Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8C7C5346F5C611EFB653E34E762E951A.roa
File: 8C7C5346F5C611EFB653E34E762E951A.roa (raw, json)
Hash identifier: fDHlLGYiyYtdJGeAguGGO0DVBPP9+ttLQO5SGMFduFg=
Subject key identifier: 2A:A8:1A:1A:FD:D3:5C:FB:42:C2:05:2B:DA:E2:DC:D9:86:51:0B:B2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016AE5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8C7C5346F5C611EFB653E34E762E951A.roa
Signing time: Fri 28 Feb 2025 11:24:18 +0000
ROA not before: Fri 28 Feb 2025 11:24:03 +0000
ROA not after: Fri 11 Apr 2025 11:24:03 +0000
asID: 63139
IP address blocks: 154.203.164.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92901 (0x16ae5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 28 11:24:03 2025 GMT
Not After : Apr 11 11:24:03 2025 GMT
Subject: CN=67c19ce2-2809
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:08:e8:d0:c1:82:7a:32:eb:9e:26:f3:d1:9b:
51:46:10:c6:1b:43:1b:01:13:87:e1:dd:89:ea:97:
1b:40:e1:c4:d3:6d:c6:71:e8:46:96:60:89:2f:2e:
f5:3c:26:b8:12:fe:5e:a3:4a:0a:4a:62:8b:70:15:
79:81:56:35:a9:d6:7b:ef:33:b3:a0:ba:ef:4d:27:
9f:61:67:17:21:fd:02:93:30:6e:1f:01:76:ef:dc:
7f:19:4a:d0:50:1d:68:ac:67:99:b1:f2:73:71:89:
18:7b:99:31:ec:8b:6e:c8:b3:d4:0d:52:86:fa:41:
97:45:60:b6:02:15:b1:c6:ee:c8:67:ed:cd:db:dc:
0c:5f:c0:4e:df:4c:46:69:0e:70:b9:45:59:61:90:
0d:ae:dc:af:20:03:4c:34:3c:25:b8:79:d4:0d:f9:
b5:a7:66:a4:58:5c:01:6d:6c:10:56:f2:e8:46:79:
68:10:22:d6:24:41:25:10:32:2b:6f:cf:13:09:9f:
b1:f8:07:dc:ee:b4:e6:75:cb:25:30:d6:9b:9d:1f:
7f:79:96:87:33:a0:cc:27:10:07:df:98:0b:10:89:
51:40:6e:54:46:7d:87:8d:0e:9c:66:11:18:09:bb:
19:09:84:3b:ec:17:2c:00:fe:fb:75:c5:43:b4:d7:
3f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:A8:1A:1A:FD:D3:5C:FB:42:C2:05:2B:DA:E2:DC:D9:86:51:0B:B2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8C7C5346F5C611EFB653E34E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.164.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:30:9f:2b:df:19:79:bf:dc:a3:48:bd:ba:4a:e6:50:a0:dc:
74:47:71:56:2e:53:22:f5:2c:af:4d:bc:84:e8:c5:11:0e:3c:
43:84:ae:0f:d8:b3:6a:cc:26:f4:c4:38:fb:8a:cd:66:08:25:
56:13:ba:3b:73:3b:f9:1d:32:60:fe:0b:02:fe:c2:89:bd:ea:
19:42:42:d9:83:2c:2b:44:f4:8d:55:83:a8:3f:5b:16:27:e5:
55:5f:67:87:b5:ca:5d:99:05:63:b4:88:9e:ce:b0:e0:65:13:
30:f4:2d:c1:f9:2d:01:5c:33:8a:f0:ab:3c:83:a4:cf:bb:e2:
ea:f2:a0:2f:71:09:55:c4:fa:b5:f4:e8:40:2f:67:29:cc:f7:
4f:aa:34:26:19:e8:db:70:7a:bd:eb:fa:d2:56:25:db:7d:fa:
be:c5:1c:a9:65:38:2f:79:1f:df:43:13:42:bf:2f:51:b8:e1:
66:2b:b4:3d:16:70:6f:5f:ce:d7:88:d1:5d:7c:ec:3c:de:a8:
33:05:02:d8:63:dd:1e:e3:d5:a4:e4:4e:3a:2e:98:55:fe:08:
57:71:e2:e2:10:75:ce:bd:be:87:79:f9:88:5d:19:b8:a7:96:
cb:4e:52:78:5e:96:bd:7d:6a:e3:13:25:c5:85:7c:81:06:73:
27:ae:f8:b0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWrlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MTEyNDAzWhcNMjUwNDExMTEyNDAzWjAYMRYw
FAYDVQQDEw02N2MxOWNlMi0yODA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwQjo0MGCejLrnibz0ZtRRhDGG0MbAROH4d2J6pcbQOHE023GcehGlmCJ
Ly71PCa4Ev5eo0oKSmKLcBV5gVY1qdZ77zOzoLrvTSefYWcXIf0CkzBuHwF279x/
GUrQUB1orGeZsfJzcYkYe5kx7ItuyLPUDVKG+kGXRWC2AhWxxu7IZ+3N29wMX8BO
30xGaQ5wuUVZYZANrtyvIANMNDwluHnUDfm1p2akWFwBbWwQVvLoRnloECLWJEEl
EDIrb88TCZ+x+Afc7rTmdcslMNabnR9/eZaHM6DMJxAH35gLEIlRQG5URn2HjQ6c
ZhEYCbsZCYQ77BcsAP77dcVDtNc/VwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCqo
Ghr901z7QsIFK9ri3NmGUQuyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QzdDNTM0NkY1QzYxMUVGQjY1M0UzNEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsukMA0GCSqGSIb3DQEB
CwUAA4IBAQC8MJ8r3xl5v9yjSL26SuZQoNx0R3FWLlMi9SyvTbyE6MURDjxDhK4P
2LNqzCb0xDj7is1mCCVWE7o7czv5HTJg/gsC/sKJveoZQkLZgywrRPSNVYOoP1sW
J+VVX2eHtcpdmQVjtIiezrDgZRMw9C3B+S0BXDOK8Ks8g6TPu+Lq8qAvcQlVxPq1
9OhAL2cpzPdPqjQmGejbcHq96/rSViXbffq+xRypZTgveR/fQxNCvy9RuOFmK7Q9
FnBvX87XiNFdfOw83qgzBQLYY90e49Wk5E46LphV/ghXceLiEHXOvb6HefmIXRm4
p5bLTlJ4Xpa9fWrjEyXFhXyBBnMnrviw
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:39 2025 by rpki-client