Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FF7D8320F5CF11EF8949E28F762E951A.roa
File: FF7D8320F5CF11EF8949E28F762E951A.roa (raw, json)
Hash identifier: GNsthgYlYSl9Tuv4ereYDrbX+/+yKkjPCzE5CgOA7uA=
Subject key identifier: DB:54:AF:A6:63:41:0C:CD:CD:DD:13:F2:73:C9:97:89:4B:72:D2:FF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016B28
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FF7D8320F5CF11EF8949E28F762E951A.roa
Signing time: Fri 28 Feb 2025 12:31:57 +0000
ROA not before: Fri 28 Feb 2025 12:31:52 +0000
ROA not after: Fri 11 Apr 2025 12:31:52 +0000
asID: 138915
IP address blocks: 154.203.132.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92968 (0x16b28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 28 12:31:52 2025 GMT
Not After : Apr 11 12:31:52 2025 GMT
Subject: CN=67c1acbc-1e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9c:32:e7:3d:c3:16:77:09:e4:3f:29:6d:d0:
c7:84:90:60:5c:ec:73:0d:bf:29:2b:27:8d:b5:8c:
7a:86:c1:43:13:0f:d9:23:4b:dd:c0:9d:9e:ab:3c:
a4:2e:4c:0c:d8:9c:34:78:2e:7c:69:12:24:33:4b:
ae:39:8a:4e:68:ae:7b:46:a3:c7:d0:59:29:3e:d7:
7f:47:81:e2:22:6c:10:4d:e5:9c:df:e4:aa:60:23:
2a:8b:b9:0d:75:72:fb:d9:69:90:1e:bb:bc:a6:85:
59:78:65:aa:bb:17:66:58:dc:e2:06:41:f9:e7:7d:
a5:ca:c9:1d:0d:be:51:94:7a:0d:b1:b0:58:aa:2f:
77:66:91:fd:79:f4:1c:e8:48:33:1f:87:ce:df:63:
09:c9:27:df:01:bb:6b:ae:ac:22:62:21:37:ce:1f:
55:4e:b9:45:39:b7:cf:02:76:a5:6a:1b:f5:b3:d2:
19:58:53:ee:32:3c:7b:bf:2a:47:33:95:29:2d:1a:
f4:28:cc:c5:bc:c0:cc:ba:2f:bd:72:f8:cb:0b:44:
06:0f:8e:0f:8c:66:95:7f:c6:eb:a7:5d:07:ff:60:
9f:78:60:ac:56:fe:64:72:88:a4:3b:7d:43:00:51:
bc:0a:b2:c8:88:cd:e4:f9:1a:13:92:a4:f4:bf:3d:
6a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:54:AF:A6:63:41:0C:CD:CD:DD:13:F2:73:C9:97:89:4B:72:D2:FF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FF7D8320F5CF11EF8949E28F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.132.0/24
Signature Algorithm: sha256WithRSAEncryption
46:50:49:8e:ff:54:73:6c:3d:2d:7f:35:c3:62:59:75:0b:ca:
f1:af:9a:d5:93:4e:00:7a:42:e8:e8:62:64:b5:8c:e5:e6:fd:
92:d6:41:f7:da:71:c8:1d:d8:a9:ac:9a:ed:36:d5:8d:92:20:
ab:89:46:ad:33:1b:88:3d:4a:b7:dc:28:a9:78:5f:90:df:e5:
05:cf:04:62:59:28:0a:07:c0:3f:e2:cb:0c:76:33:78:38:14:
d5:f1:6c:41:53:91:5e:3a:13:d1:b9:23:21:5d:0e:a1:c0:fa:
10:61:03:bc:b5:e6:1f:3f:1b:d2:af:cf:41:71:25:4f:75:02:
2b:a6:11:68:ba:a7:57:02:36:b5:c7:f3:f0:78:3f:c4:fe:53:
91:88:86:a3:d0:3e:00:83:6a:6a:7d:f7:42:e6:85:f2:50:75:
10:35:92:9a:30:62:7b:5d:e5:af:94:19:c2:d3:21:cf:8d:5e:
a0:2c:29:2f:78:2d:aa:7b:6e:aa:d6:22:40:05:6a:bb:cd:2d:
2e:76:be:cb:26:22:f1:1c:81:76:bf:ee:7a:ee:aa:c2:7f:c0:
50:8e:ca:d4:63:3d:16:96:5a:69:0b:2a:77:e5:d9:8d:5e:cc:
d3:1e:9e:67:df:34:ed:d4:93:3e:74:23:2f:d5:6a:da:4f:af:
2b:f0:e3:92
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWsoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MTIzMTUyWhcNMjUwNDExMTIzMTUyWjAYMRYw
FAYDVQQDEw02N2MxYWNiYy0xZTBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyZwy5z3DFncJ5D8pbdDHhJBgXOxzDb8pKyeNtYx6hsFDEw/ZI0vdwJ2e
qzykLkwM2Jw0eC58aRIkM0uuOYpOaK57RqPH0FkpPtd/R4HiImwQTeWc3+SqYCMq
i7kNdXL72WmQHru8poVZeGWquxdmWNziBkH5532lyskdDb5RlHoNsbBYqi93ZpH9
efQc6EgzH4fO32MJySffAbtrrqwiYiE3zh9VTrlFObfPAnalahv1s9IZWFPuMjx7
vypHM5UpLRr0KMzFvMDMui+9cvjLC0QGD44PjGaVf8brp10H/2CfeGCsVv5kcoik
O31DAFG8CrLIiM3k+RoTkqT0vz1qzwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNtU
r6ZjQQzNzd0T8nPJl4lLctL/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GRjdEODMyMEY1Q0YxMUVGODk0OUUyOEY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsuEMA0GCSqGSIb3DQEB
CwUAA4IBAQBGUEmO/1RzbD0tfzXDYll1C8rxr5rVk04AekLo6GJktYzl5v2S1kH3
2nHIHdiprJrtNtWNkiCriUatMxuIPUq33CipeF+Q3+UFzwRiWSgKB8A/4ssMdjN4
OBTV8WxBU5FeOhPRuSMhXQ6hwPoQYQO8teYfPxvSr89BcSVPdQIrphFouqdXAja1
x/PweD/E/lORiIaj0D4Ag2pqffdC5oXyUHUQNZKaMGJ7XeWvlBnC0yHPjV6gLCkv
eC2qe26q1iJABWq7zS0udr7LJiLxHIF2v+567qrCf8BQjsrUYz0WllppCyp35dmN
XszTHp5n3zTt1JM+dCMv1WraT68r8OOS
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:02 2025 by rpki-client