Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/907BB56EFB3311EF992555A2762E951A.roa
File: 907BB56EFB3311EF992555A2762E951A.roa (raw, json)
Hash identifier: 6kmAnNMmVbsxYvS8HTAbt9PyiMbjGZhAvSLnKcv4Fto=
Subject key identifier: 8D:34:06:E1:A5:73:AB:1A:94:7C:E1:E6:00:64:26:8D:AC:56:2F:67
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0172DC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/907BB56EFB3311EF992555A2762E951A.roa
Signing time: Fri 07 Mar 2025 09:07:16 +0000
ROA not before: Fri 07 Mar 2025 09:07:11 +0000
ROA not after: Sat 12 Apr 2025 09:07:11 +0000
asID: 57043
IP address blocks: 154.193.129.0/24 maxlen: 24
154.193.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94940 (0x172dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 7 09:07:11 2025 GMT
Not After : Apr 12 09:07:11 2025 GMT
Subject: CN=67cab744-45dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:70:f6:15:f5:a2:58:12:d3:71:9d:85:a2:0c:
0f:68:8b:0d:c8:30:bc:80:09:42:36:31:4d:12:4e:
67:b7:52:06:24:5e:d2:d2:3d:6a:f3:3d:46:5f:d9:
7b:0f:a6:44:94:5f:b3:a9:7a:50:20:67:07:c2:ef:
d6:61:ff:af:3e:55:9e:90:62:79:62:19:3e:a6:eb:
29:74:44:35:e7:31:5c:16:03:c8:36:1c:ac:06:6b:
9d:bc:0e:86:72:1d:f4:5c:40:74:7b:c7:a5:b3:46:
58:9c:32:56:bc:f6:6c:2d:56:6a:f5:cf:3f:5e:ea:
f1:9d:69:3a:b4:66:1b:49:e4:57:d0:68:7a:3a:92:
8b:05:d4:03:9d:9b:32:e6:10:28:a8:63:81:80:17:
4f:66:67:e1:6e:ff:19:5b:f4:7a:10:00:bc:44:bf:
3a:b5:ee:87:98:2c:28:de:96:89:07:f1:8a:97:8e:
a8:ea:18:de:5c:95:e8:05:10:90:1a:0b:6d:a2:21:
60:c5:a3:67:a8:ea:21:cc:96:51:a4:1e:e6:81:4e:
36:a3:9e:01:0d:68:ba:91:c3:27:88:bb:9d:f1:90:
1b:b9:2d:cd:45:39:2e:c1:df:44:80:48:2c:37:cd:
fa:6f:05:ea:bb:90:50:6b:29:27:8e:e0:6d:99:2d:
32:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:34:06:E1:A5:73:AB:1A:94:7C:E1:E6:00:64:26:8D:AC:56:2F:67
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/907BB56EFB3311EF992555A2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.129.0/24
154.193.131.0/24
Signature Algorithm: sha256WithRSAEncryption
27:2b:a6:53:d9:f0:40:b9:75:ca:15:8e:88:0a:5e:5d:bd:e5:
6c:57:97:e0:58:de:a6:fa:fb:c7:c8:15:63:89:5c:7b:8d:32:
cf:8c:b6:77:da:41:66:68:a3:a3:4d:cc:a4:42:bf:8a:88:2f:
ee:59:35:4c:65:07:f7:4b:a3:9e:17:20:d8:80:3f:4e:6d:a3:
36:60:b6:c9:55:cd:33:c7:c2:93:78:10:22:bd:b7:d7:9f:46:
85:81:77:7c:d6:8f:5a:84:8b:eb:f3:05:73:34:af:92:9c:fd:
b2:c5:a7:93:6e:42:25:d3:a0:4a:85:d3:6a:3d:02:47:51:bc:
10:a9:5f:52:61:91:56:5f:d7:f8:ed:78:66:d5:53:18:53:a8:
a6:30:82:57:2e:91:c3:79:fa:ca:21:fa:ff:70:48:28:cc:6b:
32:b9:6a:8e:ee:79:e9:f1:7f:58:2b:7f:6c:ef:cc:35:42:22:
d0:74:9e:f8:d8:99:fd:68:4c:25:38:f0:4d:b5:67:f7:c5:ec:
54:73:b1:98:ab:9a:5c:4e:b7:42:0a:25:4b:8d:15:a3:e7:79:
f0:c0:fc:2d:02:b3:e3:8a:c4:89:d7:8c:3d:bf:93:40:f5:0f:
8d:ac:87:96:2a:ce:35:aa:02:28:0b:4b:db:16:6d:e6:42:b2:
dd:5a:73:cc
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXLcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA3MDkwNzExWhcNMjUwNDEyMDkwNzExWjAYMRYw
FAYDVQQDEw02N2NhYjc0NC00NWRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4HD2FfWiWBLTcZ2FogwPaIsNyDC8gAlCNjFNEk5nt1IGJF7S0j1q8z1G
X9l7D6ZElF+zqXpQIGcHwu/WYf+vPlWekGJ5Yhk+puspdEQ15zFcFgPINhysBmud
vA6Gch30XEB0e8els0ZYnDJWvPZsLVZq9c8/XurxnWk6tGYbSeRX0Gh6OpKLBdQD
nZsy5hAoqGOBgBdPZmfhbv8ZW/R6EAC8RL86te6HmCwo3paJB/GKl46o6hjeXJXo
BRCQGgttoiFgxaNnqOohzJZRpB7mgU42o54BDWi6kcMniLud8ZAbuS3NRTkuwd9E
gEgsN836bwXqu5BQayknjuBtmS0yQwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFI00
BuGlc6salHzh5gBkJo2sVi9nMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MDdCQjU2RUZCMzMxMUVGOTkyNTU1QTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsGBAwQAmsGDMA0GCSqG
SIb3DQEBCwUAA4IBAQAnK6ZT2fBAuXXKFY6ICl5dveVsV5fgWN6m+vvHyBVjiVx7
jTLPjLZ32kFmaKOjTcykQr+KiC/uWTVMZQf3S6OeFyDYgD9ObaM2YLbJVc0zx8KT
eBAivbfXn0aFgXd81o9ahIvr8wVzNK+SnP2yxaeTbkIl06BKhdNqPQJHUbwQqV9S
YZFWX9f47Xhm1VMYU6imMIJXLpHDefrKIfr/cEgozGsyuWqO7nnp8X9YK39s78w1
QiLQdJ742Jn9aEwlOPBNtWf3xexUc7GYq5pcTrdCCiVLjRWj53nwwPwtArPjisSJ
14w9v5NA9Q+NrIeWKs41qgIoC0vbFm3mQrLdWnPM
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:33 2025 by rpki-client