Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9F24B154070611F09F2753A9762E951A.roa
File: 9F24B154070611F09F2753A9762E951A.roa (raw, json)
Hash identifier: 8eurvQ7b8tRYtVOVp7O0MAFdG5x5mTLnV9YxdhQyguQ=
Subject key identifier: F3:AD:77:25:5E:2D:0D:98:10:CA:3B:8D:A9:0C:A5:8A:E5:F1:39:53
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01758B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9F24B154070611F09F2753A9762E951A.roa
Signing time: Sat 22 Mar 2025 10:15:47 +0000
ROA not before: Sat 22 Mar 2025 10:15:43 +0000
ROA not after: Sat 03 May 2025 10:15:43 +0000
asID: 174
IP address blocks: 154.88.32.0/24 maxlen: 24
154.88.33.0/24 maxlen: 24
154.88.34.0/24 maxlen: 24
154.88.35.0/24 maxlen: 24
154.88.41.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95627 (0x1758b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 22 10:15:43 2025 GMT
Not After : May 3 10:15:43 2025 GMT
Subject: CN=67de8dd3-8cd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:63:f3:e6:7a:0d:03:80:36:c1:49:54:75:cf:
1c:06:25:20:1d:d8:ba:9d:17:f2:00:1c:eb:aa:7a:
c8:58:c2:23:60:97:e9:e4:7a:86:a6:71:63:73:15:
de:4d:d8:81:a6:c4:36:43:e8:a9:04:c0:62:de:aa:
ce:10:a3:1a:65:6e:a4:02:7d:a0:b7:88:5e:76:f5:
19:60:a1:d3:c4:0b:88:1f:a7:08:c5:42:12:f9:5d:
f7:c0:cc:04:00:12:84:74:ac:a7:04:77:ba:aa:ba:
30:17:b6:9c:33:a8:9d:4a:85:7e:f9:69:e5:9f:2e:
1e:44:3c:ac:60:22:a5:f6:89:08:6a:ba:57:34:11:
54:a1:73:a3:09:0d:e2:7b:f0:09:b1:d2:52:de:33:
7f:3d:a2:01:87:8d:dc:f3:aa:dc:b2:43:68:5e:1b:
01:77:88:f1:bb:3f:b3:6c:f5:4e:51:da:6a:cf:47:
3b:c0:67:84:d5:b9:5e:af:fc:56:00:a2:2e:5b:f0:
b6:df:a4:64:54:3e:49:35:db:b0:c4:5b:90:bd:25:
67:6d:9d:35:d7:40:08:da:8b:9c:ff:a1:d5:66:44:
80:06:2d:28:1e:18:46:67:7c:ad:78:c7:bf:22:cf:
0e:a1:3a:ed:6e:bb:ea:68:4e:71:63:06:8d:9e:fe:
e5:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:AD:77:25:5E:2D:0D:98:10:CA:3B:8D:A9:0C:A5:8A:E5:F1:39:53
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9F24B154070611F09F2753A9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.32.0/22
154.88.41.0/24
Signature Algorithm: sha256WithRSAEncryption
17:a3:af:5f:a2:14:13:6e:82:87:45:74:1d:74:23:7f:95:43:
48:2e:38:64:8e:a2:21:10:aa:22:ce:6b:9e:0c:96:09:37:c6:
08:72:b4:64:39:19:61:b8:92:44:9b:e3:5d:20:8f:79:81:41:
e4:92:58:ed:05:fb:6c:95:32:7a:11:34:c9:bc:5a:14:2d:01:
00:b6:b0:43:8a:f2:77:c5:1e:2d:7d:74:25:13:8e:53:5f:24:
21:a1:d1:67:26:fa:ff:ba:f7:01:6d:7e:f2:ab:c1:e7:3e:46:
8d:28:65:f7:a3:dc:c8:fd:c4:72:e5:e5:c8:f1:c2:20:7c:d7:
91:68:f2:11:1e:38:b8:b0:67:7f:af:5c:b6:12:a1:7d:07:a0:
f0:bf:a7:0f:64:1b:03:af:56:70:32:37:64:ae:d5:0a:8c:81:
25:b9:c8:05:69:9b:d4:7c:e6:a5:28:66:4a:d7:93:be:4e:90:
a9:75:a3:0f:04:0e:65:1b:e2:bb:61:fd:05:6f:2d:ef:9c:10:
a4:58:ef:7d:bc:01:1a:76:78:b8:fa:bd:40:0a:f1:b1:4a:1e:
fc:30:a0:3f:1e:e7:b7:31:f5:23:22:ae:9a:41:97:0a:a1:a7:
27:8e:db:2a:b2:f8:af:63:49:06:61:d8:cd:89:ab:26:3d:84:
1b:ad:43:5c
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXWLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzIyMTAxNTQzWhcNMjUwNTAzMTAxNTQzWjAYMRYw
FAYDVQQDEw02N2RlOGRkMy04Y2QxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAomPz5noNA4A2wUlUdc8cBiUgHdi6nRfyABzrqnrIWMIjYJfp5HqGpnFj
cxXeTdiBpsQ2Q+ipBMBi3qrOEKMaZW6kAn2gt4hedvUZYKHTxAuIH6cIxUIS+V33
wMwEABKEdKynBHe6qrowF7acM6idSoV++Wnlny4eRDysYCKl9okIarpXNBFUoXOj
CQ3ie/AJsdJS3jN/PaIBh43c86rcskNoXhsBd4jxuz+zbPVOUdpqz0c7wGeE1ble
r/xWAKIuW/C236RkVD5JNduwxFuQvSVnbZ0110AI2ouc/6HVZkSABi0oHhhGZ3yt
eMe/Is8OoTrtbrvqaE5xYwaNnv7l0wIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFPOt
dyVeLQ2YEMo7jakMpYrl8TlTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85RjI0QjE1NDA3MDYxMUYwOUYyNzUzQTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmlggAwQAmlgpMA0GCSqG
SIb3DQEBCwUAA4IBAQAXo69fohQTboKHRXQddCN/lUNILjhkjqIhEKoizmueDJYJ
N8YIcrRkORlhuJJEm+NdII95gUHkkljtBftslTJ6ETTJvFoULQEAtrBDivJ3xR4t
fXQlE45TXyQhodFnJvr/uvcBbX7yq8HnPkaNKGX3o9zI/cRy5eXI8cIgfNeRaPIR
Hji4sGd/r1y2EqF9B6Dwv6cPZBsDr1ZwMjdkrtUKjIElucgFaZvUfOalKGZK15O+
TpCpdaMPBA5lG+K7Yf0Fby3vnBCkWO99vAEadni4+r1ACvGxSh78MKA/Hue3MfUj
Iq6aQZcKoacnjtsqsvivY0kGYdjNiasmPYQbrUNc
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:39 2025 by rpki-client