Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B04E389CE9EC11EFB39C1693762E951A.roa
File: B04E389CE9EC11EFB39C1693762E951A.roa (raw, json)
Hash identifier: y3Wm2vo84oVhdpYhz9kLgOo8oICZXhcm5sO5xZifcME=
Subject key identifier: 14:39:4A:29:CC:F5:5A:0B:5B:36:D8:51:4D:96:E2:DF:17:F9:48:63
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0156C6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B04E389CE9EC11EFB39C1693762E951A.roa
Signing time: Thu 13 Feb 2025 09:27:05 +0000
ROA not before: Thu 13 Feb 2025 09:27:01 +0000
ROA not after: Sat 31 Jan 2026 09:27:01 +0000
asID: 135600
IP address blocks: 154.196.240.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87750 (0x156c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 13 09:27:01 2025 GMT
Not After : Jan 31 09:27:01 2026 GMT
Subject: CN=67adbae9-2ed6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0b:6f:e3:30:f7:fc:4d:71:85:2a:8f:75:b5:
ed:de:69:ec:a8:68:5d:74:0e:7d:fa:a0:c4:9b:c7:
2d:67:16:39:ab:4f:17:85:08:fc:e2:83:78:eb:f0:
1c:08:e0:bb:18:a1:83:7f:6e:1a:40:b7:94:ac:3b:
94:ac:72:f8:8d:42:e5:a4:7e:ee:b1:9a:d8:62:6d:
f4:39:8d:a6:87:a0:e4:c7:dd:ff:a3:0f:6b:66:e9:
3b:51:72:88:03:9e:a0:49:2a:d8:b3:2e:cd:3b:10:
ab:a4:34:5e:72:94:e7:b5:6c:3a:83:16:e3:da:b2:
3c:1a:54:93:21:bc:ef:fe:83:37:22:77:b1:2f:bc:
e8:bb:eb:c7:89:8e:b6:ba:da:a2:34:54:ce:a9:e3:
b3:c0:39:f1:40:2e:45:20:b9:3f:d8:2b:ae:52:ac:
23:05:3d:11:57:79:b9:44:c2:0b:f7:83:18:58:6a:
60:85:ac:aa:7b:2d:d9:a3:7b:ce:85:76:4d:cf:ad:
9f:3f:55:f3:b4:fd:46:7c:0c:b9:e6:fc:98:5f:66:
90:5f:4b:07:e8:45:55:80:f4:d0:9f:17:71:f0:af:
bd:74:39:5b:e7:2d:67:84:18:ba:8e:97:7d:a2:8e:
62:2f:f9:e0:87:97:83:9e:62:ab:51:d2:c8:a3:0e:
f9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:39:4A:29:CC:F5:5A:0B:5B:36:D8:51:4D:96:E2:DF:17:F9:48:63
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B04E389CE9EC11EFB39C1693762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.240.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:40:f7:1a:4f:a9:a9:f8:98:22:67:48:d0:1f:36:71:4f:3f:
e9:29:46:9b:4d:6a:d5:90:a8:6e:fc:c4:bf:56:78:08:d4:cc:
d2:d1:3b:8e:a3:1a:2f:4a:c6:c8:2d:1d:60:e3:cd:d2:88:54:
b0:b7:4b:c2:c4:60:c2:c0:9d:9c:e3:ea:b8:ae:98:3a:79:76:
c9:e3:56:a5:43:f1:ec:3a:7a:ab:20:4d:17:cd:96:b0:3a:ad:
b0:55:dc:f8:19:84:15:0c:c8:6a:b4:63:19:a4:38:a8:f3:d6:
53:9c:04:67:9d:11:a2:63:2c:f5:cd:7b:8f:cc:14:57:c3:97:
ea:20:65:de:b5:0c:b9:a1:02:65:c9:40:64:a9:06:79:bb:6d:
94:92:78:d4:8a:de:1b:e8:13:f2:34:fe:97:27:a5:ed:9a:96:
31:ec:b0:9d:57:e5:f8:7a:58:f5:ed:83:5d:cf:80:ef:5a:e4:
3e:e1:66:ac:4a:d9:d0:77:6b:75:c2:8b:a9:33:85:d7:e6:61:
33:7d:ae:6e:79:34:3d:51:a0:3a:b8:a7:95:e4:a7:4c:13:7d:
65:b4:84:db:aa:af:7b:84:40:36:b8:2b:64:d8:42:95:04:e4:
73:8b:d8:8a:e5:a1:7d:6b:c9:f7:24:e2:08:47:bd:75:ce:b8:
a2:fd:8d:c6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVbGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjEzMDkyNzAxWhcNMjYwMTMxMDkyNzAxWjAYMRYw
FAYDVQQDEw02N2FkYmFlOS0yZWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmwtv4zD3/E1xhSqPdbXt3mnsqGhddA59+qDEm8ctZxY5q08XhQj84oN4
6/AcCOC7GKGDf24aQLeUrDuUrHL4jULlpH7usZrYYm30OY2mh6Dkx93/ow9rZuk7
UXKIA56gSSrYsy7NOxCrpDRecpTntWw6gxbj2rI8GlSTIbzv/oM3InexL7zou+vH
iY62utqiNFTOqeOzwDnxQC5FILk/2CuuUqwjBT0RV3m5RMIL94MYWGpghayqey3Z
o3vOhXZNz62fP1XztP1GfAy55vyYX2aQX0sH6EVVgPTQnxdx8K+9dDlb5y1nhBi6
jpd9oo5iL/ngh5eDnmKrUdLIow75vQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBQ5
SinM9VoLWzbYUU2W4t8X+UhjMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMDRFMzg5Q0U5RUMxMUVGQjM5QzE2OTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsTwMA0GCSqGSIb3DQEB
CwUAA4IBAQBsQPcaT6mp+JgiZ0jQHzZxTz/pKUabTWrVkKhu/MS/VngI1MzS0TuO
oxovSsbILR1g483SiFSwt0vCxGDCwJ2c4+q4rpg6eXbJ41alQ/HsOnqrIE0XzZaw
Oq2wVdz4GYQVDMhqtGMZpDio89ZTnARnnRGiYyz1zXuPzBRXw5fqIGXetQy5oQJl
yUBkqQZ5u22UknjUit4b6BPyNP6XJ6XtmpYx7LCdV+X4elj17YNdz4DvWuQ+4Was
StnQd2t1woupM4XX5mEzfa5ueTQ9UaA6uKeV5KdME31ltITbqq97hEA2uCtk2EKV
BORzi9iK5aF9a8n3JOIIR711zrii/Y3G
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:50:30 2025 by rpki-client