Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/95BA38B0F4A411EFB8A0C47A762E951A.roa
File: 95BA38B0F4A411EFB8A0C47A762E951A.roa (raw, json)
Hash identifier: /dJ9OpYYlLzKoq9RtdmKHGc7O0aN5n8mCk/2lB8UB0M=
Subject key identifier: 93:10:49:E3:42:68:CD:DE:0A:1B:7E:A4:C5:C2:6B:9B:0C:52:54:46
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016613
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/95BA38B0F4A411EFB8A0C47A762E951A.roa
Signing time: Thu 27 Feb 2025 00:48:40 +0000
ROA not before: Thu 27 Feb 2025 00:00:35 +0000
ROA not after: Thu 19 Feb 2026 00:00:35 +0000
asID: 984
IP address blocks: 154.200.62.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91667 (0x16613)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 27 00:00:35 2025 GMT
Not After : Feb 19 00:00:35 2026 GMT
Subject: CN=67bfb667-b3a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:31:98:9d:63:cf:74:6b:06:c9:e7:c8:49:e0:
37:77:c8:13:f4:13:8d:0e:4a:cd:ac:5c:07:91:eb:
e9:f8:c9:01:cf:4c:89:ec:9e:93:6b:67:b9:bd:e1:
04:44:3f:f5:ea:b6:49:3c:40:74:f7:72:3f:d1:7b:
c5:29:16:20:2f:93:01:e2:50:b4:ef:01:14:5e:0b:
76:0e:a5:a9:ae:bc:f1:60:ed:43:19:74:30:32:31:
e3:f7:40:a7:dc:fe:69:78:1a:4f:07:7e:ed:ee:4a:
2c:ae:21:d7:60:df:74:66:05:20:ca:29:98:56:16:
3e:90:d3:83:10:cd:46:6a:59:14:63:f4:6a:c0:ee:
d3:71:a4:9f:d0:f9:8f:17:56:a9:52:03:17:ec:0a:
4b:f4:63:3a:4a:b1:94:df:23:85:88:77:a1:1a:b7:
4b:26:45:c8:14:72:1e:bd:4c:f8:f7:86:1d:b3:06:
3c:ad:f1:87:1e:06:35:12:13:7e:bc:cd:1f:a9:8b:
05:99:34:36:3b:83:52:79:73:91:dd:f0:eb:e5:e5:
5e:72:e1:82:bc:f8:e2:06:fc:24:d0:1d:83:93:ed:
91:ce:0e:a4:d6:3c:96:e9:18:49:32:e1:25:03:84:
0b:74:22:7e:8e:82:a8:8f:cd:4d:df:2e:46:7f:0f:
1d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:10:49:E3:42:68:CD:DE:0A:1B:7E:A4:C5:C2:6B:9B:0C:52:54:46
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/95BA38B0F4A411EFB8A0C47A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.62.0/24
Signature Algorithm: sha256WithRSAEncryption
15:10:98:23:bc:30:b4:8e:89:ea:1e:4f:6b:48:41:5f:51:1c:
1b:08:45:cd:fb:fa:cc:b5:de:4b:26:64:58:5f:b7:b4:b9:af:
59:85:01:14:f7:c0:49:14:95:b9:b6:e6:83:d0:ee:c3:6f:f0:
52:04:db:91:73:45:03:bc:66:c8:e7:2c:f4:05:e6:b7:58:f9:
30:6d:64:f6:b1:52:b4:42:8d:dd:3f:04:15:45:ae:b5:6f:f8:
1d:c2:71:b2:24:af:d6:4f:e4:6b:b2:0c:55:e3:a6:6d:a2:10:
16:4b:e5:05:0b:b8:d2:9d:5e:84:f5:14:e9:78:76:91:62:82:
e1:06:dd:7c:7c:a3:25:20:c3:41:f7:74:e7:49:66:7d:bf:e4:
04:3b:7c:33:63:ea:21:5b:39:7f:ac:2c:cd:95:6e:b3:ca:0f:
95:28:c0:26:7d:50:81:65:a8:a3:0a:50:25:48:2b:81:86:71:
6b:80:81:3a:49:fa:15:3c:f3:5d:27:19:62:62:e2:2d:c8:5b:
f8:17:53:b5:6b:fb:f7:92:09:be:06:f5:b4:02:d6:a2:e5:85:
d4:2d:ea:eb:5e:a1:a0:0a:4d:5b:9b:98:74:ac:ce:e0:bb:09:
bf:37:60:b3:3e:f3:ac:3d:52:2a:06:a0:21:06:46:3c:5a:7e:
3e:bf:5a:3f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWYTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDAwMDM1WhcNMjYwMjE5MDAwMDM1WjAYMRYw
FAYDVQQDEw02N2JmYjY2Ny1iM2E2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtjGYnWPPdGsGyefISeA3d8gT9BONDkrNrFwHkevp+MkBz0yJ7J6Ta2e5
veEERD/16rZJPEB093I/0XvFKRYgL5MB4lC07wEUXgt2DqWprrzxYO1DGXQwMjHj
90Cn3P5peBpPB37t7kosriHXYN90ZgUgyimYVhY+kNODEM1GalkUY/RqwO7TcaSf
0PmPF1apUgMX7ApL9GM6SrGU3yOFiHehGrdLJkXIFHIevUz494YdswY8rfGHHgY1
EhN+vM0fqYsFmTQ2O4NSeXOR3fDr5eVecuGCvPjiBvwk0B2Dk+2Rzg6k1jyW6RhJ
MuElA4QLdCJ+joKoj81N3y5Gfw8dqwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJMQ
SeNCaM3eCht+pMXCa5sMUlRGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NUJBMzhCMEY0QTQxMUVGQjhBMEM0N0E3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsg+MA0GCSqGSIb3DQEB
CwUAA4IBAQAVEJgjvDC0jonqHk9rSEFfURwbCEXN+/rMtd5LJmRYX7e0ua9ZhQEU
98BJFJW5tuaD0O7Db/BSBNuRc0UDvGbI5yz0Bea3WPkwbWT2sVK0Qo3dPwQVRa61
b/gdwnGyJK/WT+RrsgxV46ZtohAWS+UFC7jSnV6E9RTpeHaRYoLhBt18fKMlIMNB
93TnSWZ9v+QEO3wzY+ohWzl/rCzNlW6zyg+VKMAmfVCBZaijClAlSCuBhnFrgIE6
SfoVPPNdJxliYuItyFv4F1O1a/v3kgm+BvW0Atai5YXULerrXqGgCk1bm5h0rM7g
uwm/N2CzPvOsPVIqBqAhBkY8Wn4+v1o/
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:23 2025 by rpki-client