Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/299AA44EF65C11EFB832BF56762E951A.roa
File: 299AA44EF65C11EFB832BF56762E951A.roa (raw, json)
Hash identifier: oVZgcESC94x6LSxEhOiTu5dHwhtcM/4bWyTrp5tImXA=
Subject key identifier: 29:6D:6A:AB:09:8B:CD:F2:79:6C:1C:8C:E6:15:7E:A4:0F:5E:41:51
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016D1E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/299AA44EF65C11EFB832BF56762E951A.roa
Signing time: Sat 01 Mar 2025 05:15:17 +0000
ROA not before: Sat 01 Mar 2025 05:15:13 +0000
ROA not after: Sat 19 Feb 2028 05:15:13 +0000
asID: 17561
IP address blocks: 154.196.111.0/24 maxlen: 24
154.196.112.0/24 maxlen: 24
154.196.113.0/24 maxlen: 24
154.196.114.0/24 maxlen: 24
154.196.115.0/24 maxlen: 24
154.196.116.0/24 maxlen: 24
154.196.117.0/24 maxlen: 24
154.196.118.0/24 maxlen: 24
154.196.119.0/24 maxlen: 24
154.196.120.0/24 maxlen: 24
154.196.121.0/24 maxlen: 24
154.196.122.0/24 maxlen: 24
154.196.123.0/24 maxlen: 24
154.196.124.0/24 maxlen: 24
154.196.125.0/24 maxlen: 24
154.196.126.0/24 maxlen: 24
154.196.127.0/24 maxlen: 24
154.204.1.0/24 maxlen: 24
154.204.16.0/24 maxlen: 24
154.204.17.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93470 (0x16d1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 1 05:15:13 2025 GMT
Not After : Feb 19 05:15:13 2028 GMT
Subject: CN=67c297e5-b6c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c9:f9:9a:99:90:ef:f0:c1:f8:c7:e1:fc:a8:
84:0a:45:a3:3c:dc:66:72:83:37:ec:8e:ff:04:d5:
7d:b7:e9:cd:e7:cb:00:03:75:98:67:33:2b:6f:42:
db:28:4d:a7:ed:54:2f:f5:8e:d2:e3:32:0d:71:26:
51:3e:30:52:36:63:86:23:9b:f6:db:45:9e:63:f9:
88:4f:c5:d2:12:7d:b4:0f:3f:b8:43:c5:76:88:5e:
f0:5b:ea:e8:02:4d:80:74:a6:de:2b:42:b2:06:93:
d8:fe:d9:68:ad:29:0a:e6:65:aa:11:f4:77:99:2a:
63:34:cd:b8:32:08:f5:6a:5f:f1:95:d1:cb:17:9c:
b6:4c:56:e6:69:f4:dd:8d:6c:fb:89:6f:c6:cd:f4:
7d:c9:1c:1d:93:46:4a:31:9d:d3:ab:88:3b:45:1f:
95:8e:0b:08:0d:33:f7:dd:9c:f1:d8:de:58:c3:ff:
9a:89:fe:6c:5d:aa:bc:58:43:63:b0:94:30:87:79:
48:9a:70:4a:b2:64:75:6f:d6:e7:35:79:8e:2c:3e:
b3:92:ba:99:a2:c1:01:fc:c3:a2:7a:4c:03:fd:45:
a1:2f:6b:4a:c1:76:6d:cf:3c:03:df:10:a3:00:76:
09:fa:26:8a:8e:a3:1a:3c:8d:14:99:df:e3:e8:a8:
5e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:6D:6A:AB:09:8B:CD:F2:79:6C:1C:8C:E6:15:7E:A4:0F:5E:41:51
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/299AA44EF65C11EFB832BF56762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.111.0-154.196.127.255
154.204.1.0/24
154.204.16.0/23
Signature Algorithm: sha256WithRSAEncryption
20:cb:15:08:f1:2b:41:40:2f:e1:47:ea:35:fd:64:65:cf:6a:
a4:b0:a5:92:90:49:9f:84:e1:1c:0d:1f:9e:12:95:65:44:c1:
97:39:d5:a8:fe:49:2c:de:57:32:e4:2e:05:1a:90:e3:ce:71:
d0:37:9c:6c:86:89:a9:9d:cc:d1:67:e4:c0:85:90:66:9b:b1:
ae:e5:62:49:ea:43:fd:83:7f:68:ac:de:b5:25:1e:db:dc:62:
a3:a9:5f:96:44:eb:16:b1:f0:48:cb:42:d4:72:fb:55:4d:7a:
52:ef:34:c7:3b:d4:63:b4:bf:bd:81:4f:7c:b5:f9:83:d9:7b:
8b:73:c8:e1:c8:b8:79:79:09:1e:70:10:3e:e0:9a:d2:b1:fc:
b2:ab:af:12:e2:5d:3a:61:cf:0f:e6:09:f5:93:b2:ad:4d:4e:
ec:e4:e1:1f:15:84:42:df:00:4c:2c:cf:bd:f0:06:d0:72:4c:
cd:06:1a:f9:4c:f3:43:5c:24:c8:9f:94:70:41:70:d8:cf:9b:
02:da:95:5d:bd:fa:83:b6:b1:ef:80:d5:25:f1:56:42:84:6b:
59:72:7c:09:b2:4e:2a:22:3c:1f:07:e8:af:1d:32:6e:d0:be:
b7:4a:8c:1f:c4:b0:a4:13:88:1e:75:09:4d:6a:93:e9:35:19:
1a:78:71:4b
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAW0eMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMDUxNTEzWhcNMjgwMjE5MDUxNTEzWjAYMRYw
FAYDVQQDEw02N2MyOTdlNS1iNmMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApsn5mpmQ7/DB+Mfh/KiECkWjPNxmcoM37I7/BNV9t+nN58sAA3WYZzMr
b0LbKE2n7VQv9Y7S4zINcSZRPjBSNmOGI5v220WeY/mIT8XSEn20Dz+4Q8V2iF7w
W+roAk2AdKbeK0KyBpPY/tlorSkK5mWqEfR3mSpjNM24Mgj1al/xldHLF5y2TFbm
afTdjWz7iW/GzfR9yRwdk0ZKMZ3Tq4g7RR+VjgsIDTP33Zzx2N5Yw/+aif5sXaq8
WENjsJQwh3lImnBKsmR1b9bnNXmOLD6zkrqZosEB/MOiekwD/UWhL2tKwXZtzzwD
3xCjAHYJ+iaKjqMaPI0Umd/j6KheYQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFClt
aqsJi83yeWwcjOYVfqQPXkFRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOTlBQTQ0RUY2NUMxMUVGQjgzMkJGNTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACaxG8DBAeaxAADBACa
zAEDBAGazBAwDQYJKoZIhvcNAQELBQADggEBACDLFQjxK0FAL+FH6jX9ZGXPaqSw
pZKQSZ+E4RwNH54SlWVEwZc51aj+SSzeVzLkLgUakOPOcdA3nGyGiamdzNFn5MCF
kGabsa7lYknqQ/2Df2is3rUlHtvcYqOpX5ZE6xax8EjLQtRy+1VNelLvNMc71GO0
v72BT3y1+YPZe4tzyOHIuHl5CR5wED7gmtKx/LKrrxLiXTphzw/mCfWTsq1NTuzk
4R8VhELfAEwsz73wBtByTM0GGvlM80NcJMiflHBBcNjPmwLalV29+oO2se+A1SXx
VkKEa1lyfAmyTioiPB8H6K8dMm7QvrdKjB/EsKQTiB51CU1qk+k1GRp4cUs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:57 2025 by rpki-client