Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D39D2914F5CE11EFADDD0687762E951A.roa
File: D39D2914F5CE11EFADDD0687762E951A.roa (raw, json)
Hash identifier: dPxzwRuSL+RGxK+H5n+LUjOl9iUlLt+p8DDi9RiBdVU=
Subject key identifier: AC:1A:30:54:43:CC:10:8C:FF:B6:21:93:90:65:08:8E:98:28:D6:1F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016B22
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D39D2914F5CE11EFADDD0687762E951A.roa
Signing time: Fri 28 Feb 2025 12:23:33 +0000
ROA not before: Fri 28 Feb 2025 12:23:30 +0000
ROA not after: Fri 11 Apr 2025 12:23:30 +0000
asID: 138915
IP address blocks: 154.203.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92962 (0x16b22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 28 12:23:30 2025 GMT
Not After : Apr 11 12:23:30 2025 GMT
Subject: CN=67c1aac5-47d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:10:15:b2:78:68:5b:40:a4:e6:80:e3:18:d8:
12:03:df:da:11:1d:80:17:5f:99:a5:bc:64:33:da:
86:51:8c:be:e9:cb:c5:cd:11:68:97:a2:52:a1:f0:
f4:8d:58:25:41:bb:a8:81:e5:2d:9f:23:d6:04:a0:
ea:e5:87:7d:0a:b4:23:31:ff:a5:c9:dc:46:7b:f3:
cf:9a:29:d7:fe:44:ff:63:76:9f:06:d6:44:2c:2c:
74:5b:ef:40:d8:9a:2a:30:dc:31:7f:bd:e7:82:84:
5f:e4:a8:ca:44:af:71:2e:31:bc:a7:e1:6a:a7:df:
34:00:a7:81:b4:3a:36:01:04:b9:0a:25:87:41:0a:
e0:f0:e1:d1:9f:13:7b:7b:03:0c:03:f2:45:3a:8f:
6e:f8:2e:6b:03:3a:1f:2c:1f:96:e0:62:09:8b:c3:
77:8a:7e:da:89:da:f0:b3:c0:fa:fc:c9:f6:b1:2c:
ac:72:98:60:dc:de:5d:b5:ec:70:d7:19:c4:ba:1b:
0b:eb:a8:80:d3:d4:98:3a:de:93:c5:39:9f:65:ab:
2a:e9:7e:f4:32:eb:43:68:b7:e5:fa:ef:24:98:91:
45:75:dc:e1:f8:59:df:cf:12:dd:db:8f:82:d6:7a:
1b:54:da:53:a2:1f:08:c8:27:b4:82:11:e5:b0:82:
16:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:1A:30:54:43:CC:10:8C:FF:B6:21:93:90:65:08:8E:98:28:D6:1F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D39D2914F5CE11EFADDD0687762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.135.0/24
Signature Algorithm: sha256WithRSAEncryption
31:04:ca:0e:13:e0:e0:75:30:0d:ac:3f:c0:34:bc:32:86:55:
db:02:3a:de:82:1d:b6:15:81:5c:bb:ed:12:dd:03:b8:b3:a4:
9d:7a:0e:9a:b5:d5:22:aa:10:88:43:97:d2:34:33:68:3e:f6:
98:bc:53:93:06:ec:97:72:4e:29:2d:f6:c5:25:5f:70:b7:5c:
ba:3f:9b:3c:0a:ea:60:4c:72:9b:2a:39:56:ac:cd:03:5c:4c:
19:79:70:0e:73:ce:43:3b:56:bf:e9:57:a2:45:b9:c3:2c:a2:
f5:03:6c:c3:2a:e2:5f:2e:3f:ed:dc:61:94:9c:a4:e9:41:58:
02:bd:57:e9:90:fa:9d:aa:c1:2f:61:49:6e:0d:c8:51:36:04:
26:11:f5:5a:5d:7d:a4:ff:29:50:2c:12:1e:ea:5f:e5:a7:3c:
cd:8a:78:54:01:b8:ec:ae:ae:84:2f:d6:8c:bf:88:74:81:c0:
48:56:5f:2d:38:3f:d4:ac:fa:ff:a5:b8:cc:fd:52:ca:ae:8e:
ae:e4:91:b2:cd:49:3e:9e:24:35:fc:43:4a:35:7f:c7:69:dd:
a5:bb:1c:3d:ae:47:0a:e8:36:d6:15:f2:db:49:3d:67:0a:be:
b3:93:22:0c:81:24:c3:fe:44:f4:4e:8e:03:53:1d:aa:04:66:
49:36:3a:d1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWsiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MTIyMzMwWhcNMjUwNDExMTIyMzMwWjAYMRYw
FAYDVQQDEw02N2MxYWFjNS00N2Q5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArBAVsnhoW0Ck5oDjGNgSA9/aER2AF1+ZpbxkM9qGUYy+6cvFzRFol6JS
ofD0jVglQbuogeUtnyPWBKDq5Yd9CrQjMf+lydxGe/PPminX/kT/Y3afBtZELCx0
W+9A2JoqMNwxf73ngoRf5KjKRK9xLjG8p+Fqp980AKeBtDo2AQS5CiWHQQrg8OHR
nxN7ewMMA/JFOo9u+C5rAzofLB+W4GIJi8N3in7aidrws8D6/Mn2sSyscphg3N5d
texw1xnEuhsL66iA09SYOt6TxTmfZasq6X70MutDaLfl+u8kmJFFddzh+FnfzxLd
24+C1nobVNpToh8IyCe0ghHlsIIWpQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKwa
MFRDzBCM/7Yhk5BlCI6YKNYfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMzlEMjkxNEY1Q0UxMUVGQURERDA2ODc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsuHMA0GCSqGSIb3DQEB
CwUAA4IBAQAxBMoOE+DgdTANrD/ANLwyhlXbAjregh22FYFcu+0S3QO4s6Sdeg6a
tdUiqhCIQ5fSNDNoPvaYvFOTBuyXck4pLfbFJV9wt1y6P5s8CupgTHKbKjlWrM0D
XEwZeXAOc85DO1a/6VeiRbnDLKL1A2zDKuJfLj/t3GGUnKTpQVgCvVfpkPqdqsEv
YUluDchRNgQmEfVaXX2k/ylQLBIe6l/lpzzNinhUAbjsrq6EL9aMv4h0gcBIVl8t
OD/UrPr/pbjM/VLKro6u5JGyzUk+niQ1/ENKNX/Had2luxw9rkcK6DbWFfLbST1n
Cr6zkyIMgSTD/kT0To4DUx2qBGZJNjrR
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:15:35 2025 by rpki-client