Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43D58086FF3511EF9494CA58762E951A.roa
File: 43D58086FF3511EF9494CA58762E951A.roa (raw, json)
Hash identifier: 84yHQXcuAvSQeCu9gPts6QyXpt1/YMFg7d9jwSPHcbM=
Subject key identifier: C0:3C:CA:BF:BF:09:EE:4F:C7:BD:B1:DB:29:EB:61:A6:2B:5E:0B:21
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0173FC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43D58086FF3511EF9494CA58762E951A.roa
Signing time: Wed 12 Mar 2025 11:29:31 +0000
ROA not before: Wed 12 Mar 2025 11:29:27 +0000
ROA not after: Thu 08 May 2025 11:29:27 +0000
asID: 137443
IP address blocks: 154.223.168.0/22 maxlen: 24
154.223.176.0/22 maxlen: 24
154.223.180.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95228 (0x173fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 12 11:29:27 2025 GMT
Not After : May 8 11:29:27 2025 GMT
Subject: CN=67d1701b-7bc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ee:e3:16:f9:4c:1a:69:4d:ce:51:95:cd:f0:
d2:08:b6:b3:a4:ec:24:d2:b1:17:95:1d:df:a1:61:
ec:09:6a:7f:20:e6:1f:df:a1:ec:66:41:5a:cd:76:
6d:18:38:9b:e3:fc:bf:e3:7b:8b:72:bf:2d:a9:ee:
e5:6d:3c:9e:b2:e4:8b:f9:f7:23:38:b3:d7:28:6e:
7c:8c:4e:88:08:2e:c8:0d:77:76:1b:24:bb:25:28:
6f:81:99:56:ae:c7:00:c4:9d:9f:76:26:1d:ad:31:
af:72:f1:f7:45:d5:d9:0d:31:50:42:d3:93:9b:25:
96:5a:b2:ef:35:1f:68:f5:a1:c8:26:e1:49:b0:ac:
10:c2:7e:58:a8:af:5b:33:38:59:eb:7a:4e:c0:3c:
d6:d0:ec:47:33:cd:5e:79:04:16:d6:f7:f5:7d:ea:
8e:e4:1e:d8:95:2a:1c:ce:10:e4:c8:c8:17:85:11:
bf:37:e4:8a:1f:e2:0e:48:ee:4a:b7:d9:31:5e:5d:
56:b9:a8:88:82:c6:75:c7:97:db:31:4a:3d:9c:8c:
f0:7f:95:f9:fc:07:b8:a4:75:24:3e:c6:af:b6:69:
4a:b2:c6:68:d6:ae:99:78:ee:e1:fb:ef:6c:60:57:
7c:be:ce:aa:55:2f:67:f6:a4:dc:23:cc:8c:24:12:
fa:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:3C:CA:BF:BF:09:EE:4F:C7:BD:B1:DB:29:EB:61:A6:2B:5E:0B:21
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43D58086FF3511EF9494CA58762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.168.0/22
154.223.176.0/21
Signature Algorithm: sha256WithRSAEncryption
23:c5:dd:5d:90:cc:80:b6:25:01:25:a9:73:b4:19:b2:da:0d:
e2:7c:79:dd:41:97:03:34:98:ee:f7:09:f7:73:72:34:3a:30:
dc:e0:38:1f:64:a3:a1:7d:88:df:51:c7:1a:ef:53:6e:c7:ed:
76:d0:6a:05:e1:2b:74:0c:37:fa:06:13:ae:30:25:b6:dc:60:
6b:bd:be:69:e3:22:03:e8:a8:4c:ac:55:01:f6:55:73:07:fc:
b7:d4:17:f8:2e:76:68:b5:e4:ae:35:ab:35:af:79:fe:7e:df:
7d:9b:11:f2:c5:55:48:13:70:fd:52:8d:5a:cf:8e:d7:62:1f:
a9:c2:e5:93:4f:4b:f0:44:1a:04:4b:b7:2b:c4:25:26:1f:ca:
b1:2c:15:87:c8:c3:58:79:c3:5a:16:5a:29:98:e6:d7:23:21:
29:cd:59:72:77:fc:97:15:cc:3d:d3:c3:eb:33:45:9e:4f:a5:
91:18:ba:ee:b0:a2:3f:8a:cd:d1:e9:b2:ad:98:8f:66:7c:57:
96:10:58:bc:dd:65:8c:3b:13:96:40:11:46:eb:7d:2c:44:44:
61:e3:01:f4:6e:a1:7a:5a:53:3e:7a:da:fb:15:38:cf:c9:93:
0a:94:5a:6e:17:d6:15:15:60:5c:74:f7:5d:76:00:bb:93:dd:
c8:ce:f7:4b
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXP8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzEyMTEyOTI3WhcNMjUwNTA4MTEyOTI3WjAYMRYw
FAYDVQQDEw02N2QxNzAxYi03YmMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAve7jFvlMGmlNzlGVzfDSCLazpOwk0rEXlR3foWHsCWp/IOYf36HsZkFa
zXZtGDib4/y/43uLcr8tqe7lbTyesuSL+fcjOLPXKG58jE6ICC7IDXd2GyS7JShv
gZlWrscAxJ2fdiYdrTGvcvH3RdXZDTFQQtOTmyWWWrLvNR9o9aHIJuFJsKwQwn5Y
qK9bMzhZ63pOwDzW0OxHM81eeQQW1vf1feqO5B7YlSoczhDkyMgXhRG/N+SKH+IO
SO5Kt9kxXl1WuaiIgsZ1x5fbMUo9nIzwf5X5/Ae4pHUkPsavtmlKssZo1q6ZeO7h
++9sYFd8vs6qVS9n9qTcI8yMJBL6qQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFMA8
yr+/Ce5Px72x2ynrYaYrXgshMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80M0Q1ODA4NkZGMzUxMUVGOTQ5NENBNTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmt+oAwQDmt+wMA0GCSqG
SIb3DQEBCwUAA4IBAQAjxd1dkMyAtiUBJalztBmy2g3ifHndQZcDNJju9wn3c3I0
OjDc4DgfZKOhfYjfUcca71Nux+120GoF4St0DDf6BhOuMCW23GBrvb5p4yID6KhM
rFUB9lVzB/y31Bf4LnZoteSuNas1r3n+ft99mxHyxVVIE3D9Uo1az47XYh+pwuWT
T0vwRBoES7crxCUmH8qxLBWHyMNYecNaFlopmObXIyEpzVlyd/yXFcw908PrM0We
T6WRGLrusKI/is3R6bKtmI9mfFeWEFi83WWMOxOWQBFG630sRERh4wH0bqF6WlM+
etr7FTjPyZMKlFpuF9YVFWBcdPdddgC7k93IzvdL
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:13 2025 by rpki-client