Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8273C396FF3211EFB6A85947762E951A.roa
File: 8273C396FF3211EFB6A85947762E951A.roa (raw, json)
Hash identifier: BPIHloUyjdY/DLgbrnOa61RWLnFvk2hNOtA5LeGplxg=
Subject key identifier: 26:B7:E8:B1:E1:85:DA:F5:F2:1E:8F:CA:AF:3E:B7:68:79:E6:E7:96
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0173FA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8273C396FF3211EFB6A85947762E951A.roa
Signing time: Wed 12 Mar 2025 11:09:47 +0000
ROA not before: Wed 12 Mar 2025 11:09:44 +0000
ROA not after: Mon 31 Mar 2025 11:09:44 +0000
asID: 22773
IP address blocks: 154.90.3.0/24 maxlen: 24
154.90.4.0/22 maxlen: 24
154.93.20.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95226 (0x173fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 12 11:09:44 2025 GMT
Not After : Mar 31 11:09:44 2025 GMT
Subject: CN=67d16b7b-e41b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b9:49:a5:c5:60:02:17:58:cb:66:55:a2:33:
2d:09:3d:df:cb:66:82:63:5f:cc:14:fa:d0:55:dd:
5c:7c:95:e3:51:3d:a1:4f:53:4a:d8:00:e9:02:2d:
fa:e4:c7:c9:c0:28:ea:e7:6f:d9:08:88:36:7e:36:
8b:ce:ee:a3:2c:b1:3e:c3:94:75:81:64:da:5a:77:
7d:73:fa:f0:94:d8:c9:04:83:2a:0d:6e:56:1e:8d:
98:c9:43:5a:68:8f:e4:bb:ff:7d:0e:bf:59:43:14:
be:c6:5d:f5:28:2a:47:63:b5:49:c0:09:e3:76:0a:
0f:42:35:fa:a4:09:b5:f1:ca:e1:1f:21:68:14:c9:
76:9e:06:cf:f9:e1:9e:b0:79:b3:20:68:35:f6:77:
7a:12:29:60:44:c7:fd:25:76:dc:eb:91:18:d2:a0:
cb:cd:ed:d9:e6:92:a2:59:45:b1:bf:29:0e:fe:25:
7d:1f:56:77:c8:98:bc:13:f1:26:b1:25:10:ef:cf:
cb:28:bc:ab:ae:0b:9c:85:4b:06:7f:2f:5b:f9:a2:
49:b4:b6:56:dd:5f:96:ad:78:2f:56:a1:a1:9a:da:
5b:c4:f6:cc:f6:c5:64:9a:b2:54:d5:b8:c9:4e:95:
9f:9b:a2:39:39:91:33:a5:10:b9:61:41:10:31:2f:
e0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:B7:E8:B1:E1:85:DA:F5:F2:1E:8F:CA:AF:3E:B7:68:79:E6:E7:96
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8273C396FF3211EFB6A85947762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.3.0-154.90.7.255
154.93.20.0/22
Signature Algorithm: sha256WithRSAEncryption
c2:c9:b9:13:e6:28:67:76:6d:16:60:ab:ff:ad:ad:83:79:e4:
f6:6e:8f:fc:5b:21:84:a1:a6:57:5a:cc:98:14:c2:d7:7e:f2:
a0:9c:a0:01:ff:c1:69:25:5e:57:63:94:74:87:ad:86:9f:b7:
32:8f:ee:ce:95:d4:5b:8c:09:a9:cf:78:1a:64:98:d8:42:14:
4a:ec:13:19:ad:36:10:59:7f:5b:79:5c:cd:49:ca:29:26:96:
87:d1:02:79:32:47:86:0c:07:5a:5f:28:3b:72:57:05:64:58:
3f:8c:0e:75:ae:c9:f0:66:36:4a:4a:91:0e:90:fb:4b:6a:2b:
19:1e:f9:88:45:d1:5a:6e:24:cb:4b:0b:e6:06:26:a6:66:a2:
53:74:c7:fc:ae:86:52:02:b7:93:1e:2b:14:db:04:84:a5:d6:
08:60:63:b3:68:d6:65:ea:49:ad:a6:7d:81:ae:24:55:d7:18:
86:ab:0f:20:4d:55:9f:34:a7:7f:0b:d2:58:2c:4e:e8:ca:59:
b4:a5:d0:8d:d2:06:f3:b0:68:f0:7a:c4:1e:de:02:c6:93:da:
36:43:95:98:cc:25:92:b4:50:bc:00:e3:48:f4:ad:17:73:64:
f2:df:5d:68:59:9c:cc:da:7d:a7:05:55:e3:fe:2d:38:97:b8:
38:99:0f:18
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAXP6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzEyMTEwOTQ0WhcNMjUwMzMxMTEwOTQ0WjAYMRYw
FAYDVQQDEw02N2QxNmI3Yi1lNDFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs7lJpcVgAhdYy2ZVojMtCT3fy2aCY1/MFPrQVd1cfJXjUT2hT1NK2ADp
Ai365MfJwCjq52/ZCIg2fjaLzu6jLLE+w5R1gWTaWnd9c/rwlNjJBIMqDW5WHo2Y
yUNaaI/ku/99Dr9ZQxS+xl31KCpHY7VJwAnjdgoPQjX6pAm18crhHyFoFMl2ngbP
+eGesHmzIGg19nd6EilgRMf9JXbc65EY0qDLze3Z5pKiWUWxvykO/iV9H1Z3yJi8
E/EmsSUQ78/LKLyrrguchUsGfy9b+aJJtLZW3V+WrXgvVqGhmtpbxPbM9sVkmrJU
1bjJTpWfm6I5OZEzpRC5YUEQMS/gQwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFCa3
6LHhhdr18h6Pyq8+t2h55ueWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MjczQzM5NkZGMzIxMUVGQjZBODU5NDc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACaWgMDBAOaWgADBAKa
XRQwDQYJKoZIhvcNAQELBQADggEBAMLJuRPmKGd2bRZgq/+trYN55PZuj/xbIYSh
pldazJgUwtd+8qCcoAH/wWklXldjlHSHrYaftzKP7s6V1FuMCanPeBpkmNhCFErs
ExmtNhBZf1t5XM1JyikmlofRAnkyR4YMB1pfKDtyVwVkWD+MDnWuyfBmNkpKkQ6Q
+0tqKxke+YhF0VpuJMtLC+YGJqZmolN0x/yuhlICt5MeKxTbBISl1ghgY7No1mXq
Sa2mfYGuJFXXGIarDyBNVZ80p38L0lgsTujKWbSl0I3SBvOwaPB6xB7eAsaT2jZD
lZjMJZK0ULwA40j0rRdzZPLfXWhZnMzafacFVeP+LTiXuDiZDxg=
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:33:23 2025 by rpki-client