Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/57B4D7E40A2211F0BA72F1A4762E951A.roa
File: 57B4D7E40A2211F0BA72F1A4762E951A.roa (raw, json)
Hash identifier: f1Qmq/FzysEJbhCuvcHDY/Xn94JoOK27PwwuL5a5NJM=
Subject key identifier: 64:50:CF:CB:00:50:34:00:9C:13:D1:34:E2:D6:0F:20:A1:E2:0B:6B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017669
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/57B4D7E40A2211F0BA72F1A4762E951A.roa
Signing time: Wed 26 Mar 2025 09:11:46 +0000
ROA not before: Wed 26 Mar 2025 09:11:43 +0000
ROA not after: Wed 30 Apr 2025 09:11:43 +0000
asID: 133180
IP address blocks: 154.194.128.0/18 maxlen: 24
154.206.128.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95849 (0x17669)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 26 09:11:43 2025 GMT
Not After : Apr 30 09:11:43 2025 GMT
Subject: CN=67e3c4d2-ad82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:36:df:23:0c:fd:da:97:d8:b8:88:92:32:e5:
71:9f:17:30:cf:31:dd:39:56:19:88:80:60:4c:fb:
e4:77:b5:33:08:4c:ae:1c:a1:1d:84:ca:d9:f9:22:
81:08:d8:df:29:23:d9:c6:12:48:a6:79:a3:db:15:
20:0b:5d:53:ed:4b:ed:be:b2:93:64:dc:83:3c:81:
1f:80:86:2c:35:b2:10:aa:43:8f:c8:b0:a6:78:7d:
a0:23:af:af:02:43:22:60:bf:14:0e:81:f2:47:fd:
73:39:64:f9:5e:66:79:2f:29:68:ec:b4:80:b5:05:
2a:07:2b:a4:0e:6f:52:19:a4:55:42:53:92:c4:92:
05:85:67:c2:47:15:c0:13:a1:7f:24:2a:9e:de:a0:
3e:44:00:8c:6f:28:0f:51:e7:e2:84:9c:8d:38:40:
02:d3:89:ee:56:76:0c:26:ba:02:9e:e8:32:a0:de:
52:e6:65:e6:ce:5f:ce:3e:b9:c6:f8:6b:94:1b:c1:
d9:4e:66:40:b2:19:2a:7f:90:27:0b:3a:ad:87:fc:
2b:93:d6:33:75:8a:77:c4:a5:bc:de:ae:ba:dc:7b:
77:a7:58:69:be:ef:9b:fa:a0:6d:4b:b5:65:0c:33:
1a:b4:87:7e:83:2b:0d:04:a6:4e:0e:11:f1:3a:7d:
b3:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:50:CF:CB:00:50:34:00:9C:13:D1:34:E2:D6:0F:20:A1:E2:0B:6B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/57B4D7E40A2211F0BA72F1A4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.128.0/18
154.206.128.0/18
Signature Algorithm: sha256WithRSAEncryption
d3:dd:c8:cc:ad:f7:9a:b2:c2:ea:6f:11:60:1b:71:a0:e5:99:
e7:c9:1f:e3:9c:6b:2b:d7:39:a3:96:d2:83:02:45:1d:fa:11:
f7:b8:3a:16:4f:72:c8:36:f2:ea:cf:34:b2:5f:dc:c2:2d:84:
9e:4d:2a:1a:67:7d:52:fb:40:c3:0e:09:43:5a:27:22:4e:2a:
34:31:e9:8d:0a:a9:f0:d8:44:9e:21:e4:35:f8:37:ba:3d:1f:
38:78:67:4a:2d:64:23:1e:cf:b2:73:77:29:19:5b:d4:21:37:
ff:99:39:5e:aa:15:7c:b5:f4:42:8f:9b:4f:f9:9c:e9:24:1f:
06:26:ec:29:3d:dc:f6:3d:2e:a1:02:4b:24:2f:cd:c1:a1:73:
7f:9f:a5:a2:a2:38:c3:f4:54:ab:13:05:b3:f8:42:e8:2a:5a:
6f:27:bc:0e:8c:fe:17:d0:57:dd:8c:32:7b:7d:c5:8c:22:86:
76:77:4b:30:1d:58:d0:fc:77:fe:71:0d:a0:19:47:11:af:c1:
89:3d:a8:4c:28:65:a2:fb:e7:f6:5a:89:21:b9:6d:bd:b0:c6:
a6:58:5a:5e:c1:16:06:94:20:f6:93:e0:7f:11:c7:84:85:d4:
b1:c8:ba:1d:b1:b8:f7:6c:9f:71:0f:3f:1e:bc:79:4c:ef:e0:
47:55:06:bf
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXZpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI2MDkxMTQzWhcNMjUwNDMwMDkxMTQzWjAYMRYw
FAYDVQQDEw02N2UzYzRkMi1hZDgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqzbfIwz92pfYuIiSMuVxnxcwzzHdOVYZiIBgTPvkd7UzCEyuHKEdhMrZ
+SKBCNjfKSPZxhJIpnmj2xUgC11T7UvtvrKTZNyDPIEfgIYsNbIQqkOPyLCmeH2g
I6+vAkMiYL8UDoHyR/1zOWT5XmZ5Lylo7LSAtQUqByukDm9SGaRVQlOSxJIFhWfC
RxXAE6F/JCqe3qA+RACMbygPUefihJyNOEAC04nuVnYMJroCnugyoN5S5mXmzl/O
PrnG+GuUG8HZTmZAshkqf5AnCzqth/wrk9YzdYp3xKW83q663Ht3p1hpvu+b+qBt
S7VlDDMatId+gysNBKZODhHxOn2zJwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFGRQ
z8sAUDQAnBPRNOLWDyCh4gtrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81N0I0RDdFNDBBMjIxMUYwQkE3MkYxQTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGmsKAAwQGms6AMA0GCSqG
SIb3DQEBCwUAA4IBAQDT3cjMrfeassLqbxFgG3Gg5ZnnyR/jnGsr1zmjltKDAkUd
+hH3uDoWT3LINvLqzzSyX9zCLYSeTSoaZ31S+0DDDglDWiciTio0MemNCqnw2ESe
IeQ1+De6PR84eGdKLWQjHs+yc3cpGVvUITf/mTleqhV8tfRCj5tP+ZzpJB8GJuwp
Pdz2PS6hAkskL83BoXN/n6WiojjD9FSrEwWz+ELoKlpvJ7wOjP4X0FfdjDJ7fcWM
IoZ2d0swHVjQ/Hf+cQ2gGUcRr8GJPahMKGWi++f2WokhuW29sMamWFpewRYGlCD2
k+B/EceEhdSxyLodsbj3bJ9xDz8evHlM7+BHVQa/
-----END CERTIFICATE-----
Generated at Fri Apr 11 03:43:56 2025 by rpki-client