3:ae:68:85:18:6d:
28:dd:fa:d0:f8:51:64:dd:f5:08:2b:ab:6a:96:2e:50:e0:ae:
36:e4:d6:8a:12:48:fc:4e:9a:8a:36:3a:61:c0:6a:d7:98:78:
0a:0d:05:68:13:99:9b:42:5b:d5:27:8c:76:ff:46:3d:af:8a:
28:a9:a6:11:b9:dd:19:f3:1b:e6:12:fe:18:c2:af:29:14:de:
ee:1f:c6:d9:41:e2:e7:aa:32:16:4e:16:b5:5f:a5:36:21:c9:
3e:71:ab:93:b5:29:f1:91:d6:6b:67:da:c1:a2:fc:3f:69:52:
04:73:4c:1d:62:8f:cb:9e:57:79:e8:0c:86:d5:8d:37:34:28:
3c:2b:80:99:2f:9b:a8:0c:6e:39:e0:31:8a:9a:98:25:82:56:
72:a2:19:7e:80:4c:1b:94:8e:94:38:84:25:35:09:4d:7f:82:
9b:d2:97:86:44:81:b4:a2:2c:3d:40:d4:36:19:d1:e1:56:09:
10:5f:e3:1e:42:e2:26:8b:ff:aa:0f:b0:a9:c1:5c:57:1a:81:
16:19:ff:1d:00:1c:3e:e3:67:8a:36:9c:6b:37:8e:d9:16:85:
40:c7:3d:4d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAV3WMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI1MDkwMTUyWhcNMjUwNDA3MDkwMTUyWjAYMRYw
FAYDVQQDEw02N2JkODcwMy1lOTM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1bqd01o2dQQYTcyv36i7zOP+p6KQOZ08vdHbFgDfHqVaviBD1uQ6ulmZ
OlDATCAP49pIQro7C20/xp/yT8Xt+n+nO+EarAiyfQ/U4ranXUhulwGQuv6mpdHI
SaPN7rOZkngk9RZ9D6jEjx+J837eH9xNYi5a4Dtpmc6uEM10sUFuegDLOkmeSPjq
eNSEyCPZpKdVFFn/NQFaY93Jr/PbBhP1SUAqWN/GEduIGRU/RUScJHkV09hJFAjr
sluww55RxqCl1fOeGeF++8mosC6mL2Z9E39InE402fS2vCdnbA9x84xnGVDDDoGG
SwDfCCiUeunrOEjG3o00yHIHKxxIIQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMOb
g0S0K5d1O+fzgqiF98wf3AXvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOTQyMTAyMEYzNTcxMUVGOTY4QzA4OEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt8RMA0GCSqGSIb3DQEB
CwUAA4IBAQAgmbKFHPRG8k6ooLWIghiJPS51460dGCcLjKWiKFijrmiFGG0o3frQ
+FFk3fUIK6tqli5Q4K425NaKEkj8TpqKNjphwGrXmHgKDQVoE5mbQlvVJ4x2/0Y9
r4ooqaYRud0Z8xvmEv4Ywq8pFN7uH8bZQeLnqjIWTha1X6U2Ick+cauTtSnxkdZr
Z9rBovw/aVIEc0wdYo/Lnld56AyG1Y03NCg8K4CZL5uoDG454DGKmpglglZyohl+
gEwblI6UOIQlNQlNf4Kb0peGRIG0oiw9QNQ2GdHhVgkQX+MeQuImi/+qD7CpwVxX
GoEWGf8dABw+42eKNpxrN47ZFoVAxz1N
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:21 2025 by rpki-client