Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4F48CF9AFE4F11EF88A02594762E951A.roa
File: 4F48CF9AFE4F11EF88A02594762E951A.roa (raw, json)
Hash identifier: C8ccThNYU1c2wtyo5kkaenJdWoX06/NCNt54h4IOdks=
Subject key identifier: 76:0D:CD:9A:2D:BF:A0:29:04:23:58:6F:73:31:CD:86:15:5B:D3:2E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017372
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4F48CF9AFE4F11EF88A02594762E951A.roa
Signing time: Tue 11 Mar 2025 08:03:27 +0000
ROA not before: Tue 11 Mar 2025 08:03:21 +0000
ROA not after: Sun 13 Apr 2025 08:03:21 +0000
asID: 54801
IP address blocks: 154.86.0.0/24 maxlen: 24
154.91.224.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95090 (0x17372)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 11 08:03:21 2025 GMT
Not After : Apr 13 08:03:21 2025 GMT
Subject: CN=67cfee4f-a8cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:83:51:44:cd:dd:32:fd:42:f4:4b:4f:1f:03:
13:5b:04:24:7b:78:ef:64:75:0a:b1:61:d1:34:a6:
37:43:38:84:a0:63:6f:56:ed:85:aa:ac:b5:e3:cc:
41:15:b7:76:49:c6:b7:00:54:1b:c2:8a:bd:ea:34:
c1:be:20:75:54:90:ba:ab:c5:f6:6d:b7:14:88:94:
dd:8e:88:90:8e:74:11:a4:bb:0b:90:f1:7a:c7:5a:
78:f9:95:ea:81:19:20:06:e3:02:68:25:58:68:21:
46:b8:26:f0:42:3d:49:d7:f3:6a:b0:bb:51:c9:fb:
5a:fd:2b:b3:58:b2:da:26:f2:46:d9:77:e6:e0:b6:
1d:7c:8e:25:b7:d9:7a:47:e5:34:e2:b8:2a:c8:53:
c9:97:96:cc:d2:50:fe:96:60:b5:dc:da:45:07:e3:
75:62:59:09:89:98:dc:9a:b9:85:93:f6:a7:08:1e:
34:d4:89:91:f0:ec:6a:af:98:36:3c:41:f4:89:73:
06:ad:65:24:5f:26:c4:1a:c4:ef:9b:e4:d9:c8:43:
f5:59:27:58:0b:bd:2b:0b:40:a9:0c:63:97:79:58:
23:91:1b:13:bc:4e:0d:09:5c:71:bb:2a:cd:85:11:
df:cf:66:90:da:db:fd:c2:1f:20:30:00:ad:2c:26:
72:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:0D:CD:9A:2D:BF:A0:29:04:23:58:6F:73:31:CD:86:15:5B:D3:2E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4F48CF9AFE4F11EF88A02594762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.0.0/24
154.91.224.0/19
Signature Algorithm: sha256WithRSAEncryption
d1:ff:32:0e:25:2b:41:59:b6:d0:31:ee:1a:4a:2b:8c:d3:aa:
69:c0:34:97:79:2b:5d:d0:1f:09:dc:27:a2:7c:47:98:3e:6a:
af:38:15:98:33:d7:67:18:1c:ab:b4:28:9c:35:cb:ae:5a:2e:
ab:0e:20:58:ea:67:5c:d9:10:1d:c1:46:d5:26:7f:40:29:22:
cb:7b:02:4e:56:d6:78:50:f1:91:b1:15:78:91:dc:50:cb:35:
f7:9b:6e:6d:64:7b:b0:48:d2:44:fe:d2:b1:ba:8b:3c:d9:fd:
35:5e:8e:b9:98:3d:03:e0:8c:5b:c9:51:02:da:bb:87:ba:56:
78:cb:54:19:ab:16:76:1c:2b:ef:ad:df:dd:0f:a6:5f:22:36:
56:b1:b2:fe:80:e4:ed:92:42:9b:71:6c:0b:a7:6b:9a:3c:04:
0a:e3:aa:b6:66:35:45:e4:e7:3d:88:73:59:8b:f3:ff:7c:6f:
03:0e:4a:c0:63:16:f1:97:90:5a:3b:58:18:2b:30:3d:da:41:
e9:6a:fe:7d:23:f3:f0:7b:57:00:ee:f6:c0:41:8c:74:63:53:
1a:9d:68:a9:bf:61:5b:40:12:ba:52:85:7d:23:04:0a:cf:7a:
ed:0c:f0:09:c4:27:2c:0d:3e:08:89:5c:34:0d:ba:c7:90:2e:
d7:06:5a:73
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXNyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzExMDgwMzIxWhcNMjUwNDEzMDgwMzIxWjAYMRYw
FAYDVQQDEw02N2NmZWU0Zi1hOGNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtYNRRM3dMv1C9EtPHwMTWwQke3jvZHUKsWHRNKY3QziEoGNvVu2Fqqy1
48xBFbd2Sca3AFQbwoq96jTBviB1VJC6q8X2bbcUiJTdjoiQjnQRpLsLkPF6x1p4
+ZXqgRkgBuMCaCVYaCFGuCbwQj1J1/NqsLtRyfta/SuzWLLaJvJG2Xfm4LYdfI4l
t9l6R+U04rgqyFPJl5bM0lD+lmC13NpFB+N1YlkJiZjcmrmFk/anCB401ImR8Oxq
r5g2PEH0iXMGrWUkXybEGsTvm+TZyEP1WSdYC70rC0CpDGOXeVgjkRsTvE4NCVxx
uyrNhRHfz2aQ2tv9wh8gMACtLCZyQwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFHYN
zZotv6ApBCNYb3MxzYYVW9MuMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80RjQ4Q0Y5QUZFNEYxMUVGODhBMDI1OTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmlYAAwQFmlvgMA0GCSqG
SIb3DQEBCwUAA4IBAQDR/zIOJStBWbbQMe4aSiuM06ppwDSXeStd0B8J3CeifEeY
PmqvOBWYM9dnGByrtCicNcuuWi6rDiBY6mdc2RAdwUbVJn9AKSLLewJOVtZ4UPGR
sRV4kdxQyzX3m25tZHuwSNJE/tKxuos82f01Xo65mD0D4IxbyVEC2ruHulZ4y1QZ
qxZ2HCvvrd/dD6ZfIjZWsbL+gOTtkkKbcWwLp2uaPAQK46q2ZjVF5Oc9iHNZi/P/
fG8DDkrAYxbxl5BaO1gYKzA92kHpav59I/Pwe1cA7vbAQYx0Y1ManWipv2FbQBK6
UoV9IwQKz3rtDPAJxCcsDT4IiVw0DbrHkC7XBlpz
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:43:22 2025 by rpki-client