Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF38749CC8B911EFAC97CA85762E951A.roa
File: CF38749CC8B911EFAC97CA85762E951A.roa (raw, json)
Hash identifier: xX/RgR6mCocM+rOa1PGsnKQZhyo++9mNnfmy8VSr0XI=
Subject key identifier: B2:41:CE:C1:4B:BE:47:4E:FB:A9:2D:69:46:4E:9C:59:83:F4:0B:FD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0131C4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF38749CC8B911EFAC97CA85762E951A.roa
Signing time: Thu 02 Jan 2025 03:29:44 +0000
ROA not before: Thu 02 Jan 2025 03:29:41 +0000
ROA not after: Sat 13 Dec 2025 03:29:41 +0000
asID: 984
IP address blocks: 154.220.190.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78276 (0x131c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 03:29:41 2025 GMT
Not After : Dec 13 03:29:41 2025 GMT
Subject: CN=67760828-b9ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b7:21:2a:65:00:6e:dc:5e:57:75:38:d9:16:
0a:f3:83:a7:43:c1:cc:17:c8:b9:09:1c:f5:da:ad:
b9:e7:f4:e9:cd:02:0b:ce:3f:99:55:4f:ad:1e:3f:
88:a2:5d:2e:35:ce:fd:69:e0:76:5d:c5:2c:c2:73:
3b:e7:9a:d1:cc:26:1f:60:8d:ce:1c:ff:1d:29:4c:
c4:f8:66:8a:3b:a2:97:3d:eb:85:9e:93:94:ba:e0:
f0:b5:bb:48:0c:09:d5:57:e1:7d:77:14:12:ad:0d:
29:05:0b:4d:1d:43:f8:0c:ec:42:d8:fd:f1:b6:ef:
76:b2:bf:cc:07:23:3a:f7:6f:83:2f:99:dd:26:ec:
14:c3:26:e6:31:8e:b4:b4:0f:52:c6:0e:20:92:fa:
20:e8:cf:67:a0:1c:f2:cf:5a:5d:58:46:7a:c2:f1:
3e:d6:3e:b7:af:9d:47:89:ee:af:d1:43:28:b9:99:
dd:34:8a:26:43:cf:53:79:34:66:11:83:a1:31:10:
fd:e9:2f:7e:b4:0b:58:38:bf:03:3e:20:2a:e0:79:
37:c8:62:ad:5d:fe:f3:c6:7e:bd:29:5d:78:00:ff:
c9:71:74:2f:6b:8c:be:fa:e5:63:e9:c3:93:ce:a4:
fa:58:45:fb:ab:14:5d:6f:9b:25:8a:1a:c6:5b:e0:
0f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:41:CE:C1:4B:BE:47:4E:FB:A9:2D:69:46:4E:9C:59:83:F4:0B:FD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF38749CC8B911EFAC97CA85762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.190.0/24
Signature Algorithm: sha256WithRSAEncryption
22:64:9c:75:62:19:f3:02:8a:a0:b8:2d:23:ae:86:74:80:f2:
40:40:ad:f0:1e:7f:78:b4:36:23:15:13:78:c5:38:18:b6:f7:
4a:1b:de:d3:97:fd:4a:cc:da:00:9e:21:ec:90:5e:2c:3b:14:
43:14:f1:b5:09:ef:29:13:db:7e:39:4c:92:11:c6:63:27:ed:
38:ae:11:90:c5:43:b3:4c:5c:ae:e0:cf:84:ab:bb:80:fe:5f:
fb:69:da:ae:6a:6f:2e:19:9b:a7:86:49:96:6e:00:05:97:dd:
b4:ac:6a:bf:8e:fb:c5:de:cd:92:48:b6:8c:d6:1a:b2:d1:29:
20:60:0b:9d:68:72:03:a0:16:92:0d:c9:03:84:49:15:da:eb:
f0:ef:fd:12:64:af:0e:e1:c6:42:17:33:b4:ae:f4:37:0d:e6:
3c:56:cd:d2:7e:91:1b:7f:7c:af:cc:80:a9:14:21:ec:62:3b:
c4:4a:37:c2:87:24:54:c6:dd:f1:71:68:cd:50:7f:a1:05:d4:
b6:c6:a6:27:64:c9:76:ff:0e:4d:38:0d:0a:be:d8:76:c1:26:
0c:01:ec:ea:f8:9c:f0:88:b3:33:7f:79:e3:25:dd:8a:81:b8:
9a:7e:12:00:09:20:23:98:f1:4d:8a:1a:91:2f:0c:84:15:6f:
39:05:6b:0e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATHEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMDMyOTQxWhcNMjUxMjEzMDMyOTQxWjAYMRYw
FAYDVQQDEw02Nzc2MDgyOC1iOWFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA17chKmUAbtxeV3U42RYK84OnQ8HMF8i5CRz12q255/TpzQILzj+ZVU+t
Hj+Iol0uNc79aeB2XcUswnM755rRzCYfYI3OHP8dKUzE+GaKO6KXPeuFnpOUuuDw
tbtIDAnVV+F9dxQSrQ0pBQtNHUP4DOxC2P3xtu92sr/MByM692+DL5ndJuwUwybm
MY60tA9Sxg4gkvog6M9noBzyz1pdWEZ6wvE+1j63r51Hie6v0UMouZndNIomQ89T
eTRmEYOhMRD96S9+tAtYOL8DPiAq4Hk3yGKtXf7zxn69KV14AP/JcXQva4y++uVj
6cOTzqT6WEX7qxRdb5slihrGW+APqwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLJB
zsFLvkdO+6ktaUZOnFmD9Av9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRjM4NzQ5Q0M4QjkxMUVGQUM5N0NBODU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmty+MA0GCSqGSIb3DQEB
CwUAA4IBAQAiZJx1YhnzAoqguC0jroZ0gPJAQK3wHn94tDYjFRN4xTgYtvdKG97T
l/1KzNoAniHskF4sOxRDFPG1Ce8pE9t+OUySEcZjJ+04rhGQxUOzTFyu4M+Eq7uA
/l/7adquam8uGZunhkmWbgAFl920rGq/jvvF3s2SSLaM1hqy0SkgYAudaHIDoBaS
DckDhEkV2uvw7/0SZK8O4cZCFzO0rvQ3DeY8Vs3SfpEbf3yvzICpFCHsYjvESjfC
hyRUxt3xcWjNUH+hBdS2xqYnZMl2/w5NOA0Kvth2wSYMAezq+JzwiLMzf3njJd2K
gbiafhIACSAjmPFNihqRLwyEFW85BWsO
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:54 2025 by rpki-client