Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/90B86212F6AA11EF8D793166762E951A.roa
File: 90B86212F6AA11EF8D793166762E951A.roa (raw, json)
Hash identifier: xpSygAIx+ir4Nj16SMzBLLo9M/6O0YmFeXOKoOTfAcE=
Subject key identifier: DC:1A:D5:54:5B:E4:69:B4:B6:35:D6:B5:D4:46:92:81:1C:00:85:88
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016E7C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/90B86212F6AA11EF8D793166762E951A.roa
Signing time: Sat 01 Mar 2025 14:36:30 +0000
ROA not before: Sat 01 Mar 2025 14:36:27 +0000
ROA not after: Mon 31 Mar 2025 14:36:27 +0000
asID: 49505
IP address blocks: 154.209.214.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93820 (0x16e7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 1 14:36:27 2025 GMT
Not After : Mar 31 14:36:27 2025 GMT
Subject: CN=67c31b6e-590f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e4:19:a9:8a:bb:34:16:c2:8d:dd:fa:c0:d1:
7e:70:db:a6:e4:f0:de:12:d6:ef:eb:c7:a2:bc:e3:
e8:fe:22:f0:b7:af:92:de:d3:84:2c:d0:ae:73:85:
02:e1:68:2f:64:7d:51:c1:17:83:f9:e4:f7:91:2c:
66:88:bb:15:8c:09:27:37:ef:73:3f:09:43:6f:1a:
aa:3c:f7:eb:4a:90:bf:b5:7f:c7:26:1f:fa:88:5c:
37:2a:d7:f0:86:13:09:0a:56:25:ed:01:b5:96:35:
11:eb:7e:d7:ca:2d:45:a5:65:41:2f:13:34:37:3f:
85:2b:f4:96:b4:a6:02:4f:28:05:7f:92:6a:c9:b5:
76:79:07:d5:bc:b7:69:64:2c:3d:2b:07:b7:1f:06:
2b:df:81:39:fb:2d:d8:ae:e7:2b:c3:41:10:1b:3e:
a6:93:b7:31:04:23:da:8c:b8:90:e2:f3:76:20:14:
a1:d8:51:7b:97:0b:da:0b:f2:1f:8a:5c:7d:28:62:
8e:d9:22:73:25:6e:c1:dc:50:54:86:cf:09:4f:0f:
bd:33:de:83:0b:17:ff:24:90:6c:d3:4d:b4:f8:11:
1d:b2:64:e4:2d:50:a3:35:08:91:b3:b0:f0:51:da:
5e:de:39:73:35:43:e0:79:6a:a5:66:12:26:ac:d7:
e0:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:1A:D5:54:5B:E4:69:B4:B6:35:D6:B5:D4:46:92:81:1C:00:85:88
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/90B86212F6AA11EF8D793166762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.214.0/24
Signature Algorithm: sha256WithRSAEncryption
01:81:96:1f:d6:ea:81:4f:3d:fe:41:18:c1:5a:7c:11:8b:9e:
ba:89:42:f9:a7:95:5f:e4:2f:38:84:4a:90:98:f8:41:60:a4:
fd:47:9d:51:2e:73:b4:ee:47:dc:88:ec:b4:6b:65:34:ad:09:
a8:6d:31:c5:91:3b:eb:f1:d1:bb:9b:ab:81:f8:31:0a:96:74:
62:bf:3d:d6:e2:8a:99:e4:92:1d:d6:82:e9:95:dc:77:96:8c:
fa:cb:7a:97:f0:a0:38:83:74:c8:d2:d4:d0:19:00:79:f3:81:
ae:ff:c8:df:0e:60:7d:c2:d4:68:58:3b:79:96:f2:b4:33:01:
a8:41:b5:4a:b4:cb:fa:fa:61:7e:e1:a8:e4:da:d0:44:bf:83:
b6:96:79:b4:0f:d8:8a:f6:75:6d:73:fd:ea:6e:0a:68:12:43:
94:74:29:87:36:ef:b9:c2:f0:d1:06:da:ea:34:17:9e:90:23:
7e:fb:b7:d9:d1:14:3c:1c:97:ad:6d:8c:4f:d1:7d:1f:50:aa:
55:6e:fd:85:65:28:5f:ea:4f:8f:00:b2:1e:50:26:78:5b:43:
90:97:25:3d:1b:58:78:13:63:54:ef:a7:93:b7:ae:56:86:3e:
b0:33:f2:05:4b:5a:64:34:9b:37:3f:c4:20:83:a9:5f:9c:b4:
ff:19:3d:b1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW58MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTQzNjI3WhcNMjUwMzMxMTQzNjI3WjAYMRYw
FAYDVQQDEw02N2MzMWI2ZS01OTBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApOQZqYq7NBbCjd36wNF+cNum5PDeEtbv68eivOPo/iLwt6+S3tOELNCu
c4UC4WgvZH1RwReD+eT3kSxmiLsVjAknN+9zPwlDbxqqPPfrSpC/tX/HJh/6iFw3
KtfwhhMJClYl7QG1ljUR637Xyi1FpWVBLxM0Nz+FK/SWtKYCTygFf5JqybV2eQfV
vLdpZCw9Kwe3HwYr34E5+y3Yrucrw0EQGz6mk7cxBCPajLiQ4vN2IBSh2FF7lwva
C/Ifilx9KGKO2SJzJW7B3FBUhs8JTw+9M96DCxf/JJBs0020+BEdsmTkLVCjNQiR
s7DwUdpe3jlzNUPgeWqlZhImrNfg1QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNwa
1VRb5Gm0tjXWtdRGkoEcAIWIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MEI4NjIxMkY2QUExMUVGOEQ3OTMxNjY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtHWMA0GCSqGSIb3DQEB
CwUAA4IBAQABgZYf1uqBTz3+QRjBWnwRi566iUL5p5Vf5C84hEqQmPhBYKT9R51R
LnO07kfciOy0a2U0rQmobTHFkTvr8dG7m6uB+DEKlnRivz3W4oqZ5JId1oLpldx3
loz6y3qX8KA4g3TI0tTQGQB584Gu/8jfDmB9wtRoWDt5lvK0MwGoQbVKtMv6+mF+
4ajk2tBEv4O2lnm0D9iK9nVtc/3qbgpoEkOUdCmHNu+5wvDRBtrqNBeekCN++7fZ
0RQ8HJetbYxP0X0fUKpVbv2FZShf6k+PALIeUCZ4W0OQlyU9G1h4E2NU76eTt65W
hj6wM/IFS1pkNJs3P8Qgg6lfnLT/GT2x
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:43:07 2025 by rpki-client