Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F66274F4FF1A11EF9E95ACB0762E951A.roa
File: F66274F4FF1A11EF9E95ACB0762E951A.roa (raw, json)
Hash identifier: iRJED0GnFewi6M5WY+76L+XDQOaieyaRfksGmuCV2ug=
Subject key identifier: EE:2C:CF:85:42:BA:B6:67:39:9A:5C:93:91:BD:0C:53:8C:27:7E:84
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0173AF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F66274F4FF1A11EF9E95ACB0762E951A.roa
Signing time: Wed 12 Mar 2025 08:21:14 +0000
ROA not before: Wed 12 Mar 2025 08:21:10 +0000
ROA not after: Sat 12 Apr 2025 08:21:10 +0000
asID: 39600
IP address blocks: 154.84.148.0/24 maxlen: 24
154.84.149.0/24 maxlen: 24
154.84.150.0/24 maxlen: 24
154.84.151.0/24 maxlen: 24
154.84.188.0/24 maxlen: 24
154.84.189.0/24 maxlen: 24
154.84.190.0/24 maxlen: 24
154.84.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95151 (0x173af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 12 08:21:10 2025 GMT
Not After : Apr 12 08:21:10 2025 GMT
Subject: CN=67d143fa-d05f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5f:26:eb:fd:4b:00:93:b7:1e:49:a3:6c:f8:
c2:ed:4c:d7:66:87:47:c3:e5:dc:0f:59:fd:89:f0:
d1:e8:62:18:fe:3a:f6:87:d2:83:2a:f4:55:16:c0:
9c:c3:77:fd:21:ef:6f:d2:b0:bd:e9:4a:a0:42:e8:
55:b4:d8:25:3c:42:cc:56:8c:e5:ba:96:48:d9:e9:
23:ed:a6:5a:df:19:28:b6:e7:6e:6e:cf:ee:1f:04:
2f:25:24:6e:51:f6:7e:9c:98:a4:eb:1e:91:ef:8d:
46:18:4a:d7:82:2d:df:7e:cb:bc:e6:a2:46:8f:a9:
a3:25:40:14:7f:42:4c:66:a0:aa:50:b2:80:37:4f:
ce:0d:d9:37:50:ef:7c:9e:a2:33:31:04:4f:bc:bd:
b2:d2:3b:d1:bd:20:10:eb:db:c3:f0:b1:ef:97:b7:
6b:5c:e3:95:d5:9c:02:1b:93:06:fa:94:db:b4:75:
d5:9c:53:ab:8f:f2:b5:49:57:3b:91:87:47:12:30:
d4:5f:7c:a0:7d:cd:c9:44:c9:97:00:dd:25:39:3c:
79:61:75:bd:51:38:c5:a1:25:b7:1b:1f:b9:91:d6:
84:2a:a7:38:59:1a:27:e0:58:03:61:f5:75:ff:55:
d4:55:64:08:ab:5d:c5:0b:3b:50:41:b4:bb:a5:aa:
bd:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:2C:CF:85:42:BA:B6:67:39:9A:5C:93:91:BD:0C:53:8C:27:7E:84
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F66274F4FF1A11EF9E95ACB0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.148.0/22
154.84.188.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:14:8e:4d:d9:81:f0:68:25:1c:e5:2a:b8:af:b9:3f:4a:06:
f3:39:e1:25:5d:ae:68:67:c5:ca:21:e2:2f:3d:c6:77:5b:72:
31:fd:bf:cd:37:eb:11:9c:a4:8c:bb:9f:96:4e:ae:b0:17:38:
62:fb:c6:17:64:fe:a8:78:e5:d0:93:69:e0:0e:78:d4:0d:fd:
74:fe:c9:5d:a7:b8:0e:c1:54:20:bd:f3:56:2f:aa:db:ad:55:
ba:80:29:51:ea:c8:56:e5:dd:29:6e:1e:68:37:33:6c:a9:f4:
25:66:ec:14:62:b0:9d:b5:3a:53:57:47:1e:30:6a:30:f9:b4:
0e:e4:0b:98:92:79:e8:f2:4b:d6:87:65:7b:12:da:49:bf:7f:
fc:96:fa:76:2d:d2:95:c9:c2:8a:d0:2c:f1:d9:07:03:2b:46:
c3:d7:54:f8:5a:2b:64:58:f5:7b:81:de:be:2e:cc:7d:32:d7:
77:39:ed:1a:6b:c9:fd:c3:e6:29:f7:d1:11:42:6d:25:01:cb:
6e:b5:d9:6c:61:a4:ae:88:e7:97:71:7f:e8:ee:83:78:50:f6:
d3:7d:a2:64:71:49:fa:ea:e9:0c:bc:46:85:26:a2:86:20:ac:
ff:4d:e1:19:cc:44:46:ea:7c:ac:c2:74:e4:d0:2a:5b:9c:2f:
92:bb:57:af
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXOvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzEyMDgyMTEwWhcNMjUwNDEyMDgyMTEwWjAYMRYw
FAYDVQQDEw02N2QxNDNmYS1kMDVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxF8m6/1LAJO3HkmjbPjC7UzXZodHw+XcD1n9ifDR6GIY/jr2h9KDKvRV
FsCcw3f9Ie9v0rC96UqgQuhVtNglPELMVozlupZI2ekj7aZa3xkotudubs/uHwQv
JSRuUfZ+nJik6x6R741GGErXgi3ffsu85qJGj6mjJUAUf0JMZqCqULKAN0/ODdk3
UO98nqIzMQRPvL2y0jvRvSAQ69vD8LHvl7drXOOV1ZwCG5MG+pTbtHXVnFOrj/K1
SVc7kYdHEjDUX3ygfc3JRMmXAN0lOTx5YXW9UTjFoSW3Gx+5kdaEKqc4WRon4FgD
YfV1/1XUVWQIq13FCztQQbS7paq9qQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFO4s
z4VCurZnOZpck5G9DFOMJ36EMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNjYyNzRGNEZGMUExMUVGOUU5NUFDQjA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmlSUAwQCmlS8MA0GCSqG
SIb3DQEBCwUAA4IBAQB/FI5N2YHwaCUc5Sq4r7k/SgbzOeElXa5oZ8XKIeIvPcZ3
W3Ix/b/NN+sRnKSMu5+WTq6wFzhi+8YXZP6oeOXQk2ngDnjUDf10/sldp7gOwVQg
vfNWL6rbrVW6gClR6shW5d0pbh5oNzNsqfQlZuwUYrCdtTpTV0ceMGow+bQO5AuY
knno8kvWh2V7EtpJv3/8lvp2LdKVycKK0Czx2QcDK0bD11T4WitkWPV7gd6+Lsx9
Mtd3Oe0aa8n9w+Yp99ERQm0lActutdlsYaSuiOeXcX/o7oN4UPbTfaJkcUn66ukM
vEaFJqKGIKz/TeEZzERG6nyswnTk0CpbnC+Su1ev
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:30 2025 by rpki-client