Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0AD9F70FF3511EFAE76125D762E951A.roa
File: D0AD9F70FF3511EFAE76125D762E951A.roa (raw, json)
Hash identifier: 5OX79pNhcZAL7JEIQCARvomrKe8EQ/+ndzab8w0zuOQ=
Subject key identifier: 81:31:76:97:0D:97:B3:E7:7D:D9:A5:6D:57:1E:FE:B5:76:9C:C0:0D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0173FE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0AD9F70FF3511EFAE76125D762E951A.roa
Signing time: Wed 12 Mar 2025 11:33:27 +0000
ROA not before: Wed 12 Mar 2025 11:33:17 +0000
ROA not after: Thu 08 May 2025 11:33:17 +0000
asID: 149014
IP address blocks: 154.223.168.0/22 maxlen: 24
154.223.176.0/22 maxlen: 24
154.223.180.0/22 maxlen: 24
154.223.188.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95230 (0x173fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 12 11:33:17 2025 GMT
Not After : May 8 11:33:17 2025 GMT
Subject: CN=67d17107-1d85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ee:ae:84:af:ca:92:99:c7:93:cc:91:99:ae:
83:f6:8f:e3:3c:da:22:a5:09:ff:33:67:9d:88:6d:
e2:ad:d6:3f:f7:53:da:16:8d:34:a8:d0:c1:20:a3:
e8:ce:f4:05:00:64:e4:74:bc:b2:5b:87:3c:dd:a8:
10:0e:75:b5:11:30:cb:9b:bf:1e:0b:e9:62:dd:12:
74:8e:9c:93:95:19:52:0e:2d:9a:c9:b6:47:a9:15:
fd:0b:07:13:96:44:2d:f1:54:48:fa:74:3a:6f:c4:
d5:c0:8b:a7:65:99:d5:c7:65:14:52:51:04:30:fe:
be:09:a8:de:90:15:90:1b:f0:18:29:72:8f:43:94:
25:4a:71:25:67:e7:35:6c:17:4a:16:6d:a1:a2:0d:
51:c0:ec:94:b8:12:e1:ec:4c:3b:d7:00:ab:8a:64:
62:c0:e3:ec:92:1e:0b:51:ec:07:82:94:f2:f6:15:
27:5c:6a:86:22:d2:b2:23:7e:11:13:f7:42:ca:1f:
81:f8:dc:f8:57:d3:8c:55:4c:6c:f5:5c:f0:85:e5:
90:4b:f1:b6:31:55:ed:09:93:dc:4a:8d:23:d2:00:
b1:18:32:eb:7d:b7:55:20:68:2e:cc:08:eb:4e:e2:
b9:ab:eb:b4:a8:1e:2f:ac:88:8d:0d:bb:29:79:3e:
df:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:31:76:97:0D:97:B3:E7:7D:D9:A5:6D:57:1E:FE:B5:76:9C:C0:0D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0AD9F70FF3511EFAE76125D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.168.0/22
154.223.176.0/21
154.223.188.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:09:38:ed:88:88:cf:89:ae:ed:46:aa:4a:07:8d:36:d1:2d:
c2:eb:1d:a1:29:e4:db:43:64:8c:75:07:ef:c6:9b:44:35:22:
54:21:50:6c:94:3d:04:06:94:03:cc:f0:ee:69:55:69:fe:74:
68:6d:19:ee:d0:63:18:54:e9:08:97:28:b6:3e:e1:99:35:b6:
9f:40:de:30:65:f2:64:16:1e:70:67:95:a9:f7:e1:02:0f:7c:
c9:dd:31:3e:5e:fa:7a:a8:15:ed:75:af:6e:2c:2f:f7:71:69:
d8:ff:ec:1f:d6:d2:d0:fb:d3:62:9e:09:c2:1d:2e:a2:20:37:
cd:1c:ff:20:cc:92:34:52:86:53:67:d2:ef:ba:d2:4a:29:c1:
06:d4:92:58:e5:fd:47:74:9a:85:04:9a:97:c1:e5:1a:e5:96:
62:30:84:ad:96:ff:ca:70:52:e3:b8:91:e7:d5:70:5d:16:48:
1d:0b:c1:6d:4d:41:96:45:11:5b:db:1c:ed:6a:85:fa:43:86:
95:34:db:9e:05:be:de:3b:a0:e5:bc:19:ed:4b:76:ef:78:f8:
b9:b0:a5:3a:0f:9c:a7:c7:fd:c0:2e:aa:ec:72:4b:ca:c5:be:
a4:4c:61:c9:5a:2c:67:f5:ca:30:16:15:3b:60:6c:f5:cb:40:
15:24:c1:24
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAXP+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzEyMTEzMzE3WhcNMjUwNTA4MTEzMzE3WjAYMRYw
FAYDVQQDEw02N2QxNzEwNy0xZDg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt+6uhK/KkpnHk8yRma6D9o/jPNoipQn/M2ediG3irdY/91PaFo00qNDB
IKPozvQFAGTkdLyyW4c83agQDnW1ETDLm78eC+li3RJ0jpyTlRlSDi2aybZHqRX9
CwcTlkQt8VRI+nQ6b8TVwIunZZnVx2UUUlEEMP6+CajekBWQG/AYKXKPQ5QlSnEl
Z+c1bBdKFm2hog1RwOyUuBLh7Ew71wCrimRiwOPskh4LUewHgpTy9hUnXGqGItKy
I34RE/dCyh+B+Nz4V9OMVUxs9VzwheWQS/G2MVXtCZPcSo0j0gCxGDLrfbdVIGgu
zAjrTuK5q+u0qB4vrIiNDbspeT7f4QIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFIEx
dpcNl7PnfdmlbVce/rV2nMANMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMEFEOUY3MEZGMzUxMUVGQUU3NjEyNUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCmt+oAwQDmt+wAwQCmt+8
MA0GCSqGSIb3DQEBCwUAA4IBAQANCTjtiIjPia7tRqpKB4020S3C6x2hKeTbQ2SM
dQfvxptENSJUIVBslD0EBpQDzPDuaVVp/nRobRnu0GMYVOkIlyi2PuGZNbafQN4w
ZfJkFh5wZ5Wp9+ECD3zJ3TE+Xvp6qBXtda9uLC/3cWnY/+wf1tLQ+9NingnCHS6i
IDfNHP8gzJI0UoZTZ9LvutJKKcEG1JJY5f1HdJqFBJqXweUa5ZZiMIStlv/KcFLj
uJHn1XBdFkgdC8FtTUGWRRFb2xztaoX6Q4aVNNueBb7eO6DlvBntS3bvePi5sKU6
D5ynx/3ALqrsckvKxb6kTGHJWixn9cowFhU7YGz1y0AVJMEk
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:14:31 2025 by rpki-client