Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FF473E94070111F0A32C8C8C762E951A.roa
File: FF473E94070111F0A32C8C8C762E951A.roa (raw, json)
Hash identifier: KUe3+a3/xqzlJvSxB+/M56kM+MzxTQjlErO5rj5MH+4=
Subject key identifier: C2:01:A6:F6:75:B0:B5:56:42:E6:C5:0E:2C:18:18:21:E5:97:46:2C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017574
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FF473E94070111F0A32C8C8C762E951A.roa
Signing time: Sat 22 Mar 2025 09:42:41 +0000
ROA not before: Sat 22 Mar 2025 09:42:37 +0000
ROA not after: Wed 30 Apr 2025 09:42:37 +0000
asID: 8796
IP address blocks: 154.201.72.0/21 maxlen: 24
154.201.88.0/22 maxlen: 24
154.201.92.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95604 (0x17574)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 22 09:42:37 2025 GMT
Not After : Apr 30 09:42:37 2025 GMT
Subject: CN=67de8611-3e5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b4:0e:c7:ee:14:14:79:16:4a:f8:28:bf:70:
21:29:13:d1:52:6e:ac:78:db:3d:a6:09:3b:32:11:
4b:28:f7:8f:dc:4e:94:de:aa:7b:a8:21:33:ed:17:
dc:55:c6:4d:f1:41:e1:37:5d:c5:2c:b8:7e:64:10:
f0:a0:02:6e:6d:30:c9:37:64:16:56:fb:68:a8:a9:
61:d2:94:7e:7b:f9:c0:f1:1d:fe:47:18:f0:7e:97:
f4:e2:0d:c4:cb:1b:d9:cd:8a:fa:75:00:e1:80:73:
86:b7:23:62:86:ea:eb:3c:2f:c6:f3:8b:d5:c4:bf:
a3:5f:75:35:9f:80:41:8d:9c:eb:65:76:6b:af:cf:
bc:cd:ef:61:f0:00:c6:70:82:39:0b:fd:62:c4:a9:
2c:36:aa:4e:13:8a:cf:ea:c4:c6:3a:30:3d:b1:e6:
58:09:5f:4b:48:b4:e5:94:56:ab:45:7d:54:3c:44:
78:77:23:7f:7f:c6:2e:cf:52:50:da:09:96:af:be:
91:c1:22:b5:a1:cd:36:05:aa:b1:52:75:e7:33:2b:
a8:5f:4d:de:63:04:2b:98:f1:45:51:ee:80:5e:5d:
fb:9e:3d:e5:51:80:36:55:c8:e7:f5:b9:72:b4:db:
1b:77:90:ed:f1:a1:04:80:fd:90:ba:22:90:ad:93:
e7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:01:A6:F6:75:B0:B5:56:42:E6:C5:0E:2C:18:18:21:E5:97:46:2C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FF473E94070111F0A32C8C8C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.72.0/21
154.201.88.0-154.201.93.255
Signature Algorithm: sha256WithRSAEncryption
7a:bd:49:7f:f3:29:84:a3:60:1a:d5:15:59:3c:1d:8a:51:d6:
e3:b3:99:29:83:62:38:c1:8e:ce:da:5c:2c:a6:f2:31:5d:30:
06:a0:a9:d5:20:9a:84:d2:f3:b1:04:f1:08:80:d3:00:96:94:
50:54:13:9b:0d:6c:42:59:fc:0c:a6:68:fe:79:37:e1:c4:b0:
0c:af:ed:62:e7:05:eb:ac:2c:db:49:de:b2:af:bb:99:b9:8b:
9e:1c:6d:d3:ed:87:c5:0f:b9:ef:b4:7e:39:73:58:ab:b4:8c:
c6:ec:be:0e:1b:fd:89:74:5e:00:6a:6d:62:ce:9c:39:35:af:
32:de:5c:02:5f:6a:c3:bb:34:54:e2:22:f0:fd:4b:37:1a:60:
be:b3:57:30:df:fc:f3:32:be:40:54:7d:66:68:bb:3d:43:9c:
64:f3:80:b2:c4:96:c4:2e:c2:67:2a:80:60:a8:16:f8:53:de:
05:d0:45:4e:4f:49:60:34:7b:50:3c:7f:25:34:e2:8d:6c:70:
bc:b0:d4:03:c5:a6:1e:d7:92:b6:0b:61:73:3f:d4:7c:fc:25:
54:5e:ac:5a:ee:01:62:fb:b3:e4:7e:7b:7d:ea:b0:95:e1:9b:
11:e4:82:0d:8a:85:de:97:56:ef:0a:6e:6a:eb:97:98:8d:77:
5a:07:1a:5e
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAXV0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzIyMDk0MjM3WhcNMjUwNDMwMDk0MjM3WjAYMRYw
FAYDVQQDEw02N2RlODYxMS0zZTVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA37QOx+4UFHkWSvgov3AhKRPRUm6seNs9pgk7MhFLKPeP3E6U3qp7qCEz
7RfcVcZN8UHhN13FLLh+ZBDwoAJubTDJN2QWVvtoqKlh0pR+e/nA8R3+Rxjwfpf0
4g3EyxvZzYr6dQDhgHOGtyNihurrPC/G84vVxL+jX3U1n4BBjZzrZXZrr8+8ze9h
8ADGcII5C/1ixKksNqpOE4rP6sTGOjA9seZYCV9LSLTllFarRX1UPER4dyN/f8Yu
z1JQ2gmWr76RwSK1oc02BaqxUnXnMyuoX03eYwQrmPFFUe6AXl37nj3lUYA2Vcjn
9blytNsbd5Dt8aEEgP2QuiKQrZPnKQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFMIB
pvZ1sLVWQubFDiwYGCHll0YsMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GRjQ3M0U5NDA3MDExMUYwQTMyQzhDOEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDmslIMAwDBAOayVgDBAGa
yVwwDQYJKoZIhvcNAQELBQADggEBAHq9SX/zKYSjYBrVFVk8HYpR1uOzmSmDYjjB
js7aXCym8jFdMAagqdUgmoTS87EE8QiA0wCWlFBUE5sNbEJZ/AymaP55N+HEsAyv
7WLnBeusLNtJ3rKvu5m5i54cbdPth8UPue+0fjlzWKu0jMbsvg4b/Yl0XgBqbWLO
nDk1rzLeXAJfasO7NFTiIvD9SzcaYL6zVzDf/PMyvkBUfWZouz1DnGTzgLLElsQu
wmcqgGCoFvhT3gXQRU5PSWA0e1A8fyU04o1scLyw1APFph7XkrYLYXM/1Hz8JVRe
rFruAWL7s+R+e33qsJXhmxHkgg2Khd6XVu8Kbmrrl5iNd1oHGl4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:37:26 2025 by rpki-client