Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6AFD658CEABF11EFBEC2A16C762E951A.roa
File: 6AFD658CEABF11EFBEC2A16C762E951A.roa (raw, json)
Hash identifier: OUQuFvVhj4/Earysn9C8UMYLbZZurr4Caw60CoG6P8g=
Subject key identifier: BF:AE:BF:2F:A2:B6:18:40:65:A5:F3:C1:1D:4A:1D:D6:81:93:EE:24
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015713
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6AFD658CEABF11EFBEC2A16C762E951A.roa
Signing time: Fri 14 Feb 2025 10:35:33 +0000
ROA not before: Fri 14 Feb 2025 10:35:29 +0000
ROA not after: Mon 12 May 2025 10:35:29 +0000
asID: 135097
IP address blocks: 154.197.224.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87827 (0x15713)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 14 10:35:29 2025 GMT
Not After : May 12 10:35:29 2025 GMT
Subject: CN=67af1c75-715f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5d:41:01:dc:5b:af:a2:c0:42:a8:b6:3a:75:
42:79:cf:b4:94:8b:65:8a:03:93:56:69:89:24:b7:
2c:d4:cb:95:6b:a1:e5:bf:77:36:68:d6:70:03:87:
ed:84:36:2c:c2:df:67:70:83:9e:6d:47:da:ae:57:
3c:39:08:96:59:50:4f:38:40:d5:4d:f3:23:03:6a:
5f:87:e9:8c:ba:3a:d6:2d:1a:da:bf:3f:1d:ca:1b:
28:a9:2c:f4:2b:45:29:ce:21:d8:4a:5f:c6:7e:60:
d4:41:bc:97:ab:84:12:0a:90:31:78:40:62:17:9d:
ed:74:68:53:fc:ba:43:9a:97:1c:c4:4d:0a:75:d4:
ea:6f:b7:b8:df:c7:74:76:70:18:1c:13:12:b5:07:
0e:cf:cf:72:42:4c:72:f8:73:35:37:69:00:cb:cb:
dd:d9:1f:81:3f:a4:19:f1:d8:3c:e4:b3:19:76:0a:
14:a1:df:e3:b3:70:fc:f0:33:60:9f:8a:1f:1f:16:
78:f3:89:a5:59:37:d5:41:6c:6a:b4:4d:20:fb:0f:
1a:ef:e0:ca:dd:0f:c4:1c:27:fc:50:59:14:6d:3d:
1c:a8:2c:5b:e4:0b:b7:1d:45:39:e7:39:dd:db:89:
25:d1:92:a2:b0:45:e4:dd:0c:7e:4c:29:5c:fd:75:
1f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:AE:BF:2F:A2:B6:18:40:65:A5:F3:C1:1D:4A:1D:D6:81:93:EE:24
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6AFD658CEABF11EFBEC2A16C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.224.0/19
Signature Algorithm: sha256WithRSAEncryption
ca:f5:3e:97:dd:df:19:78:0e:1c:3c:89:b5:75:86:3a:55:f6:
fe:f0:a1:fe:86:eb:81:0d:9f:c3:39:26:51:b5:f1:22:9f:5a:
28:2b:5c:34:50:1c:a0:e6:d8:c2:7b:21:c0:61:e0:e3:52:12:
2e:f8:44:ee:37:c5:ab:f7:e1:1c:1e:f0:45:b5:c6:9d:49:2a:
33:3d:82:13:b3:09:c3:2e:84:62:4e:c6:fc:36:b8:f8:0d:15:
65:c2:75:8d:43:66:0b:79:80:7c:b2:f0:7f:95:3a:2b:1c:c3:
fe:c1:9f:23:a7:32:21:2e:a8:da:04:f5:d4:3b:c8:8e:3b:57:
b6:15:5a:37:c9:09:4e:0d:16:ae:b4:82:ad:85:59:32:81:38:
11:8b:b2:a0:d7:98:93:a6:70:99:83:86:2b:03:f4:5f:af:0e:
41:f9:aa:dc:f6:82:e1:3c:2c:8f:42:59:d8:d4:21:06:3b:3f:
a3:51:c0:09:e6:b3:24:a0:07:58:89:20:b2:b3:59:97:59:43:
47:67:1a:aa:ed:d6:8d:cb:29:e1:95:17:d4:10:d8:33:58:37:
ed:91:dc:e5:64:6c:aa:9b:12:99:54:9d:5e:59:32:b2:90:e7:
7d:17:b6:a8:42:e1:19:3c:0f:b3:b6:8d:41:34:6d:ba:af:00:
0b:f5:aa:71
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVcTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjE0MTAzNTI5WhcNMjUwNTEyMTAzNTI5WjAYMRYw
FAYDVQQDEw02N2FmMWM3NS03MTVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv11BAdxbr6LAQqi2OnVCec+0lItligOTVmmJJLcs1MuVa6Hlv3c2aNZw
A4fthDYswt9ncIOebUfarlc8OQiWWVBPOEDVTfMjA2pfh+mMujrWLRravz8dyhso
qSz0K0UpziHYSl/GfmDUQbyXq4QSCpAxeEBiF53tdGhT/LpDmpccxE0KddTqb7e4
38d0dnAYHBMStQcOz89yQkxy+HM1N2kAy8vd2R+BP6QZ8dg85LMZdgoUod/js3D8
8DNgn4ofHxZ484mlWTfVQWxqtE0g+w8a7+DK3Q/EHCf8UFkUbT0cqCxb5Au3HUU5
5znd24kl0ZKisEXk3Qx+TClc/XUfBQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL+u
vy+ithhAZaXzwR1KHdaBk+4kMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82QUZENjU4Q0VBQkYxMUVGQkVDMkExNkM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmsXgMA0GCSqGSIb3DQEB
CwUAA4IBAQDK9T6X3d8ZeA4cPIm1dYY6Vfb+8KH+huuBDZ/DOSZRtfEin1ooK1w0
UByg5tjCeyHAYeDjUhIu+ETuN8Wr9+EcHvBFtcadSSozPYITswnDLoRiTsb8Nrj4
DRVlwnWNQ2YLeYB8svB/lTorHMP+wZ8jpzIhLqjaBPXUO8iOO1e2FVo3yQlODRau
tIKthVkygTgRi7Kg15iTpnCZg4YrA/Rfrw5B+arc9oLhPCyPQlnY1CEGOz+jUcAJ
5rMkoAdYiSCys1mXWUNHZxqq7daNyynhlRfUENgzWDftkdzlZGyqmxKZVJ1eWTKy
kOd9F7aoQuEZPA+zto1BNG26rwAL9apx
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:22:31 2025 by rpki-client