Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8F71555CFF1611EF8BDC9394762E951A.roa
File: 8F71555CFF1611EF8BDC9394762E951A.roa (raw, json)
Hash identifier: 2k+oz8pePeiXFZ5pWNUztCqZNzamQPyNIIVkl2L4v1k=
Subject key identifier: 67:A4:BF:E3:80:53:05:C6:33:0F:C2:D7:65:E0:62:65:EF:0F:0A:B2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0173A7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8F71555CFF1611EF8BDC9394762E951A.roa
Signing time: Wed 12 Mar 2025 07:49:43 +0000
ROA not before: Wed 12 Mar 2025 07:49:39 +0000
ROA not after: Mon 05 May 2025 07:49:39 +0000
asID: 398823
IP address blocks: 154.90.224.0/19 maxlen: 24
154.92.176.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95143 (0x173a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 12 07:49:39 2025 GMT
Not After : May 5 07:49:39 2025 GMT
Subject: CN=67d13c97-1aa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c4:fe:2c:79:44:03:9b:d5:00:cd:73:82:c7:
04:e6:4a:30:74:53:d5:a1:91:99:4d:0c:fb:c1:65:
aa:bd:8b:44:59:24:75:06:3e:30:c4:a6:9c:01:03:
94:44:cf:15:24:fc:c2:ce:9a:95:bf:3a:3f:5c:f0:
53:c6:9d:4f:a6:e4:37:66:a6:5c:32:0f:57:05:1d:
d5:f6:81:f9:f7:c7:ee:8b:5b:38:6c:ab:0e:77:d3:
51:11:7f:24:b4:bd:42:4f:78:2f:e8:8b:ce:ba:97:
6b:15:ec:1b:75:be:9d:61:52:da:98:79:7a:8c:a5:
6a:a2:f9:9d:81:c8:32:58:8d:6a:be:57:e5:83:fb:
8f:19:01:50:6c:cf:d6:5e:0f:ba:82:d9:63:56:b4:
54:e5:d5:a1:c6:50:c4:f3:24:15:ec:fa:f5:21:56:
26:ca:fa:f9:de:94:aa:de:2c:f9:3e:1e:5a:37:f2:
11:02:cc:6b:67:7d:48:1f:bf:14:2d:94:73:fc:37:
df:b2:79:fc:ab:34:ab:46:41:39:e7:db:f7:f5:fc:
24:f9:9d:2f:0e:d9:de:98:35:35:12:13:b0:ed:e9:
ea:48:3d:15:30:7e:73:f2:0b:00:e5:42:b8:14:4b:
c9:5f:bd:01:42:08:22:39:6f:dd:2e:a3:10:2a:e0:
87:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A4:BF:E3:80:53:05:C6:33:0F:C2:D7:65:E0:62:65:EF:0F:0A:B2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8F71555CFF1611EF8BDC9394762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.224.0/19
154.92.176.0/20
Signature Algorithm: sha256WithRSAEncryption
41:64:3a:24:0f:0a:2d:41:b5:c8:a7:45:1c:2c:1b:bd:0c:4d:
8d:31:7c:0d:e2:88:ad:4e:d5:bd:c9:87:6a:32:ec:61:0a:ca:
fa:62:43:5a:4d:ed:01:75:8e:99:d4:28:01:eb:4c:ca:90:da:
24:7e:b2:97:0f:b5:55:62:9d:53:a4:3f:52:51:56:9d:e4:61:
f7:cf:77:2c:5a:6b:5d:86:da:83:98:10:3a:54:74:77:da:59:
71:20:f1:96:08:e2:89:71:0e:dd:17:31:6d:d0:12:91:c1:79:
1d:1e:b5:ea:bd:82:b9:81:f7:d0:f1:9f:7a:ab:b5:af:18:30:
e4:9b:d5:21:04:b9:aa:5c:4e:05:d5:49:3d:ab:17:4b:a9:30:
44:90:dc:fa:fe:0b:5b:09:40:4e:41:d3:09:4a:0a:18:c2:f0:
37:3d:1c:a7:4e:23:21:40:84:48:91:84:3e:58:b8:25:fd:9d:
47:62:38:37:2c:c5:04:33:9d:da:05:eb:d7:d3:46:3c:fe:e5:
6e:08:68:b7:9b:26:46:57:3d:d3:48:c2:44:7c:ef:eb:cc:2e:
97:a9:af:ea:89:8f:2b:af:db:78:17:4a:60:bc:40:73:83:64:
a9:15:13:75:a3:c3:21:de:c0:9b:c0:5b:af:ee:97:1e:28:2a:
c9:e0:e6:20
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXOnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzEyMDc0OTM5WhcNMjUwNTA1MDc0OTM5WjAYMRYw
FAYDVQQDEw02N2QxM2M5Ny0xYWE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt8T+LHlEA5vVAM1zgscE5kowdFPVoZGZTQz7wWWqvYtEWSR1Bj4wxKac
AQOURM8VJPzCzpqVvzo/XPBTxp1PpuQ3ZqZcMg9XBR3V9oH598fui1s4bKsOd9NR
EX8ktL1CT3gv6IvOupdrFewbdb6dYVLamHl6jKVqovmdgcgyWI1qvlflg/uPGQFQ
bM/WXg+6gtljVrRU5dWhxlDE8yQV7Pr1IVYmyvr53pSq3iz5Ph5aN/IRAsxrZ31I
H78ULZRz/Dffsnn8qzSrRkE559v39fwk+Z0vDtnemDU1EhOw7enqSD0VMH5z8gsA
5UK4FEvJX70BQggiOW/dLqMQKuCH8wIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFGek
v+OAUwXGMw/C12XgYmXvDwqyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RjcxNTU1Q0ZGMTYxMUVGOEJEQzkzOTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFmlrgAwQEmlywMA0GCSqG
SIb3DQEBCwUAA4IBAQBBZDokDwotQbXIp0UcLBu9DE2NMXwN4oitTtW9yYdqMuxh
Csr6YkNaTe0BdY6Z1CgB60zKkNokfrKXD7VVYp1TpD9SUVad5GH3z3csWmtdhtqD
mBA6VHR32llxIPGWCOKJcQ7dFzFt0BKRwXkdHrXqvYK5gffQ8Z96q7WvGDDkm9Uh
BLmqXE4F1Uk9qxdLqTBEkNz6/gtbCUBOQdMJSgoYwvA3PRynTiMhQIRIkYQ+WLgl
/Z1HYjg3LMUEM53aBevX00Y8/uVuCGi3myZGVz3TSMJEfO/rzC6Xqa/qiY8rr9t4
F0pgvEBzg2SpFRN1o8Mh3sCbwFuv7pceKCrJ4OYg
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:57 2025 by rpki-client