Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/38376C28F8C611EF8390EABA762E951A.roa
File: 38376C28F8C611EF8390EABA762E951A.roa (raw, json)
Hash identifier: YScs12Yn2FVI/ObeqSEy3b6vCTRTnzOg0Dy8/bG2j/M=
Subject key identifier: 99:F7:2D:F6:44:91:46:E2:21:37:06:A5:78:8D:17:B4:65:D0:34:34
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017174
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/38376C28F8C611EF8390EABA762E951A.roa
Signing time: Tue 04 Mar 2025 06:59:30 +0000
ROA not before: Tue 04 Mar 2025 06:59:26 +0000
ROA not after: Fri 04 Apr 2025 06:59:26 +0000
asID: 200373
IP address blocks: 154.91.171.0/24 maxlen: 24
154.94.12.0/24 maxlen: 24
154.94.13.0/24 maxlen: 24
154.94.14.0/24 maxlen: 24
154.94.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94580 (0x17174)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 4 06:59:26 2025 GMT
Not After : Apr 4 06:59:26 2025 GMT
Subject: CN=67c6a4d2-eca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:09:31:4d:de:a0:93:3d:40:55:36:fb:a6:ee:
0e:cf:e3:ce:09:7f:6f:77:88:aa:06:e1:a4:c1:65:
02:e4:f3:e8:c7:1a:90:4f:01:c5:a8:93:4b:f0:ec:
e4:e0:77:49:85:ff:cc:0b:a2:c7:93:3a:5b:27:fe:
0e:d8:80:b1:57:e7:4c:62:4e:6f:e3:68:26:a6:d8:
55:d5:6d:35:8d:20:b8:18:5d:d3:2e:27:53:21:fd:
e5:cc:f4:70:9a:23:d0:6d:25:31:2f:76:ad:aa:c7:
47:b2:c4:c1:f4:ff:74:04:4c:a0:b1:ec:78:d6:17:
a9:e8:00:5f:84:c3:9d:d2:fb:e2:41:91:f6:3d:17:
70:c7:ff:52:00:a8:33:d7:1c:7d:1b:6b:97:03:b3:
39:36:69:c8:f9:b9:0e:23:98:ca:2e:10:bd:fa:75:
e1:22:ce:7e:bc:7e:dd:b3:a6:6e:66:98:10:1b:28:
28:4b:88:fd:dd:71:b5:c7:27:b0:95:81:e6:72:1d:
a9:66:61:86:1a:c9:ba:1e:50:f0:11:10:52:d8:de:
95:e3:12:e8:cc:62:0d:38:31:13:58:64:35:0d:d8:
9f:66:1c:bb:01:ec:56:0b:39:58:4e:8d:76:61:18:
5d:dc:54:d7:f2:ba:09:b5:86:44:74:d3:7a:42:77:
8c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F7:2D:F6:44:91:46:E2:21:37:06:A5:78:8D:17:B4:65:D0:34:34
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/38376C28F8C611EF8390EABA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.171.0/24
154.94.12.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:32:dc:ca:e2:e0:8a:eb:d3:f4:30:b7:aa:57:fd:e2:7b:52:
31:cf:13:e2:f7:60:11:3b:79:c4:09:dc:ff:2d:47:ae:11:cd:
bd:46:49:65:ba:9b:48:5e:e4:07:45:7b:c7:85:c4:ba:c8:f0:
9a:41:47:4f:66:70:5d:19:f8:75:51:85:4c:70:00:70:ee:fe:
3b:58:1f:af:b2:7a:1f:ed:2e:3c:45:47:ee:8a:6e:5f:dc:91:
18:47:6a:0f:71:73:85:99:4e:d4:cb:7d:f7:6f:3b:d2:b5:57:
b2:d2:14:c4:c3:cd:c8:4f:6d:2f:1b:1c:62:18:1c:fa:9e:34:
0e:0a:cd:68:c5:ec:ea:da:c7:83:a3:98:8c:6b:ec:62:7f:58:
07:da:e6:3f:a2:a1:a5:bb:3a:38:d2:ef:66:07:78:46:75:7c:
52:86:ba:2c:65:1e:2b:0b:fb:2b:39:a4:c4:5a:e2:38:e9:b8:
5a:d0:b1:f9:ba:34:ec:14:0c:dc:7e:9b:90:83:69:62:9b:18:
b6:c8:ad:1e:a7:21:40:6f:8f:51:28:0e:4a:84:f7:50:44:0d:
31:46:e3:6b:99:e5:e7:84:1f:cc:e9:99:fd:2c:52:1f:44:7a:
5c:72:00:8f:2e:95:a2:81:18:bc:65:b8:23:c9:ae:31:b2:2e:
6a:a3:b7:9e
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXF0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA0MDY1OTI2WhcNMjUwNDA0MDY1OTI2WjAYMRYw
FAYDVQQDEw02N2M2YTRkMi1lY2EyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2AkxTd6gkz1AVTb7pu4Oz+POCX9vd4iqBuGkwWUC5PPoxxqQTwHFqJNL
8Ozk4HdJhf/MC6LHkzpbJ/4O2ICxV+dMYk5v42gmpthV1W01jSC4GF3TLidTIf3l
zPRwmiPQbSUxL3atqsdHssTB9P90BEygsex41hep6ABfhMOd0vviQZH2PRdwx/9S
AKgz1xx9G2uXA7M5NmnI+bkOI5jKLhC9+nXhIs5+vH7ds6ZuZpgQGygoS4j93XG1
xyewlYHmch2pZmGGGsm6HlDwERBS2N6V4xLozGINODETWGQ1DdifZhy7AexWCzlY
To12YRhd3FTX8roJtYZEdNN6QneMaQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFJn3
LfZEkUbiITcGpXiNF7Rl0DQ0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zODM3NkMyOEY4QzYxMUVGODM5MEVBQkE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmlurAwQCml4MMA0GCSqG
SIb3DQEBCwUAA4IBAQCaMtzK4uCK69P0MLeqV/3ie1IxzxPi92ARO3nECdz/LUeu
Ec29RklluptIXuQHRXvHhcS6yPCaQUdPZnBdGfh1UYVMcABw7v47WB+vsnof7S48
RUfuim5f3JEYR2oPcXOFmU7Uy333bzvStVey0hTEw83IT20vGxxiGBz6njQOCs1o
xezq2seDo5iMa+xif1gH2uY/oqGluzo40u9mB3hGdXxShrosZR4rC/srOaTEWuI4
6bha0LH5ujTsFAzcfpuQg2limxi2yK0epyFAb49RKA5KhPdQRA0xRuNrmeXnhB/M
6Zn9LFIfRHpccgCPLpWigRi8Zbgjya4xsi5qo7ee
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:38:08 2025 by rpki-client