Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AED6971EF5B511EF996C885C762E951A.roa
File: AED6971EF5B511EF996C885C762E951A.roa (raw, json)
Hash identifier: jHlJy3ilSacwu4U8kAa1hFEZSjxEgzpovQjBOlsAKwg=
Subject key identifier: D1:BB:44:6B:8C:09:AE:BA:EE:E7:78:C4:44:2B:D8:35:D2:EC:F4:27
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016A41
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AED6971EF5B511EF996C885C762E951A.roa
Signing time: Fri 28 Feb 2025 09:23:34 +0000
ROA not before: Fri 28 Feb 2025 09:23:31 +0000
ROA not after: Sat 29 Mar 2025 09:23:31 +0000
asID: 23470
IP address blocks: 154.202.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92737 (0x16a41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 28 09:23:31 2025 GMT
Not After : Mar 29 09:23:31 2025 GMT
Subject: CN=67c18096-3a03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:14:0d:d2:a2:8e:ec:c3:7f:a4:67:c7:4a:f3:
84:9a:a2:72:40:14:7e:6e:a1:14:62:40:90:55:66:
b3:72:94:0b:d2:c3:cc:4f:49:75:65:a3:40:c1:14:
8a:ac:8c:5d:e4:87:78:50:08:8e:85:17:30:bd:1e:
6d:de:1e:5a:e2:a3:d7:ae:90:47:f2:5f:72:ef:f5:
6c:2b:d4:26:7f:9d:75:62:6f:95:33:a6:03:14:46:
b4:42:15:ce:25:dc:30:bb:8a:c1:3c:b2:f4:b4:79:
92:ee:28:c6:55:a8:b8:fb:a6:fc:75:f2:66:b6:3a:
ca:31:16:23:4c:7d:72:1c:04:61:a0:53:1a:fc:aa:
01:d3:b7:d6:f6:42:60:a0:35:29:ce:7a:d5:18:01:
25:2f:be:ba:6f:6e:7d:da:ab:3e:9b:b5:ac:21:e5:
91:90:52:b4:92:42:aa:52:c5:69:42:cc:41:71:a5:
7a:5a:56:9e:8a:2b:59:e1:48:a9:fa:3d:ca:5c:61:
7a:ac:9e:2d:53:fd:95:ee:5a:12:35:9a:74:be:28:
24:6a:0e:ae:c2:d5:ae:ec:31:1c:1b:49:17:41:ab:
8c:e7:40:20:1a:64:20:08:ac:1d:a7:cf:38:33:06:
a3:5c:fc:cc:75:bb:35:74:e6:ca:0f:59:dc:36:87:
79:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:BB:44:6B:8C:09:AE:BA:EE:E7:78:C4:44:2B:D8:35:D2:EC:F4:27
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AED6971EF5B511EF996C885C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.0.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:1a:16:e3:86:cd:d1:13:69:55:03:33:fb:48:87:16:b0:05:
5a:d2:25:03:99:41:dc:79:eb:00:25:8f:e3:ab:a5:27:8f:5a:
1e:24:f6:28:cc:b7:db:0b:d5:4f:2f:d6:9e:5a:f9:60:89:1a:
a2:cf:24:89:35:33:9a:92:68:19:4f:b2:87:da:8b:c9:0c:2c:
af:28:c2:d4:97:6b:19:9a:14:33:38:9b:b0:23:5c:93:de:86:
62:84:e8:fc:79:a9:e7:d4:a3:5a:9e:d1:30:b3:55:6a:6f:59:
ae:de:75:e3:01:24:00:df:1f:f1:65:04:65:5f:f5:f2:29:85:
85:e1:06:e9:79:8b:bc:6a:30:d6:d2:2f:4d:32:71:7c:03:7e:
0e:b9:16:d2:b6:c3:b3:3e:7f:b9:9f:b4:c1:80:f1:4b:44:4a:
e9:4d:d2:61:6f:57:c2:a6:86:27:50:7d:38:7d:e1:41:26:61:
7f:1b:c5:ec:b5:05:c7:4a:81:9a:c6:15:1a:2d:ea:85:3e:76:
fe:f9:ce:b1:8c:19:79:91:fa:bd:bd:1e:6f:70:12:8a:cb:96:
1e:eb:54:2f:f1:2a:2f:78:c2:a8:10:a2:cf:34:c8:bf:e1:1e:
1f:06:53:a7:85:c9:be:25:a5:98:53:89:98:7c:7d:b0:5b:9b:
ea:0f:6f:2f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWpBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MDkyMzMxWhcNMjUwMzI5MDkyMzMxWjAYMRYw
FAYDVQQDEw02N2MxODA5Ni0zYTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoxQN0qKO7MN/pGfHSvOEmqJyQBR+bqEUYkCQVWazcpQL0sPMT0l1ZaNA
wRSKrIxd5Id4UAiOhRcwvR5t3h5a4qPXrpBH8l9y7/VsK9Qmf511Ym+VM6YDFEa0
QhXOJdwwu4rBPLL0tHmS7ijGVai4+6b8dfJmtjrKMRYjTH1yHARhoFMa/KoB07fW
9kJgoDUpznrVGAElL766b2592qs+m7WsIeWRkFK0kkKqUsVpQsxBcaV6WlaeiitZ
4Uip+j3KXGF6rJ4tU/2V7loSNZp0vigkag6uwtWu7DEcG0kXQauM50AgGmQgCKwd
p884MwajXPzMdbs1dObKD1ncNod5MQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNG7
RGuMCa667ud4xEQr2DXS7PQnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRUQ2OTcxRUY1QjUxMUVGOTk2Qzg4NUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsoAMA0GCSqGSIb3DQEB
CwUAA4IBAQBbGhbjhs3RE2lVAzP7SIcWsAVa0iUDmUHceesAJY/jq6Unj1oeJPYo
zLfbC9VPL9aeWvlgiRqizySJNTOakmgZT7KH2ovJDCyvKMLUl2sZmhQzOJuwI1yT
3oZihOj8eann1KNantEws1Vqb1mu3nXjASQA3x/xZQRlX/XyKYWF4QbpeYu8ajDW
0i9NMnF8A34OuRbStsOzPn+5n7TBgPFLRErpTdJhb1fCpoYnUH04feFBJmF/G8Xs
tQXHSoGaxhUaLeqFPnb++c6xjBl5kfq9vR5vcBKKy5Ye61Qv8SoveMKoEKLPNMi/
4R4fBlOnhcm+JaWYU4mYfH2wW5vqD28v
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:03:46 2025 by rpki-client