Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/73AE66F0095E11F0BB9F7A76762E951A.roa
File: 73AE66F0095E11F0BB9F7A76762E951A.roa (raw, json)
Hash identifier: WsbRH/TtYWD2oNOy2mRlnw8RGEGoWPJooNrOl/wXmlc=
Subject key identifier: E0:45:B3:A4:8F:BE:09:6F:FA:3F:33:1E:41:26:25:F7:2F:5E:17:E2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01761B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/73AE66F0095E11F0BB9F7A76762E951A.roa
Signing time: Tue 25 Mar 2025 09:49:32 +0000
ROA not before: Tue 25 Mar 2025 09:49:28 +0000
ROA not after: Thu 24 Apr 2025 09:49:28 +0000
asID: 395886
IP address blocks: 154.202.117.0/24 maxlen: 24
154.202.120.0/21 maxlen: 24
154.217.234.0/23 maxlen: 24
154.217.236.0/22 maxlen: 24
154.217.240.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95771 (0x1761b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 25 09:49:28 2025 GMT
Not After : Apr 24 09:49:28 2025 GMT
Subject: CN=67e27c2c-54f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:bd:18:6d:1f:4d:df:3e:4e:c6:3a:6c:40:8b:
5a:ed:ac:40:8f:f8:e9:13:bc:e9:6f:00:68:8a:07:
4a:34:cc:d4:f9:1e:85:1a:9a:71:e8:59:0e:1d:b3:
56:6b:3e:28:0c:3e:83:22:54:62:54:92:3c:f7:e4:
e2:93:05:26:99:a8:dc:fd:6c:0f:b0:e4:3c:f4:6b:
40:68:41:34:13:84:bd:ab:a8:66:0f:07:91:37:17:
b0:ec:a4:93:e0:06:2e:7a:eb:88:4b:0e:d7:88:84:
46:12:22:47:15:83:87:6c:ee:16:13:57:bd:50:68:
1b:3b:8a:23:ee:9d:7c:59:06:09:5c:07:eb:2d:1b:
1f:29:7e:80:c7:09:42:b6:18:c4:93:b3:02:a6:a2:
47:b9:dd:b6:95:a6:37:81:2c:29:1a:72:a1:9b:4d:
62:d9:66:02:1a:87:e6:53:5d:80:10:2a:73:98:a9:
8b:a6:95:84:84:40:75:57:55:4f:9c:29:ad:68:d8:
7b:31:dc:3a:a7:bc:52:b5:14:da:bd:a7:72:62:15:
10:fd:73:42:9b:31:6a:92:f7:7f:62:b2:2c:f8:12:
4d:50:c1:84:bb:57:d1:99:cf:1d:b3:c9:1a:a1:23:
91:3e:97:fe:0e:e4:19:6a:8b:fa:9c:87:aa:e4:6e:
8b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:45:B3:A4:8F:BE:09:6F:FA:3F:33:1E:41:26:25:F7:2F:5E:17:E2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/73AE66F0095E11F0BB9F7A76762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.117.0/24
154.202.120.0/21
154.217.234.0-154.217.255.255
Signature Algorithm: sha256WithRSAEncryption
9e:c2:75:07:aa:d2:d8:b7:c1:62:3d:47:ab:5d:77:34:ed:5a:
9c:67:f4:00:8a:17:b6:5a:10:18:b4:99:22:25:c7:56:b8:d2:
ca:90:9f:17:17:41:6c:87:44:7d:9b:49:26:6a:93:85:8d:50:
05:5a:fb:92:3c:e0:72:d2:1a:a5:1b:0c:d6:c5:b3:f8:71:42:
b6:47:71:4d:72:78:f4:6f:6e:59:29:5c:03:60:c2:45:4d:c0:
e5:bc:81:fa:fc:b5:37:68:80:6f:49:f2:bc:c2:00:9e:db:90:
16:e8:b4:93:31:24:af:18:7c:de:3a:b8:94:82:3e:a3:ed:3d:
02:3f:c6:51:e5:71:71:06:59:5b:91:5c:a4:2d:68:4b:ed:91:
09:6e:d7:28:52:12:1b:d1:ee:35:1a:69:a0:28:db:53:68:c1:
f0:a8:4c:c5:5c:ae:bd:a7:2d:ec:fe:dd:8d:c3:80:8f:90:c9:
b4:7b:01:0d:65:f6:d1:2e:f5:59:98:22:00:d2:bb:7d:05:9b:
5e:8e:29:e9:4a:89:e2:95:36:71:1b:76:2f:f5:d8:7c:55:d4:
a1:47:57:b6:27:ff:50:10:23:19:c3:58:45:a9:d4:82:bc:5b:
37:96:ef:3c:02:73:b9:16:8a:a7:72:5a:65:34:05:eb:82:35:
9e:7c:52:fd
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIDAXYbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI1MDk0OTI4WhcNMjUwNDI0MDk0OTI4WjAYMRYw
FAYDVQQDEw02N2UyN2MyYy01NGYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAm70YbR9N3z5OxjpsQIta7axAj/jpE7zpbwBoigdKNMzU+R6FGppx6FkO
HbNWaz4oDD6DIlRiVJI89+TikwUmmajc/WwPsOQ89GtAaEE0E4S9q6hmDweRNxew
7KST4AYueuuISw7XiIRGEiJHFYOHbO4WE1e9UGgbO4oj7p18WQYJXAfrLRsfKX6A
xwlCthjEk7MCpqJHud22laY3gSwpGnKhm01i2WYCGofmU12AECpzmKmLppWEhEB1
V1VPnCmtaNh7Mdw6p7xStRTavadyYhUQ/XNCmzFqkvd/YrIs+BJNUMGEu1fRmc8d
s8kaoSORPpf+DuQZaov6nIeq5G6L3QIDAQABo4ICuDCCArQwHQYDVR0OBBYEFOBF
s6SPvglv+j8zHkEmJfcvXhfiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83M0FFNjZGMDA5NUUxMUYwQkI5RjdBNzY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZAwQAmsp1AwQDmsp4MAsDBAGa
2eoDAwGa2DANBgkqhkiG9w0BAQsFAAOCAQEAnsJ1B6rS2LfBYj1Hq113NO1anGf0
AIoXtloQGLSZIiXHVrjSypCfFxdBbIdEfZtJJmqThY1QBVr7kjzgctIapRsM1sWz
+HFCtkdxTXJ49G9uWSlcA2DCRU3A5byB+vy1N2iAb0nyvMIAntuQFui0kzEkrxh8
3jq4lII+o+09Aj/GUeVxcQZZW5FcpC1oS+2RCW7XKFISG9HuNRppoCjbU2jB8KhM
xVyuvact7P7djcOAj5DJtHsBDWX20S71WZgiANK7fQWbXo4p6UqJ4pU2cRt2L/XY
fFXUoUdXtif/UBAjGcNYRanUgrxbN5bvPAJzuRaKp3JaZTQF64I1nnxS/Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:54:19 2025 by rpki-client