Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/72A0FF0AF5CE11EF8492E782762E951A.roa
File: 72A0FF0AF5CE11EF8492E782762E951A.roa (raw, json)
Hash identifier: KHaIKv6BByvt/WM3GcMV4SdMU6W6ASfwdi6bjAVVDos=
Subject key identifier: 0C:55:00:E0:EE:73:13:D2:21:B3:1C:A8:4C:30:D8:DB:13:87:05:73
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016B20
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/72A0FF0AF5CE11EF8492E782762E951A.roa
Signing time: Fri 28 Feb 2025 12:20:51 +0000
ROA not before: Fri 28 Feb 2025 12:20:47 +0000
ROA not after: Fri 11 Apr 2025 12:20:47 +0000
asID: 138915
IP address blocks: 154.203.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92960 (0x16b20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 28 12:20:47 2025 GMT
Not After : Apr 11 12:20:47 2025 GMT
Subject: CN=67c1aa23-4565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:32:2d:c4:0e:02:d7:76:cd:b5:ad:51:8b:d6:
95:cd:a6:68:af:f2:c7:6c:d8:9d:88:ef:8d:54:fb:
8d:71:a0:bd:1e:34:c8:07:e5:64:81:47:02:d3:b7:
5f:31:8c:4e:d8:9a:e8:d2:72:ec:dc:c4:c2:94:be:
e4:01:5d:07:f0:26:58:60:88:3e:66:bb:6b:1c:28:
1e:5b:7c:49:53:77:52:25:e4:b2:70:6f:4b:51:11:
95:aa:2d:36:66:08:39:c0:d1:82:6a:91:b4:a6:83:
38:8b:30:f6:5c:10:d0:f6:ae:9b:83:dc:7b:80:72:
e5:a2:aa:44:95:27:70:08:08:e6:f2:70:9a:ef:69:
27:b1:8e:3b:4b:b6:46:e0:df:9c:18:37:cf:db:7f:
07:24:0c:29:07:ac:7e:b1:dc:10:2d:ed:4a:ec:b9:
6e:c4:e7:a8:83:4f:65:9f:d3:ba:11:67:d4:75:7f:
54:39:4d:81:4e:c1:bb:da:bb:ba:da:95:1f:35:a9:
c3:89:66:7b:77:fd:12:b4:f9:24:01:e3:54:0d:37:
0c:bb:be:dc:f0:2b:40:8e:71:b4:2b:e9:01:90:09:
bc:4e:1a:29:c9:db:e4:a2:e4:17:7b:36:74:38:f9:
bb:32:36:95:c1:25:eb:e3:0d:96:64:60:7e:08:ae:
71:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:55:00:E0:EE:73:13:D2:21:B3:1C:A8:4C:30:D8:DB:13:87:05:73
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/72A0FF0AF5CE11EF8492E782762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.138.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:d0:e8:67:2b:a0:47:59:91:10:f7:5c:52:60:de:c6:c0:93:
1c:e1:15:94:71:bf:20:41:22:6a:c9:98:39:3c:ef:10:2d:3a:
6c:03:52:de:00:14:bd:fd:e6:a0:c3:9d:3b:e4:db:43:3a:49:
fa:5d:48:69:2a:54:2f:91:63:ff:f8:96:9d:7a:c3:c0:66:0e:
19:d1:5a:30:a3:b0:ed:ae:e1:74:e1:c9:ee:63:64:89:cd:99:
1e:0a:24:ea:0d:66:b3:96:f8:bb:ee:ae:23:bf:d7:b4:69:42:
d6:5e:cc:70:6a:91:54:4c:21:84:ad:31:87:dc:a1:eb:46:8e:
33:52:23:61:40:b3:60:a1:3b:26:95:11:da:98:2b:a4:79:3c:
e4:dc:9a:7d:03:67:65:36:88:b0:bd:0f:79:62:68:6c:d3:9d:
14:5f:d9:85:7e:6c:da:31:91:02:49:24:1a:ae:e5:8c:e1:43:
57:bb:42:be:80:60:2a:3d:e7:14:02:17:4d:01:df:64:08:fa:
25:25:60:b4:67:f4:21:cc:21:ec:b4:b5:f1:a3:42:6f:1f:86:
1a:39:a5:e9:e1:14:d9:88:93:74:15:87:ef:a5:8e:c4:03:12:
0b:51:15:aa:0f:bf:ee:2a:70:84:25:6b:ad:8d:b0:84:5d:9c:
47:f8:8f:4b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWsgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MTIyMDQ3WhcNMjUwNDExMTIyMDQ3WjAYMRYw
FAYDVQQDEw02N2MxYWEyMy00NTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0zItxA4C13bNta1Ri9aVzaZor/LHbNidiO+NVPuNcaC9HjTIB+VkgUcC
07dfMYxO2Jro0nLs3MTClL7kAV0H8CZYYIg+ZrtrHCgeW3xJU3dSJeSycG9LURGV
qi02Zgg5wNGCapG0poM4izD2XBDQ9q6bg9x7gHLloqpElSdwCAjm8nCa72knsY47
S7ZG4N+cGDfP238HJAwpB6x+sdwQLe1K7LluxOeog09ln9O6EWfUdX9UOU2BTsG7
2ru62pUfNanDiWZ7d/0StPkkAeNUDTcMu77c8CtAjnG0K+kBkAm8ThopydvkouQX
ezZ0OPm7MjaVwSXr4w2WZGB+CK5xxwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAxV
AODucxPSIbMcqEww2NsThwVzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MkEwRkYwQUY1Q0UxMUVGODQ5MkU3ODI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsuKMA0GCSqGSIb3DQEB
CwUAA4IBAQC00OhnK6BHWZEQ91xSYN7GwJMc4RWUcb8gQSJqyZg5PO8QLTpsA1Le
ABS9/eagw5075NtDOkn6XUhpKlQvkWP/+JadesPAZg4Z0Vowo7DtruF04cnuY2SJ
zZkeCiTqDWazlvi77q4jv9e0aULWXsxwapFUTCGErTGH3KHrRo4zUiNhQLNgoTsm
lRHamCukeTzk3Jp9A2dlNoiwvQ95Ymhs050UX9mFfmzaMZECSSQaruWM4UNXu0K+
gGAqPecUAhdNAd9kCPolJWC0Z/QhzCHstLXxo0JvH4YaOaXp4RTZiJN0FYfvpY7E
AxILURWqD7/uKnCEJWutjbCEXZxH+I9L
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:52:35 2025 by rpki-client