Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/303142ACF8C511EF90BDC5B5762E951A.roa
File: 303142ACF8C511EF90BDC5B5762E951A.roa (raw, json)
Hash identifier: stvOIuy8s+7crXQeghbIIY04XICqVLyEhShsfRnGEGA=
Subject key identifier: 1D:10:4D:99:00:24:4E:4D:63:3D:F5:67:01:ED:63:4C:95:B7:7F:2C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017170
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/303142ACF8C511EF90BDC5B5762E951A.roa
Signing time: Tue 04 Mar 2025 06:52:07 +0000
ROA not before: Tue 04 Mar 2025 06:52:03 +0000
ROA not after: Sun 11 May 2025 06:52:03 +0000
asID: 9009
IP address blocks: 154.85.100.0/22 maxlen: 24
154.85.124.0/24 maxlen: 24
154.85.125.0/24 maxlen: 24
154.85.126.0/23 maxlen: 24
154.92.112.0/21 maxlen: 24
154.92.127.0/24 maxlen: 24
154.95.0.0/23 maxlen: 24
154.95.32.0/22 maxlen: 24
154.95.36.0/23 maxlen: 24
154.95.38.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94576 (0x17170)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 4 06:52:03 2025 GMT
Not After : May 11 06:52:03 2025 GMT
Subject: CN=67c6a317-3439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2c:f5:d8:82:21:a0:fa:6d:bc:d4:9d:dc:37:
10:fa:2f:07:80:ba:1f:92:3a:e4:b6:cf:fc:55:cc:
b5:41:4e:77:40:08:1f:ea:b1:b0:8c:74:c5:fd:52:
7a:27:de:54:91:5b:8b:f2:4c:48:2b:12:0f:fd:9c:
6b:e0:60:af:20:dd:e8:79:e1:ef:ca:05:d5:8e:be:
79:86:0b:bb:0d:9d:af:f8:e5:2c:72:6f:3e:58:f2:
68:a1:40:17:20:dd:07:5b:c5:57:d4:80:3d:46:43:
b6:79:d8:7d:e8:17:95:bc:60:70:8c:a0:17:2e:6c:
39:cb:cb:35:ef:d0:2a:5e:8a:d5:3a:35:32:d3:b2:
88:e9:41:5d:4f:96:49:42:a6:d9:65:3f:49:a3:2b:
8d:b3:a5:9c:57:f8:b2:d5:ff:50:4a:2f:b9:e5:32:
7a:c2:da:9d:06:b2:c9:79:b0:fd:24:17:ad:a8:90:
f6:27:80:51:66:e6:2e:f2:f3:b1:8b:ef:0c:4a:a9:
c3:35:d3:0d:39:94:79:22:76:eb:0e:fd:55:77:b4:
b0:ec:c8:fb:2b:68:10:b8:71:cf:85:67:92:f9:31:
0e:40:c2:ff:42:13:11:ce:9e:ac:ac:af:fe:07:ba:
e7:55:2d:19:46:fd:8b:eb:4e:2b:de:6b:1b:78:54:
bc:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:10:4D:99:00:24:4E:4D:63:3D:F5:67:01:ED:63:4C:95:B7:7F:2C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/303142ACF8C511EF90BDC5B5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.100.0/22
154.85.124.0/22
154.92.112.0/21
154.92.127.0/24
154.95.0.0/23
154.95.32.0/21
Signature Algorithm: sha256WithRSAEncryption
b4:f6:01:e4:d4:5d:72:ed:b4:4f:24:07:bd:5a:7f:eb:d2:16:
c8:fe:97:7a:9d:d2:cf:19:94:ac:d0:79:ed:32:b8:3b:42:80:
45:3a:81:4e:c1:82:47:70:28:6b:94:8f:bd:92:a0:91:c9:0a:
37:da:aa:56:4a:9d:d9:fb:84:97:65:f4:55:14:7e:c2:13:ed:
ab:05:68:60:0b:cd:e8:54:8c:0c:28:0d:fd:37:35:52:e1:22:
65:20:92:9c:7b:c6:f4:5d:8c:82:c9:d0:c0:d3:b7:f8:bb:a4:
06:57:af:ec:6a:d2:81:6c:19:3d:04:27:b3:44:20:28:a9:ff:
1e:44:d1:13:87:3e:21:b3:65:af:61:f3:cb:3b:f9:20:59:80:
a5:45:f1:9f:8e:69:0d:6a:6a:f9:70:b0:95:f5:9a:19:f9:0f:
37:ec:e2:7e:08:3f:d9:29:34:e9:48:b2:4b:74:5b:38:10:c4:
33:2d:07:d4:48:b2:b0:86:3b:9d:cc:8f:0c:6a:81:98:ab:6f:
38:2b:cb:ab:00:da:d6:0f:1c:db:c4:1c:7a:65:e1:bf:0a:5e:
66:f6:7d:88:cb:3d:ed:62:8c:bb:13:61:28:f6:45:f5:f4:72:
02:be:90:6b:21:ca:33:d2:a5:68:7d:9a:f1:24:51:ba:9f:14:
86:3b:04:8f
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgIDAXFwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA0MDY1MjAzWhcNMjUwNTExMDY1MjAzWjAYMRYw
FAYDVQQDEw02N2M2YTMxNy0zNDM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsiz12IIhoPptvNSd3DcQ+i8HgLofkjrkts/8Vcy1QU53QAgf6rGwjHTF
/VJ6J95UkVuL8kxIKxIP/Zxr4GCvIN3oeeHvygXVjr55hgu7DZ2v+OUscm8+WPJo
oUAXIN0HW8VX1IA9RkO2edh96BeVvGBwjKAXLmw5y8s179AqXorVOjUy07KI6UFd
T5ZJQqbZZT9JoyuNs6WcV/iy1f9QSi+55TJ6wtqdBrLJebD9JBetqJD2J4BRZuYu
8vOxi+8MSqnDNdMNOZR5InbrDv1Vd7Sw7Mj7K2gQuHHPhWeS+TEOQML/QhMRzp6s
rK/+B7rnVS0ZRv2L604r3msbeFS88wIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFB0Q
TZkAJE5NYz31ZwHtY0yVt38sMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMDMxNDJBQ0Y4QzUxMUVGOTBCREM1QjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCmlVkAwQCmlV8AwQDmlxw
AwQAmlx/AwQBml8AAwQDml8gMA0GCSqGSIb3DQEBCwUAA4IBAQC09gHk1F1y7bRP
JAe9Wn/r0hbI/pd6ndLPGZSs0HntMrg7QoBFOoFOwYJHcChrlI+9kqCRyQo32qpW
Sp3Z+4SXZfRVFH7CE+2rBWhgC83oVIwMKA39NzVS4SJlIJKce8b0XYyCydDA07f4
u6QGV6/satKBbBk9BCezRCAoqf8eRNEThz4hs2WvYfPLO/kgWYClRfGfjmkNamr5
cLCV9ZoZ+Q837OJ+CD/ZKTTpSLJLdFs4EMQzLQfUSLKwhjudzI8MaoGYq284K8ur
ANrWDxzbxBx6ZeG/Cl5m9n2Iyz3tYoy7E2Eo9kX19HICvpBrIcoz0qVofZrxJFG6
nxSGOwSP
-----END CERTIFICATE-----
Generated at Thu Apr 10 14:09:08 2025 by rpki-client