Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/772C7A10FE5511EF87C9A0BA762E951A.roa
File: 772C7A10FE5511EF87C9A0BA762E951A.roa (raw, json)
Hash identifier: cTGeC7Dg3eqdJNgCmPV5WBwRLw1N/72ndRIz/7Sc89U=
Subject key identifier: 9E:CA:92:73:B1:28:82:6C:AE:A2:CC:F1:82:BA:B1:1F:0A:61:EA:22
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01737E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/772C7A10FE5511EF87C9A0BA762E951A.roa
Signing time: Tue 11 Mar 2025 08:47:30 +0000
ROA not before: Tue 11 Mar 2025 08:47:26 +0000
ROA not after: Wed 16 Apr 2025 08:47:26 +0000
asID: 54600
IP address blocks: 154.202.160.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95102 (0x1737e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 11 08:47:26 2025 GMT
Not After : Apr 16 08:47:26 2025 GMT
Subject: CN=67cff8a2-68a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:61:3a:91:a0:61:d4:e6:94:0d:e9:a8:87:6b:
cb:5e:ec:b5:06:e7:40:1c:eb:c9:00:65:29:58:72:
d8:f2:fb:76:6e:88:a4:e7:29:61:97:fb:43:b6:82:
03:79:a0:d5:2b:67:8c:af:5f:5b:41:38:8f:f7:63:
ff:5f:9d:a6:c9:f6:41:c5:3b:50:fe:6b:8f:0b:8b:
1f:68:3f:c1:dc:31:5e:2e:5d:a8:9b:05:3a:9f:e2:
57:9f:d4:71:75:cf:9d:68:b0:67:8a:43:47:6a:f9:
4f:a6:5b:14:b1:ac:5d:28:90:d9:4a:af:f4:21:88:
49:42:43:6b:10:89:36:4f:9d:c6:d5:a1:85:26:bf:
dc:50:c6:8a:63:2e:8f:80:48:82:be:08:a8:04:1e:
55:41:f7:91:f4:65:f1:11:0a:73:3b:a7:31:c6:b9:
df:bf:08:4c:4d:87:0b:63:0e:4c:8b:d3:9b:11:32:
8d:54:81:80:1b:59:a8:22:d2:71:bf:96:77:c7:e4:
ef:74:35:db:41:54:66:ab:29:fd:66:10:41:cc:78:
ea:8c:23:63:eb:67:8e:75:dd:b7:90:d9:50:04:d3:
4a:c5:68:e5:39:03:7e:b9:13:44:cc:de:43:2e:0b:
d3:ec:55:90:82:50:8d:da:05:30:ac:84:e1:55:f9:
d6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:CA:92:73:B1:28:82:6C:AE:A2:CC:F1:82:BA:B1:1F:0A:61:EA:22
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/772C7A10FE5511EF87C9A0BA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.160.0/19
Signature Algorithm: sha256WithRSAEncryption
b6:5d:1f:e1:4c:85:ea:f4:e6:c6:84:b0:23:33:0c:1b:e6:a7:
90:4a:ab:4a:7a:59:6a:1f:27:7d:dd:b1:3d:04:a7:e1:1d:82:
dd:33:67:a1:cd:5b:b2:32:8c:4a:5d:69:4f:92:24:70:82:56:
7a:a9:24:71:a3:5c:9e:22:c8:e7:24:ef:21:53:cf:90:08:fe:
e1:e0:e3:68:b2:38:78:46:a7:df:4a:8e:87:e2:aa:19:9d:6e:
e0:d3:8c:ca:a1:34:d6:82:de:f7:70:98:92:26:fb:b4:60:fa:
72:37:9d:bb:27:92:88:3f:3b:19:96:03:d9:9e:db:26:a6:5d:
69:ce:8e:12:c5:95:97:9e:d9:d5:fa:1f:b7:94:63:35:ce:5a:
6f:6a:32:b1:7d:75:a6:f5:df:76:46:40:0c:34:82:cf:fb:70:
15:37:46:ff:d9:69:0c:97:84:ff:45:23:11:8c:54:bb:e5:d4:
dc:b9:55:9b:17:23:b6:ee:4e:a6:ac:0a:81:97:81:f5:88:ab:
22:31:3e:26:9d:a2:9c:b1:81:05:a3:54:4d:18:a4:cb:a8:dd:
f5:b7:a2:c6:be:22:e2:39:2b:84:bc:26:da:80:c9:2b:f0:5d:
e8:7f:b3:83:bb:50:21:77:4c:5f:b0:1e:5a:76:b2:76:05:47:
80:4f:12:d5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXN+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzExMDg0NzI2WhcNMjUwNDE2MDg0NzI2WjAYMRYw
FAYDVQQDEw02N2NmZjhhMi02OGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApWE6kaBh1OaUDemoh2vLXuy1BudAHOvJAGUpWHLY8vt2boik5ylhl/tD
toIDeaDVK2eMr19bQTiP92P/X52myfZBxTtQ/muPC4sfaD/B3DFeLl2omwU6n+JX
n9Rxdc+daLBnikNHavlPplsUsaxdKJDZSq/0IYhJQkNrEIk2T53G1aGFJr/cUMaK
Yy6PgEiCvgioBB5VQfeR9GXxEQpzO6cxxrnfvwhMTYcLYw5Mi9ObETKNVIGAG1mo
ItJxv5Z3x+TvdDXbQVRmqyn9ZhBBzHjqjCNj62eOdd23kNlQBNNKxWjlOQN+uRNE
zN5DLgvT7FWQglCN2gUwrIThVfnWhwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJ7K
knOxKIJsrqLM8YK6sR8KYeoiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NzJDN0ExMEZFNTUxMUVGODdDOUEwQkE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmsqgMA0GCSqGSIb3DQEB
CwUAA4IBAQC2XR/hTIXq9ObGhLAjMwwb5qeQSqtKellqHyd93bE9BKfhHYLdM2eh
zVuyMoxKXWlPkiRwglZ6qSRxo1yeIsjnJO8hU8+QCP7h4ONosjh4RqffSo6H4qoZ
nW7g04zKoTTWgt73cJiSJvu0YPpyN527J5KIPzsZlgPZntsmpl1pzo4SxZWXntnV
+h+3lGM1zlpvajKxfXWm9d92RkAMNILP+3AVN0b/2WkMl4T/RSMRjFS75dTcuVWb
FyO27k6mrAqBl4H1iKsiMT4mnaKcsYEFo1RNGKTLqN31t6LGviLiOSuEvCbagMkr
8F3of7ODu1Ahd0xfsB5adrJ2BUeATxLV
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:05:34 2025 by rpki-client