Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33051858FCCD11EFB8E1006B762E951A.roa
File: 33051858FCCD11EFB8E1006B762E951A.roa (raw, json)
Hash identifier: fQB5tcS51s5TO3J8L4jxBAzqomYYrwy8cPSUP6P28KA=
Subject key identifier: 9A:5F:44:D0:ED:C2:47:E1:F7:07:FB:01:31:09:D1:AC:1C:DA:65:88
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01730E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33051858FCCD11EFB8E1006B762E951A.roa
Signing time: Sun 09 Mar 2025 09:59:33 +0000
ROA not before: Sun 09 Mar 2025 09:59:29 +0000
ROA not after: Tue 08 Apr 2025 09:59:29 +0000
asID: 45194
IP address blocks: 154.84.207.0/24 maxlen: 24
154.84.209.0/24 maxlen: 24
154.84.210.0/24 maxlen: 24
154.84.246.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94990 (0x1730e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 9 09:59:29 2025 GMT
Not After : Apr 8 09:59:29 2025 GMT
Subject: CN=67cd6685-ff7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d5:d6:2b:aa:58:4d:6d:71:17:f7:63:ee:de:
29:e8:70:6d:5f:a1:f9:2d:9b:c3:42:99:d9:bd:18:
6d:de:a0:64:23:8f:3a:32:1a:9b:99:40:01:78:8a:
15:7c:67:80:b6:c5:c6:ec:29:61:77:da:04:16:45:
29:17:de:28:50:22:3d:c2:7c:3a:0e:7f:b5:7a:e1:
81:77:5a:c9:db:b8:35:b8:62:94:83:5b:f0:25:78:
73:d5:55:21:f2:55:0d:07:60:af:3c:10:45:0f:15:
38:62:32:b4:bb:a8:5f:49:cd:34:6a:04:75:95:f2:
02:30:94:72:98:e8:9d:a0:1f:8d:dc:b8:21:ef:fd:
a0:f8:c2:d0:40:8e:74:bc:f7:2d:99:36:3f:77:4a:
95:45:4e:4f:23:20:46:4b:d4:84:0a:65:b7:27:b2:
ac:a6:19:a0:b4:50:03:0c:eb:b6:8e:8c:af:81:d8:
f5:e3:44:e0:22:7b:f6:b5:cd:5a:18:cf:35:8f:28:
cc:4b:fa:66:2d:a1:0b:f7:28:81:20:d5:3b:06:b1:
ea:e3:f4:54:61:66:b9:2f:95:23:f8:d9:c4:53:cd:
35:8a:3e:16:43:56:00:cb:65:f1:64:57:25:22:3c:
e4:25:ce:f8:be:7c:c8:4b:17:89:90:fd:ce:b4:3a:
59:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:5F:44:D0:ED:C2:47:E1:F7:07:FB:01:31:09:D1:AC:1C:DA:65:88
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/33051858FCCD11EFB8E1006B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.207.0/24
154.84.209.0-154.84.210.255
154.84.246.0/24
Signature Algorithm: sha256WithRSAEncryption
98:71:32:9f:37:c4:19:28:50:a0:5f:de:a4:c5:d7:5c:85:f2:
41:c3:f9:ec:8b:74:71:8c:1d:a0:d5:9f:f5:8e:4b:52:00:b3:
6b:8c:0a:98:d4:4d:84:ba:5d:38:12:55:03:d3:12:92:7c:f8:
15:a2:57:86:6e:60:fb:48:a6:29:f9:fb:f8:3c:ed:83:bb:c6:
cc:52:46:6f:20:70:1c:a7:19:c5:88:2c:39:69:98:6c:ee:86:
ac:52:e1:a3:3f:4c:d3:59:bd:f9:71:83:ba:a0:af:69:80:0b:
5c:aa:c7:e6:1f:90:b4:cb:25:bd:5c:9d:65:77:c6:88:e3:ea:
84:c8:eb:f1:60:fe:6e:81:3a:58:b4:29:ee:95:8d:44:12:51:
47:10:c9:8c:6b:56:e5:f2:a1:3b:8e:38:1c:d6:0a:64:76:4f:
2c:b7:85:bf:c0:91:01:d2:b0:dd:48:4e:dc:2c:73:8e:7f:54:
27:b4:b0:d0:5e:d0:ee:68:8e:90:01:8e:0a:bc:96:31:fb:5d:
d9:d0:83:0d:61:a9:7d:92:02:7b:f6:a5:91:2f:e3:88:a7:66:
f9:f2:75:9e:93:13:0a:ec:be:54:5a:f8:88:23:8f:5c:1f:eb:
f7:51:4f:02:d7:dd:8a:b0:e2:e8:7b:4d:07:ea:91:16:48:60:
de:cc:dd:26
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAXMOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA5MDk1OTI5WhcNMjUwNDA4MDk1OTI5WjAYMRYw
FAYDVQQDEw02N2NkNjY4NS1mZjdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAytXWK6pYTW1xF/dj7t4p6HBtX6H5LZvDQpnZvRht3qBkI486MhqbmUAB
eIoVfGeAtsXG7Clhd9oEFkUpF94oUCI9wnw6Dn+1euGBd1rJ27g1uGKUg1vwJXhz
1VUh8lUNB2CvPBBFDxU4YjK0u6hfSc00agR1lfICMJRymOidoB+N3Lgh7/2g+MLQ
QI50vPctmTY/d0qVRU5PIyBGS9SECmW3J7KsphmgtFADDOu2joyvgdj140TgInv2
tc1aGM81jyjMS/pmLaEL9yiBINU7BrHq4/RUYWa5L5Uj+NnEU801ij4WQ1YAy2Xx
ZFclIjzkJc74vnzISxeJkP3OtDpZ0QIDAQABo4ICuTCCArUwHQYDVR0OBBYEFJpf
RNDtwkfh9wf7ATEJ0awc2mWIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMzA1MTg1OEZDQ0QxMUVGQjhFMTAwNkI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAmlTPMAwDBACaVNEDBACa
VNIDBACaVPYwDQYJKoZIhvcNAQELBQADggEBAJhxMp83xBkoUKBf3qTF11yF8kHD
+eyLdHGMHaDVn/WOS1IAs2uMCpjUTYS6XTgSVQPTEpJ8+BWiV4ZuYPtIpin5+/g8
7YO7xsxSRm8gcBynGcWILDlpmGzuhqxS4aM/TNNZvflxg7qgr2mAC1yqx+YfkLTL
Jb1cnWV3xojj6oTI6/Fg/m6BOli0Ke6VjUQSUUcQyYxrVuXyoTuOOBzWCmR2Tyy3
hb/AkQHSsN1ITtwsc45/VCe0sNBe0O5ojpABjgq8ljH7XdnQgw1hqX2SAnv2pZEv
44inZvnydZ6TEwrsvlRa+Igjj1wf6/dRTwLX3Yqw4uh7TQfqkRZIYN7M3SY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:09:43 2025 by rpki-client