Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A5FDF3C4F62F11EFA0DB8C94762E951A.roa
File: A5FDF3C4F62F11EFA0DB8C94762E951A.roa (raw, json)
Hash identifier: AZiQP6E6G8UdW74pmVcTL0uFf7452L5A4QuF72kZdN0=
Subject key identifier: D6:10:97:F3:E1:9D:C8:3B:8B:D4:5D:AC:07:B2:9E:99:33:9E:2D:9F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016CEF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A5FDF3C4F62F11EFA0DB8C94762E951A.roa
Signing time: Fri 28 Feb 2025 23:56:38 +0000
ROA not before: Fri 28 Feb 2025 23:56:34 +0000
ROA not after: Sat 19 Apr 2025 23:56:34 +0000
asID: 138915
IP address blocks: 154.93.56.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93423 (0x16cef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 28 23:56:34 2025 GMT
Not After : Apr 19 23:56:34 2025 GMT
Subject: CN=67c24d36-cc58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:61:eb:c4:f5:f7:95:65:31:55:7e:98:54:bd:
0b:16:2d:50:17:9e:de:8b:ab:cb:cb:2e:15:6c:83:
8b:ca:5c:30:e2:84:78:21:ed:fb:fb:07:41:20:71:
61:fd:94:94:d3:7e:2e:e4:0f:6f:a1:98:3e:56:f2:
1a:63:0a:b3:67:c8:d3:cc:1a:c9:20:78:90:82:55:
81:40:b4:23:52:02:56:17:18:e2:4b:14:df:29:16:
6a:ba:8a:d1:40:56:a5:df:30:b0:ec:7d:6b:64:f4:
a8:5e:85:c0:15:ca:f9:8c:81:96:cd:a1:85:72:90:
b1:18:80:98:6c:40:ba:a5:64:30:37:49:ad:61:3f:
f0:8a:bc:a4:74:2c:d9:93:68:77:3c:e7:2a:ba:3a:
87:94:ed:b4:ce:81:7c:16:ad:5a:a4:be:55:15:43:
fb:c5:e4:67:91:26:67:ef:a3:11:e3:d8:a6:6c:0e:
95:c8:08:f0:3e:e1:1c:26:e8:2f:45:f2:ea:7b:74:
d4:e6:99:f1:b9:f7:09:75:5c:35:71:93:83:31:ad:
5b:20:50:e9:f9:ed:a8:bd:b4:4b:aa:19:d4:a7:e4:
69:f4:b5:09:ff:30:0e:f9:e7:f3:35:4a:5c:e1:da:
8a:1b:7f:72:6f:c2:27:60:04:fa:69:8c:23:55:9f:
ee:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:10:97:F3:E1:9D:C8:3B:8B:D4:5D:AC:07:B2:9E:99:33:9E:2D:9F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A5FDF3C4F62F11EFA0DB8C94762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.56.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:ef:bf:32:79:2a:7f:d9:c0:4d:c0:21:4d:c9:ae:2c:b1:b7:
19:14:08:32:3b:c3:e5:15:3b:43:e7:e4:b3:04:2b:b4:87:c8:
ef:98:01:9a:b8:63:40:53:3c:be:e8:fc:12:38:bf:25:d6:c9:
7e:d7:7a:6e:ea:7c:b0:b5:6c:98:fc:d3:73:c9:9a:b9:47:6d:
60:e3:5d:4b:1d:89:3b:16:5f:55:08:f8:ba:9b:b3:c5:97:6a:
e7:ba:65:12:e1:3c:0b:85:67:2d:90:78:9f:bc:f2:41:54:91:
21:d0:c7:c5:b6:9b:af:0c:7d:50:86:03:96:23:7b:8b:3d:0e:
48:50:1e:e8:63:82:e9:57:51:e8:28:0d:83:07:22:06:77:77:
6d:6b:51:cd:2a:90:9e:25:93:c1:50:b5:8c:38:65:62:d0:84:
80:30:c5:5e:45:93:aa:c9:31:ac:72:8b:b1:3f:54:4b:d4:92:
fd:94:bc:0a:3c:02:f2:b1:b1:99:96:67:ce:13:86:85:54:b2:
9a:76:dd:02:ad:70:84:b4:1f:25:02:57:2d:af:ac:70:ba:33:
3c:c6:4e:76:8f:a8:1e:56:23:90:56:93:45:1b:70:8d:c0:c7:
2c:72:35:1b:52:29:24:11:48:4b:24:ac:94:05:12:0c:ff:6b:
51:c4:fc:2e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWzvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjM1NjM0WhcNMjUwNDE5MjM1NjM0WjAYMRYw
FAYDVQQDEw02N2MyNGQzNi1jYzU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuGHrxPX3lWUxVX6YVL0LFi1QF57ei6vLyy4VbIOLylww4oR4Ie37+wdB
IHFh/ZSU034u5A9voZg+VvIaYwqzZ8jTzBrJIHiQglWBQLQjUgJWFxjiSxTfKRZq
uorRQFal3zCw7H1rZPSoXoXAFcr5jIGWzaGFcpCxGICYbEC6pWQwN0mtYT/wiryk
dCzZk2h3POcqujqHlO20zoF8Fq1apL5VFUP7xeRnkSZn76MR49imbA6VyAjwPuEc
JugvRfLqe3TU5pnxufcJdVw1cZODMa1bIFDp+e2ovbRLqhnUp+Rp9LUJ/zAO+efz
NUpc4dqKG39yb8InYAT6aYwjVZ/uNwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNYQ
l/Phncg7i9RdrAeynpkzni2fMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BNUZERjNDNEY2MkYxMUVGQTBEQjhDOTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBml04MA0GCSqGSIb3DQEB
CwUAA4IBAQCK778yeSp/2cBNwCFNya4ssbcZFAgyO8PlFTtD5+SzBCu0h8jvmAGa
uGNAUzy+6PwSOL8l1sl+13pu6nywtWyY/NNzyZq5R21g411LHYk7Fl9VCPi6m7PF
l2rnumUS4TwLhWctkHifvPJBVJEh0MfFtpuvDH1QhgOWI3uLPQ5IUB7oY4LpV1Ho
KA2DByIGd3dta1HNKpCeJZPBULWMOGVi0ISAMMVeRZOqyTGscouxP1RL1JL9lLwK
PALysbGZlmfOE4aFVLKadt0CrXCEtB8lAlctr6xwujM8xk52j6geViOQVpNFG3CN
wMcscjUbUikkEUhLJKyUBRIM/2tRxPwu
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:05:47 2025 by rpki-client