Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF593C8E094511F0A256EB62762E951A.roa
File: AF593C8E094511F0A256EB62762E951A.roa (raw, json)
Hash identifier: m1KVOrdOaA2yTco6/RRoUVRM2sKuyw+PqVreS1eYWa0=
Subject key identifier: 1A:E1:C9:16:94:1C:19:77:B5:54:9A:24:B4:B0:50:DE:0B:70:5A:89
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0175ED
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF593C8E094511F0A256EB62762E951A.roa
Signing time: Tue 25 Mar 2025 06:52:15 +0000
ROA not before: Tue 25 Mar 2025 06:52:11 +0000
ROA not after: Thu 01 May 2025 06:52:11 +0000
asID: 398704
IP address blocks: 154.92.128.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95725 (0x175ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 25 06:52:11 2025 GMT
Not After : May 1 06:52:11 2025 GMT
Subject: CN=67e2529f-f852
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:de:25:8d:b5:2d:21:a7:f6:cc:d2:0a:af:89:
74:5e:84:9c:70:bc:b3:c8:30:b7:73:b5:bd:3e:20:
ea:53:f3:07:5f:56:30:ff:67:97:0f:71:82:5d:24:
0f:07:d2:94:f4:d8:9f:26:f2:5c:41:3b:24:4f:04:
fc:2e:24:d4:4b:aa:31:37:cd:59:15:e7:bb:7d:87:
b2:c0:c2:2d:65:f5:ee:62:23:c2:f4:4f:52:62:4e:
52:8a:62:39:59:9a:d9:d1:0f:47:ac:45:58:06:0c:
5e:4c:12:e1:49:e3:24:f6:69:ba:ad:99:75:28:19:
0a:00:64:6d:d6:72:94:2b:e0:8e:b0:44:c7:2d:ae:
55:ae:3a:f0:18:13:c7:ee:31:56:80:07:68:5a:9f:
4e:6b:56:cd:d4:f5:2b:e8:8a:65:de:c0:1b:80:3a:
26:52:dd:8e:41:83:5a:1b:53:83:5b:98:dc:93:80:
92:3f:23:25:a3:99:f1:03:e6:57:10:fc:91:ee:d4:
ea:62:7b:06:a4:10:34:57:93:44:8f:e6:40:c6:e1:
10:db:10:9e:93:e3:0b:05:af:59:51:14:21:c1:bd:
6c:75:6a:d4:02:62:41:07:14:cb:16:d7:4b:fe:01:
a5:5e:09:a5:cf:be:30:46:e8:33:32:77:31:51:8e:
4f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:E1:C9:16:94:1C:19:77:B5:54:9A:24:B4:B0:50:DE:0B:70:5A:89
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF593C8E094511F0A256EB62762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.128.0/21
Signature Algorithm: sha256WithRSAEncryption
4c:41:7c:c9:ff:87:9d:39:7c:40:62:bb:e2:10:00:50:cc:3c:
33:42:1b:53:e0:1d:57:65:c8:aa:d6:fa:3f:e7:51:d0:68:f2:
ce:41:59:f9:94:eb:88:59:3e:7a:3e:a5:f2:07:f5:83:a3:f6:
31:38:4b:47:be:00:a1:58:6f:f3:aa:bb:f0:02:1b:2e:d7:6b:
83:e4:03:9b:34:3f:1d:cf:63:f8:84:4e:1d:cc:22:e0:ec:dd:
23:1e:39:6b:5e:a6:06:84:a6:b2:58:94:89:56:74:9f:85:53:
a1:f0:63:02:2a:ef:3a:54:3a:7e:bc:60:ca:74:3e:27:a6:3a:
bd:d5:16:d1:f4:ff:45:7a:53:d1:93:0c:c8:f3:0e:d5:f5:f1:
6e:6f:c7:c8:89:9f:11:31:29:d6:15:2c:07:51:9b:2b:17:4a:
1a:0a:22:e5:48:66:5f:7a:0e:40:1b:c3:9b:c8:14:7e:0f:f6:
cb:e9:b9:00:37:89:d4:86:3a:3d:ae:f5:38:d7:57:24:ee:bd:
2f:70:30:76:51:55:d4:fc:46:21:e7:67:b5:67:0e:44:f5:79:
85:e2:26:16:00:13:90:56:18:64:6d:44:89:b2:56:5e:2c:07:
93:e4:c9:7b:c2:ca:64:9a:c5:c3:57:dc:58:97:3b:b5:2d:15:
04:ef:44:44
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXXtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI1MDY1MjExWhcNMjUwNTAxMDY1MjExWjAYMRYw
FAYDVQQDEw02N2UyNTI5Zi1mODUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6N4ljbUtIaf2zNIKr4l0XoSccLyzyDC3c7W9PiDqU/MHX1Yw/2eXD3GC
XSQPB9KU9NifJvJcQTskTwT8LiTUS6oxN81ZFee7fYeywMItZfXuYiPC9E9SYk5S
imI5WZrZ0Q9HrEVYBgxeTBLhSeMk9mm6rZl1KBkKAGRt1nKUK+COsETHLa5Vrjrw
GBPH7jFWgAdoWp9Oa1bN1PUr6Ipl3sAbgDomUt2OQYNaG1ODW5jck4CSPyMlo5nx
A+ZXEPyR7tTqYnsGpBA0V5NEj+ZAxuEQ2xCek+MLBa9ZURQhwb1sdWrUAmJBBxTL
FtdL/gGlXgmlz74wRugzMncxUY5PAQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBrh
yRaUHBl3tVSaJLSwUN4LcFqJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRjU5M0M4RTA5NDUxMUYwQTI1NkVCNjI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmlyAMA0GCSqGSIb3DQEB
CwUAA4IBAQBMQXzJ/4edOXxAYrviEABQzDwzQhtT4B1XZciq1vo/51HQaPLOQVn5
lOuIWT56PqXyB/WDo/YxOEtHvgChWG/zqrvwAhsu12uD5AObND8dz2P4hE4dzCLg
7N0jHjlrXqYGhKayWJSJVnSfhVOh8GMCKu86VDp+vGDKdD4npjq91RbR9P9FelPR
kwzI8w7V9fFub8fIiZ8RMSnWFSwHUZsrF0oaCiLlSGZfeg5AG8ObyBR+D/bL6bkA
N4nUhjo9rvU411ck7r0vcDB2UVXU/EYh52e1Zw5E9XmF4iYWABOQVhhkbUSJslZe
LAeT5Ml7wspkmsXDV9xYlzu1LRUE70RE
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:41 2025 by rpki-client