Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/976031F8F35811EFA0794994762E951A.roa
File: 976031F8F35811EFA0794994762E951A.roa (raw, json)
Hash identifier: I0QNioy2LYGAQxevm1oqcLI7wnFu5orIsp9/CrvknEo=
Subject key identifier: EE:6A:3A:54:2C:F5:7B:23:CE:16:89:D4:89:8A:23:CE:63:3E:21:E4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015DE6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/976031F8F35811EFA0794994762E951A.roa
Signing time: Tue 25 Feb 2025 09:12:09 +0000
ROA not before: Tue 25 Feb 2025 09:12:06 +0000
ROA not after: Mon 07 Apr 2025 09:12:06 +0000
asID: 138915
IP address blocks: 154.223.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89574 (0x15de6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 25 09:12:06 2025 GMT
Not After : Apr 7 09:12:06 2025 GMT
Subject: CN=67bd8969-30ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:fd:86:70:79:15:ba:cd:3a:82:51:e1:d3:63:
89:13:12:5e:f0:c3:f7:89:9d:7f:74:a6:dc:3c:41:
ab:d5:79:c6:02:f6:89:bf:92:ed:2c:95:23:a7:7b:
08:09:59:10:ae:94:da:47:70:a1:4c:5a:28:a5:cc:
42:d1:aa:84:c3:ee:9b:28:1c:8b:c5:30:89:19:1b:
ae:dc:4f:14:e9:75:fd:49:32:77:db:50:57:af:aa:
84:0c:4d:94:11:2c:ed:0b:5f:4e:aa:98:86:db:23:
78:48:f7:e4:01:7d:e4:ca:93:6a:e3:c3:cf:42:ad:
68:27:87:e1:89:3d:bb:05:f7:34:22:e9:c8:ec:0b:
bd:22:f7:2a:5b:0b:9f:9c:61:93:82:23:0c:49:99:
b7:5e:30:44:66:bd:4b:79:f1:90:73:07:54:a8:26:
3d:e9:d2:a6:fb:40:f3:5c:92:41:ec:9d:36:33:4e:
7d:f2:60:5b:da:d0:37:ba:1e:e2:cd:03:88:27:4a:
39:4e:09:75:5e:37:14:95:52:52:b9:91:7a:fc:77:
8f:1f:f6:d4:12:db:e2:d1:0d:cd:ec:72:f4:df:64:
91:3b:59:e0:77:81:26:66:74:ee:95:73:53:f8:63:
21:a0:1d:ef:d4:f1:ab:34:b0:60:d7:81:b1:15:b7:
61:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:6A:3A:54:2C:F5:7B:23:CE:16:89:D4:89:8A:23:CE:63:3E:21:E4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/976031F8F35811EFA0794994762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.23.0/24
Signature Algorithm: sha256WithRSAEncryption
21:be:24:f8:8a:d6:d3:a5:57:83:50:f6:ff:18:9a:15:ae:23:
a2:2f:f0:ed:15:a8:32:ce:8a:19:fb:22:37:98:41:5f:09:cc:
ae:ef:2b:f8:ee:a7:33:8a:ad:ca:03:a9:80:02:37:dd:b1:70:
b2:4f:37:d8:49:ae:47:0c:69:6c:ad:e6:d9:23:17:7d:02:79:
54:87:82:72:50:49:c1:ef:b2:c1:e2:cc:53:2b:9d:31:99:31:
21:50:be:09:dc:34:ad:5d:41:98:63:bc:ed:58:ef:34:69:01:
e7:11:99:77:b5:d0:12:ef:c1:d3:1a:86:46:74:c2:bc:9f:94:
df:6d:08:05:0f:8c:87:f2:39:c0:a5:04:6f:8e:94:7c:91:6a:
b2:ed:6a:a0:c2:a5:5e:95:ef:e6:c0:4b:c8:e3:7e:cd:9a:3d:
05:10:b4:99:7f:d6:2b:34:f8:48:e6:10:61:5c:c7:d6:74:1a:
2f:af:09:c6:58:10:a2:df:c4:37:ef:60:c3:78:5a:08:a3:54:
9d:d8:14:56:85:58:e5:a4:0a:6e:e0:88:a9:14:66:5a:39:09:
17:ba:86:7c:66:0d:e7:10:24:38:eb:f3:d6:0f:e2:19:e6:57:
95:0d:11:cc:84:e2:5b:83:61:39:e5:0a:ac:bc:a7:ac:a7:8b:
93:da:83:9e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAV3mMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI1MDkxMjA2WhcNMjUwNDA3MDkxMjA2WjAYMRYw
FAYDVQQDEw02N2JkODk2OS0zMGZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5f2GcHkVus06glHh02OJExJe8MP3iZ1/dKbcPEGr1XnGAvaJv5LtLJUj
p3sICVkQrpTaR3ChTFoopcxC0aqEw+6bKByLxTCJGRuu3E8U6XX9STJ321BXr6qE
DE2UESztC19OqpiG2yN4SPfkAX3kypNq48PPQq1oJ4fhiT27Bfc0IunI7Au9Ivcq
WwufnGGTgiMMSZm3XjBEZr1LefGQcwdUqCY96dKm+0DzXJJB7J02M0598mBb2tA3
uh7izQOIJ0o5Tgl1XjcUlVJSuZF6/HePH/bUEtvi0Q3N7HL032SRO1ngd4EmZnTu
lXNT+GMhoB3v1PGrNLBg14GxFbdhgwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFO5q
OlQs9XsjzhaJ1ImKI85jPiHkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NzYwMzFGOEYzNTgxMUVGQTA3OTQ5OTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt8XMA0GCSqGSIb3DQEB
CwUAA4IBAQAhviT4itbTpVeDUPb/GJoVriOiL/DtFagyzooZ+yI3mEFfCcyu7yv4
7qcziq3KA6mAAjfdsXCyTzfYSa5HDGlsrebZIxd9AnlUh4JyUEnB77LB4sxTK50x
mTEhUL4J3DStXUGYY7ztWO80aQHnEZl3tdAS78HTGoZGdMK8n5TfbQgFD4yH8jnA
pQRvjpR8kWqy7WqgwqVele/mwEvI437Nmj0FELSZf9YrNPhI5hBhXMfWdBovrwnG
WBCi38Q372DDeFoIo1Sd2BRWhVjlpApu4IipFGZaOQkXuoZ8Zg3nECQ46/PWD+IZ
5leVDRHMhOJbg2E55QqsvKesp4uT2oOe
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:53 2025 by rpki-client