Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/95E7DCF8F35911EFA384309B762E951A.roa
File: 95E7DCF8F35911EFA384309B762E951A.roa (raw, json)
Hash identifier: KF3eeeCJW+p2xWIfdAoAGgzECefiO17EUjLDcKM/ngU=
Subject key identifier: 00:66:B2:33:48:72:CE:B8:99:A5:E2:15:75:C4:07:28:96:48:02:45
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015DF2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/95E7DCF8F35911EFA384309B762E951A.roa
Signing time: Tue 25 Feb 2025 09:19:16 +0000
ROA not before: Tue 25 Feb 2025 09:19:13 +0000
ROA not after: Mon 07 Apr 2025 09:19:13 +0000
asID: 138915
IP address blocks: 154.223.28.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89586 (0x15df2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 25 09:19:13 2025 GMT
Not After : Apr 7 09:19:13 2025 GMT
Subject: CN=67bd8b14-44bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f8:8b:e9:27:5e:98:7c:5d:d6:49:65:a7:70:
be:f3:70:dd:49:ee:3d:65:00:de:b3:04:63:1b:ac:
e2:58:d7:ac:bd:af:07:32:97:fe:49:62:b4:66:82:
d9:bb:4d:02:06:11:1a:76:1b:fe:bc:c2:87:92:8d:
e6:04:c8:7b:be:c8:4c:71:f1:9a:54:81:64:d8:76:
fa:2d:b8:e7:68:0d:e3:88:a0:18:be:40:a6:27:32:
61:a2:6d:d1:88:b6:85:f5:18:31:21:31:92:e6:8d:
e9:62:16:12:fa:10:89:21:1b:0d:40:18:63:fd:50:
44:77:92:ae:55:f0:27:b6:9f:46:cb:74:af:1f:79:
05:b9:26:2d:76:e1:a8:6d:85:27:3d:c6:cd:7c:c2:
5d:a4:b2:64:ee:1e:bf:39:1e:e3:2e:99:4d:54:bf:
21:37:3d:ca:8e:89:f5:27:49:3a:b0:dc:49:79:94:
a6:b6:41:9b:24:26:e9:39:01:a4:7b:13:58:36:30:
78:6a:25:c0:a5:05:bf:ae:f8:4e:c8:2c:cb:29:a3:
ae:7a:e9:64:82:70:46:73:c1:be:79:26:f0:98:9f:
38:e0:de:9f:68:dc:2c:53:a4:b2:7c:ad:09:6e:30:
01:63:78:0b:95:48:4a:f1:72:9f:98:68:b9:8b:0a:
d3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:66:B2:33:48:72:CE:B8:99:A5:E2:15:75:C4:07:28:96:48:02:45
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/95E7DCF8F35911EFA384309B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.28.0/23
Signature Algorithm: sha256WithRSAEncryption
d2:14:1a:43:20:cc:d8:1d:3f:2f:f7:6a:f1:02:4b:ef:f2:7c:
f3:87:34:08:bd:26:67:51:ba:59:ff:cd:70:42:d6:4d:dc:85:
7c:34:66:8f:90:6b:ed:59:00:90:58:8f:fd:79:98:d9:87:a2:
79:b3:8f:41:13:a5:cc:18:eb:11:b9:f0:97:ad:3d:0a:73:90:
07:04:88:64:bf:40:a2:3c:c0:b6:d8:a5:e8:9c:73:17:c7:60:
61:7b:30:a8:30:d3:a6:9a:7a:d8:8e:6b:59:0c:af:32:73:e1:
49:30:e4:fd:67:2f:3b:04:5e:8e:48:16:99:44:94:06:1f:2c:
5b:62:35:bd:d5:25:f5:ce:71:f6:e5:e6:0f:99:ca:99:38:0e:
5d:04:4e:9d:85:c2:eb:de:a2:0a:96:9e:33:ce:53:a8:e5:0b:
2d:d4:10:6a:11:00:ec:7d:40:19:e3:0b:15:16:e9:14:07:bd:
d5:b1:3e:a4:54:d0:04:b7:2d:8d:04:2e:01:73:a2:86:e5:de:
2d:47:90:a3:2b:d5:cd:8b:5d:fb:9e:d1:6f:84:2a:d9:92:8d:
3f:2a:77:65:e3:ab:4f:48:a0:86:dc:2b:fa:a0:29:58:3c:a3:
32:85:3f:f8:cb:13:2c:ee:5d:95:5f:1f:ab:86:6b:08:ef:b8:
6d:e5:20:a4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAV3yMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI1MDkxOTEzWhcNMjUwNDA3MDkxOTEzWjAYMRYw
FAYDVQQDEw02N2JkOGIxNC00NGJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqviL6SdemHxd1kllp3C+83DdSe49ZQDeswRjG6ziWNesva8HMpf+SWK0
ZoLZu00CBhEadhv+vMKHko3mBMh7vshMcfGaVIFk2Hb6LbjnaA3jiKAYvkCmJzJh
om3RiLaF9RgxITGS5o3pYhYS+hCJIRsNQBhj/VBEd5KuVfAntp9Gy3SvH3kFuSYt
duGobYUnPcbNfMJdpLJk7h6/OR7jLplNVL8hNz3Kjon1J0k6sNxJeZSmtkGbJCbp
OQGkexNYNjB4aiXApQW/rvhOyCzLKaOueulkgnBGc8G+eSbwmJ844N6faNwsU6Sy
fK0JbjABY3gLlUhK8XKfmGi5iwrTgQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFABm
sjNIcs64maXiFXXEByiWSAJFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NUU3RENGOEYzNTkxMUVGQTM4NDMwOUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmt8cMA0GCSqGSIb3DQEB
CwUAA4IBAQDSFBpDIMzYHT8v92rxAkvv8nzzhzQIvSZnUbpZ/81wQtZN3IV8NGaP
kGvtWQCQWI/9eZjZh6J5s49BE6XMGOsRufCXrT0Kc5AHBIhkv0CiPMC22KXonHMX
x2BhezCoMNOmmnrYjmtZDK8yc+FJMOT9Zy87BF6OSBaZRJQGHyxbYjW91SX1znH2
5eYPmcqZOA5dBE6dhcLr3qIKlp4zzlOo5Qst1BBqEQDsfUAZ4wsVFukUB73VsT6k
VNAEty2NBC4Bc6KG5d4tR5CjK9XNi137ntFvhCrZko0/Kndl46tPSKCG3Cv6oClY
PKMyhT/4yxMs7l2VXx+rhmsI77ht5SCk
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:59:43 2025 by rpki-client