Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4C37C70A018511F09ABA22B9762E951A.roa
File: 4C37C70A018511F09ABA22B9762E951A.roa (raw, json)
Hash identifier: CL7EV3z0nSdFhbVk2mnNoFnKPpzTopuEsbXYGlslO0U=
Subject key identifier: 07:BE:79:4F:84:11:F4:AD:0E:A2:93:BE:48:50:B3:1E:EE:13:8A:D1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017461
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4C37C70A018511F09ABA22B9762E951A.roa
Signing time: Sat 15 Mar 2025 10:07:27 +0000
ROA not before: Sat 15 Mar 2025 10:07:23 +0000
ROA not after: Mon 21 Apr 2025 10:07:23 +0000
asID: 39600
IP address blocks: 154.91.128.0/21 maxlen: 24
154.95.40.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95329 (0x17461)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 15 10:07:23 2025 GMT
Not After : Apr 21 10:07:23 2025 GMT
Subject: CN=67d5515f-da12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ca:95:55:06:10:33:4f:1c:c4:9d:13:3b:6b:
59:87:6a:8e:5c:16:21:92:66:83:32:44:84:bd:f9:
cd:11:82:27:09:57:40:57:49:56:8f:a7:de:ef:90:
ff:7c:28:b2:75:a2:02:48:8f:17:9e:81:7c:43:72:
4b:43:22:11:d2:9c:52:bc:06:b0:b2:d7:de:e7:a1:
49:1a:b7:b3:fc:2b:3a:66:62:8f:97:51:77:a1:1e:
93:bc:f6:80:0b:e1:46:ae:62:75:91:4c:f5:38:1a:
b6:bd:bc:1f:db:12:5e:d3:eb:bd:52:11:9d:5f:3a:
54:47:e6:8a:51:30:56:db:6d:db:18:34:cd:75:31:
e4:a1:d2:5d:b0:84:ba:8a:ec:c7:18:76:e6:ac:da:
68:10:2e:36:ef:ba:43:e2:53:2d:63:10:df:8a:67:
06:19:de:e8:9a:b6:42:d5:41:24:37:13:62:c9:65:
81:95:d3:3f:bb:dc:3d:8c:8c:db:30:ad:b2:7b:de:
02:0e:7f:19:b8:ee:04:06:da:3c:a4:71:86:78:77:
07:bc:bb:83:00:9f:2c:97:35:7a:f2:44:35:70:ce:
eb:6e:fb:86:ee:2f:20:0c:03:14:d7:9d:71:e2:ba:
fa:6a:bc:2e:43:c5:5b:6c:8d:e8:43:f4:d7:a4:60:
a5:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:BE:79:4F:84:11:F4:AD:0E:A2:93:BE:48:50:B3:1E:EE:13:8A:D1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4C37C70A018511F09ABA22B9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.128.0/21
154.95.40.0/21
Signature Algorithm: sha256WithRSAEncryption
70:c1:d6:aa:65:01:09:d0:59:cf:52:5a:d8:d8:50:52:53:76:
33:c3:d3:bd:84:37:17:90:b6:f6:55:f5:78:85:df:71:a2:3e:
f3:1f:7e:a1:e7:08:8d:37:6d:2f:92:f6:f8:ee:64:dd:2f:94:
91:43:eb:1f:20:97:f2:d2:42:b7:21:12:9c:55:21:57:f4:1b:
21:25:15:cb:a7:11:6b:ba:3f:5e:3e:46:88:7c:62:8c:f8:99:
5a:5e:24:d4:c7:c9:08:40:2a:bc:8e:fb:c1:93:4e:45:2f:42:
15:c0:0d:e8:a9:58:85:6f:f5:2e:e1:54:11:6e:5c:7e:56:c7:
2d:10:4f:38:40:79:b9:4f:5a:57:79:1c:fd:4d:bf:cb:65:21:
1d:e8:64:10:a1:1c:47:4b:c9:7f:87:06:a1:e6:2d:4b:d3:e0:
4b:bd:dc:cb:1e:ef:08:33:30:22:8b:9c:6f:6b:73:89:f5:ac:
c7:f0:79:4b:4e:61:99:f7:1d:1b:80:d0:61:bb:5f:67:09:40:
0a:49:43:15:de:54:a0:6c:e5:d1:f5:92:5e:8c:26:01:e0:af:
92:39:e9:fe:96:d3:17:db:41:16:41:ce:6c:3d:33:ef:16:ab:
8b:82:ea:8d:03:44:f1:75:5d:17:e6:62:ea:08:27:9e:5e:6a:
63:4b:6b:33
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXRhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzE1MTAwNzIzWhcNMjUwNDIxMTAwNzIzWjAYMRYw
FAYDVQQDEw02N2Q1NTE1Zi1kYTEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAosqVVQYQM08cxJ0TO2tZh2qOXBYhkmaDMkSEvfnNEYInCVdAV0lWj6fe
75D/fCiydaICSI8XnoF8Q3JLQyIR0pxSvAawstfe56FJGrez/Cs6ZmKPl1F3oR6T
vPaAC+FGrmJ1kUz1OBq2vbwf2xJe0+u9UhGdXzpUR+aKUTBW223bGDTNdTHkodJd
sIS6iuzHGHbmrNpoEC4277pD4lMtYxDfimcGGd7omrZC1UEkNxNiyWWBldM/u9w9
jIzbMK2ye94CDn8ZuO4EBto8pHGGeHcHvLuDAJ8slzV68kQ1cM7rbvuG7i8gDAMU
151x4rr6arwuQ8VbbI3oQ/TXpGClOwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFAe+
eU+EEfStDqKTvkhQsx7uE4rRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80QzM3QzcwQTAxODUxMUYwOUFCQTIyQjk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDmluAAwQDml8oMA0GCSqG
SIb3DQEBCwUAA4IBAQBwwdaqZQEJ0FnPUlrY2FBSU3Yzw9O9hDcXkLb2VfV4hd9x
oj7zH36h5wiNN20vkvb47mTdL5SRQ+sfIJfy0kK3IRKcVSFX9BshJRXLpxFruj9e
PkaIfGKM+JlaXiTUx8kIQCq8jvvBk05FL0IVwA3oqViFb/Uu4VQRblx+VsctEE84
QHm5T1pXeRz9Tb/LZSEd6GQQoRxHS8l/hwah5i1L0+BLvdzLHu8IMzAii5xva3OJ
9azH8HlLTmGZ9x0bgNBhu19nCUAKSUMV3lSgbOXR9ZJejCYB4K+SOen+ltMX20EW
Qc5sPTPvFquLguqNA0TxdV0X5mLqCCeeXmpjS2sz
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:16:12 2025 by rpki-client