Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D4F2BBBE097211F087DFCF75762E951A.roa
File: D4F2BBBE097211F087DFCF75762E951A.roa (raw, json)
Hash identifier: bbkr8uF+O0zQtEdALkBNYrkVGEA+l2TNMSi6Fg9ZNN8=
Subject key identifier: B4:C6:4C:66:7C:EE:71:D3:39:2A:CB:8E:14:CF:C1:4F:7B:2D:7C:E9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017634
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D4F2BBBE097211F087DFCF75762E951A.roa
Signing time: Tue 25 Mar 2025 12:15:25 +0000
ROA not before: Tue 25 Mar 2025 12:15:21 +0000
ROA not after: Tue 03 Jun 2025 12:15:21 +0000
asID: 63139
IP address blocks: 154.94.69.0/24 maxlen: 24
154.94.70.0/24 maxlen: 24
154.94.71.0/24 maxlen: 24
154.94.72.0/24 maxlen: 24
154.94.96.0/24 maxlen: 24
154.94.97.0/24 maxlen: 24
154.94.98.0/24 maxlen: 24
154.94.99.0/24 maxlen: 24
154.94.100.0/24 maxlen: 24
154.94.125.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95796 (0x17634)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 25 12:15:21 2025 GMT
Not After : Jun 3 12:15:21 2025 GMT
Subject: CN=67e29e5d-ed21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:16:7d:3e:9d:b9:6a:87:d1:49:8c:23:74:85:
37:7b:2e:70:fb:f1:a8:28:82:1a:48:a1:b5:c5:31:
fe:85:27:c7:b9:6a:26:9c:f0:60:b6:d4:d5:5d:12:
59:5b:13:06:da:c6:72:58:42:8c:55:cb:e1:ad:42:
d1:8d:5f:2b:c6:ab:ff:c1:e3:46:2e:31:06:9a:ae:
34:de:e7:51:25:07:69:56:82:d2:97:78:45:d8:75:
3a:45:79:b7:6d:67:19:7b:87:f4:47:ad:5f:d8:dd:
00:c4:f7:93:2d:f7:0b:ea:63:f3:55:f6:47:9b:d7:
86:b2:16:0a:ad:b2:1d:e4:8f:1b:a0:b4:3d:74:dd:
46:37:fb:f5:24:d0:72:70:e6:ee:00:78:17:83:bc:
dd:fe:de:36:95:35:cb:c7:f7:e4:83:5a:1a:94:e0:
2b:9b:e8:40:f9:3a:14:27:03:30:4d:6a:e4:81:a1:
74:dc:04:d3:21:65:39:31:40:bb:64:9c:01:f1:c6:
80:9d:bb:61:d5:67:04:b0:8f:1a:5d:70:42:32:2c:
a7:63:72:90:b8:8c:0d:9b:2e:b9:ee:e1:89:fb:fb:
0b:ef:f1:90:18:76:cb:55:3c:fe:dc:03:85:7c:99:
d1:75:4f:b8:88:7c:17:b7:39:cb:83:f1:a0:d3:e0:
1a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:C6:4C:66:7C:EE:71:D3:39:2A:CB:8E:14:CF:C1:4F:7B:2D:7C:E9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D4F2BBBE097211F087DFCF75762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.69.0-154.94.72.255
154.94.96.0-154.94.100.255
154.94.125.0/24
Signature Algorithm: sha256WithRSAEncryption
83:d7:88:20:18:a4:15:95:0a:25:81:6a:2c:fb:4f:43:9b:6f:
b5:b1:a6:d6:0e:f6:fe:19:96:02:17:cd:6f:cc:04:d1:a4:30:
fa:3f:27:a8:06:39:2a:c2:a9:e3:aa:8f:3d:2f:3a:6d:82:8c:
f7:0d:6e:78:d6:70:1b:bc:3e:d4:8a:8a:d3:43:e8:eb:3b:bf:
eb:ae:de:b7:1d:e8:dc:3a:da:89:a5:c9:a7:b9:f3:54:28:b8:
3c:e7:70:a1:a0:d4:7e:aa:3f:13:e2:9c:59:c1:2f:d2:53:bb:
59:6b:bc:62:16:56:58:bf:23:28:bc:83:a1:b4:26:bb:21:47:
22:68:dc:c0:a6:fc:e5:68:58:b9:61:15:0c:14:4a:1d:a7:48:
26:a9:3e:2b:66:6f:ba:8f:45:9b:0c:7b:2b:64:b2:55:fa:78:
e2:a2:5c:b8:20:e1:2b:11:36:23:51:0d:19:d1:2c:68:2b:95:
89:b9:70:c4:60:8e:16:04:e9:38:52:b6:9e:36:e8:86:8b:ff:
8f:9a:db:06:5f:2f:99:be:8c:81:97:99:a0:cb:0e:4d:87:01:
74:d4:b7:22:46:46:69:06:fa:e6:36:0a:40:b7:db:dd:f5:30:
f0:61:e7:b3:7d:25:0a:1f:57:6e:20:b1:b2:f1:87:0d:b9:45:
8e:09:6f:45
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIDAXY0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI1MTIxNTIxWhcNMjUwNjAzMTIxNTIxWjAYMRYw
FAYDVQQDEw02N2UyOWU1ZC1lZDIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2BZ9Pp25aofRSYwjdIU3ey5w+/GoKIIaSKG1xTH+hSfHuWomnPBgttTV
XRJZWxMG2sZyWEKMVcvhrULRjV8rxqv/weNGLjEGmq403udRJQdpVoLSl3hF2HU6
RXm3bWcZe4f0R61f2N0AxPeTLfcL6mPzVfZHm9eGshYKrbId5I8boLQ9dN1GN/v1
JNBycObuAHgXg7zd/t42lTXLx/fkg1oalOArm+hA+ToUJwMwTWrkgaF03ATTIWU5
MUC7ZJwB8caAnbth1WcEsI8aXXBCMiynY3KQuIwNmy657uGJ+/sL7/GQGHbLVTz+
3AOFfJnRdU+4iHwXtznLg/Gg0+AaDwIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFLTG
TGZ87nHTOSrLjhTPwU97LXzpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENEYyQkJCRTA5NzIxMUYwODdERkNGNzU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBACaXkUDBACaXkgwDAME
BZpeYAMEAJpeZAMEAJpefTANBgkqhkiG9w0BAQsFAAOCAQEAg9eIIBikFZUKJYFq
LPtPQ5tvtbGm1g72/hmWAhfNb8wE0aQw+j8nqAY5KsKp46qPPS86bYKM9w1ueNZw
G7w+1IqK00Po6zu/667etx3o3DraiaXJp7nzVCi4POdwoaDUfqo/E+KcWcEv0lO7
WWu8YhZWWL8jKLyDobQmuyFHImjcwKb85WhYuWEVDBRKHadIJqk+K2Zvuo9Fmwx7
K2SyVfp44qJcuCDhKxE2I1ENGdEsaCuViblwxGCOFgTpOFK2njbohov/j5rbBl8v
mb6MgZeZoMsOTYcBdNS3IkZGaQb65jYKQLfb3fUw8GHns30lCh9XbiCxsvGHDblF
jglvRQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:46:42 2025 by rpki-client