Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6D9BE504F66111EFAA79917A762E951A.roa
File: 6D9BE504F66111EFAA79917A762E951A.roa (raw, json)
Hash identifier: A8vd9HGHqaVOGw9sAnAm208O4MCiCnOv1yNhbqUxxsE=
Subject key identifier: A4:B5:AF:C7:21:24:DB:B8:C4:E8:BE:9E:19:F8:D5:6A:67:78:38:8E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016D30
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6D9BE504F66111EFAA79917A762E951A.roa
Signing time: Sat 01 Mar 2025 05:52:58 +0000
ROA not before: Sat 01 Mar 2025 05:52:55 +0000
ROA not after: Tue 22 Feb 2028 05:52:55 +0000
asID: 17561
IP address blocks: 154.219.65.0/24 maxlen: 24
154.219.66.0/24 maxlen: 24
154.219.67.0/24 maxlen: 24
154.219.68.0/24 maxlen: 24
154.219.69.0/24 maxlen: 24
154.219.70.0/24 maxlen: 24
154.219.71.0/24 maxlen: 24
154.219.72.0/24 maxlen: 24
154.219.73.0/24 maxlen: 24
154.219.74.0/24 maxlen: 24
154.219.75.0/24 maxlen: 24
154.219.76.0/24 maxlen: 24
154.219.77.0/24 maxlen: 24
154.219.78.0/24 maxlen: 24
154.219.79.0/24 maxlen: 24
154.219.80.0/24 maxlen: 24
154.219.81.0/24 maxlen: 24
154.219.82.0/24 maxlen: 24
154.219.83.0/24 maxlen: 24
154.219.84.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93488 (0x16d30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 1 05:52:55 2025 GMT
Not After : Feb 22 05:52:55 2028 GMT
Subject: CN=67c2a0ba-3e25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:82:6c:7b:f9:2d:95:8b:ae:fb:f9:9c:99:5e:
c5:fb:25:3e:e1:5b:26:22:98:fb:b4:a0:a0:f5:1b:
17:3d:14:6b:6a:42:98:3c:f4:ef:46:aa:41:09:c2:
4c:cd:8c:0e:53:88:c0:53:34:04:18:8e:d5:51:58:
bc:03:ec:cb:f9:74:45:18:78:cc:a1:75:9f:95:56:
af:f2:32:76:63:2d:a1:17:a7:43:7f:78:f2:23:f3:
b3:80:d9:47:4d:63:18:77:e6:31:80:b6:41:20:59:
39:b4:79:5a:ff:78:30:24:58:53:ce:eb:f7:fc:c5:
cc:d2:af:70:81:7a:2b:f8:33:92:fa:92:b4:8e:ae:
bd:95:fe:cf:8d:b3:9d:2a:59:9f:2b:3b:01:20:1f:
5f:58:80:58:a7:6d:4d:88:d7:30:a1:3c:c7:1f:e3:
86:95:7b:16:db:c7:dd:0a:a6:fd:18:22:9d:6b:de:
5a:63:e2:d2:35:12:cd:e4:bb:a8:90:86:24:73:ab:
c3:5d:2f:1d:f0:5f:e2:b7:4c:0e:5d:61:49:ca:89:
b2:04:a4:56:66:ca:97:3f:b1:07:15:ae:c2:51:28:
53:3b:b0:d8:d8:8e:29:59:fe:2e:a2:83:2f:f9:65:
8f:5e:8d:e7:46:72:0e:5e:09:99:cc:fd:1d:73:c3:
58:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:B5:AF:C7:21:24:DB:B8:C4:E8:BE:9E:19:F8:D5:6A:67:78:38:8E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6D9BE504F66111EFAA79917A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.65.0-154.219.84.255
Signature Algorithm: sha256WithRSAEncryption
10:d8:35:30:b1:13:3d:bd:44:6a:5a:ed:82:09:7e:2f:f3:48:
51:ad:e6:c7:c9:b3:db:c0:85:81:e3:8b:da:96:51:29:a5:86:
72:8a:58:95:d4:93:2d:23:cd:2b:22:9b:98:02:33:92:e0:3f:
35:3e:60:b7:f0:bd:3f:91:6b:88:73:ad:b2:5a:d5:db:e3:b9:
da:a5:7e:62:c8:4e:4b:26:51:48:80:61:80:eb:1e:db:71:ea:
36:1d:7f:7e:75:48:ae:53:63:84:25:31:33:54:b7:56:7e:a1:
59:72:48:e0:16:29:43:94:ff:02:f6:b3:a5:61:46:4f:86:6d:
e9:89:cb:e2:5f:10:46:60:17:6f:6e:81:7b:1c:e1:41:83:66:
cd:11:04:f2:f3:62:93:68:b6:e3:d6:12:f6:6c:95:3a:b0:ef:
22:aa:e9:3e:69:08:b8:ad:b6:35:c9:89:18:de:91:77:e4:17:
d0:03:9b:46:e0:70:9c:f0:d5:3c:f3:bb:b4:85:9c:22:c5:e1:
f1:02:da:e1:23:0d:42:da:b4:8c:5b:04:79:7f:f7:eb:9c:e5:
75:d1:ca:b3:23:2a:e3:62:e4:db:19:b2:08:ed:a3:43:39:e8:
8e:86:0c:64:c9:e4:4c:a7:ba:77:8d:86:4b:94:20:a1:03:64:
a8:04:22:ad
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAW0wMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMDU1MjU1WhcNMjgwMjIyMDU1MjU1WjAYMRYw
FAYDVQQDEw02N2MyYTBiYS0zZTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoIJse/ktlYuu+/mcmV7F+yU+4VsmIpj7tKCg9RsXPRRrakKYPPTvRqpB
CcJMzYwOU4jAUzQEGI7VUVi8A+zL+XRFGHjMoXWflVav8jJ2Yy2hF6dDf3jyI/Oz
gNlHTWMYd+YxgLZBIFk5tHla/3gwJFhTzuv3/MXM0q9wgXor+DOS+pK0jq69lf7P
jbOdKlmfKzsBIB9fWIBYp21NiNcwoTzHH+OGlXsW28fdCqb9GCKda95aY+LSNRLN
5LuokIYkc6vDXS8d8F/it0wOXWFJyomyBKRWZsqXP7EHFa7CUShTO7DY2I4pWf4u
ooMv+WWPXo3nRnIOXgmZzP0dc8NYSwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFKS1
r8chJNu4xOi+nhn41WpneDiOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82RDlCRTUwNEY2NjExMUVGQUE3OTkxN0E3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACa20EDBACa21QwDQYJ
KoZIhvcNAQELBQADggEBABDYNTCxEz29RGpa7YIJfi/zSFGt5sfJs9vAhYHji9qW
USmlhnKKWJXUky0jzSsim5gCM5LgPzU+YLfwvT+Ra4hzrbJa1dvjudqlfmLITksm
UUiAYYDrHttx6jYdf351SK5TY4QlMTNUt1Z+oVlySOAWKUOU/wL2s6VhRk+GbemJ
y+JfEEZgF29ugXsc4UGDZs0RBPLzYpNotuPWEvZslTqw7yKq6T5pCLittjXJiRje
kXfkF9ADm0bgcJzw1Tzzu7SFnCLF4fEC2uEjDULatIxbBHl/9+uc5XXRyrMjKuNi
5NsZsgjto0M56I6GDGTJ5EynuneNhkuUIKEDZKgEIq0=
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:35:39 2025 by rpki-client