Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/900299FCD97A11EF9D737FB1762E951A.roa
File: 900299FCD97A11EF9D737FB1762E951A.roa (raw, json)
Hash identifier: T6/Fkc7RvBNAGMpsseObn5mJe+ednxDS3sE6RVzUpaA=
Subject key identifier: A9:39:51:0C:3E:3A:8C:F5:C3:84:8A:85:F1:C6:30:AE:4A:67:32:72
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01417D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/900299FCD97A11EF9D737FB1762E951A.roa
Signing time: Thu 23 Jan 2025 11:09:50 +0000
ROA not before: Thu 23 Jan 2025 11:09:46 +0000
ROA not after: Thu 13 Mar 2025 11:09:46 +0000
asID: 63139
IP address blocks: 154.203.167.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82301 (0x1417d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 23 11:09:46 2025 GMT
Not After : Mar 13 11:09:46 2025 GMT
Subject: CN=6792237e-b7e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:70:28:bd:9f:7f:3b:f2:06:44:34:41:08:95:
41:d1:3b:74:18:32:94:3a:66:37:1f:3d:91:8f:8a:
b9:f3:d4:8a:d2:cd:e7:2b:d0:6e:a4:f5:c8:95:b7:
b5:c9:9c:de:b2:0c:92:46:74:23:53:9b:20:78:2c:
22:58:9d:6e:3e:85:a9:5a:bc:6a:fb:99:69:20:cf:
98:36:b2:c9:0e:9c:f7:3a:e2:a7:45:1d:a8:79:71:
67:c0:3a:d3:c6:d0:12:b0:6a:ad:d9:e1:7c:4d:ee:
30:66:6a:2d:e7:be:9f:eb:87:eb:8c:84:ab:9d:2f:
ab:98:dc:33:58:4e:e5:d7:5d:02:f1:62:97:40:c6:
37:f5:77:b3:8a:14:ff:cf:52:94:ec:d9:5e:41:41:
32:6e:1e:dc:fa:ee:09:78:f4:1a:6f:ab:ea:43:54:
ce:0a:3d:72:91:3a:f2:b6:92:23:ac:e2:9e:d3:d6:
fa:0f:2f:9d:c2:be:8c:d7:a6:e7:12:17:e0:66:af:
42:38:90:6e:ff:97:fe:69:eb:84:7f:b8:d5:f7:ac:
86:d7:e2:34:55:b6:89:6c:86:67:81:7d:1e:68:41:
bf:86:ec:b7:d5:0f:68:4a:d7:c5:f5:fd:dc:f0:96:
44:75:2c:0d:57:c8:ae:58:a2:b0:0d:99:7c:9f:d7:
3a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:39:51:0C:3E:3A:8C:F5:C3:84:8A:85:F1:C6:30:AE:4A:67:32:72
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/900299FCD97A11EF9D737FB1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.167.0/24
Signature Algorithm: sha256WithRSAEncryption
32:9e:86:61:15:30:9f:e5:b7:a2:19:8f:c7:7e:db:39:4d:2d:
bf:57:df:3e:a5:90:fa:c6:79:19:05:0a:98:96:8c:8c:16:2d:
d4:df:ed:d7:cd:95:e8:e1:97:ec:8e:9e:24:ab:e3:1c:75:70:
ab:63:bf:0e:92:9a:cf:f4:6a:75:d1:ac:8d:21:de:b2:db:6a:
09:45:eb:2a:d7:78:40:38:ba:c6:67:e7:c8:7a:cf:b7:5e:af:
e0:ed:dc:82:25:cc:15:31:c4:fc:32:99:d1:a3:86:04:b6:01:
37:cb:c7:fd:b3:15:a4:0b:90:3f:7f:98:3c:e7:94:bc:ae:a2:
ec:5e:c6:f3:a0:3b:c2:f7:d2:95:f0:bd:3f:df:3b:d4:4d:b2:
fa:c5:a7:7b:fc:b8:c9:2f:3f:82:f3:97:9a:88:59:87:53:2d:
97:bd:ac:e7:d5:e7:7d:c5:fe:bb:cf:62:64:7b:b0:f7:9d:ec:
3a:f9:59:ec:50:ca:d1:59:4f:89:77:09:c0:5e:0b:5f:16:1b:
8b:f1:3c:3a:94:5d:5e:a4:e5:61:62:87:03:be:ca:37:94:19:
f5:01:0d:33:3e:35:40:3d:99:cb:80:98:19:11:d2:14:ff:ac:
75:a2:52:0b:4d:4b:62:df:9a:bf:65:2f:56:d4:51:9b:f4:f9:
e1:ae:ce:8c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUF9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMTEwOTQ2WhcNMjUwMzEzMTEwOTQ2WjAYMRYw
FAYDVQQDEw02NzkyMjM3ZS1iN2UxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwnAovZ9/O/IGRDRBCJVB0Tt0GDKUOmY3Hz2Rj4q589SK0s3nK9BupPXI
lbe1yZzesgySRnQjU5sgeCwiWJ1uPoWpWrxq+5lpIM+YNrLJDpz3OuKnRR2oeXFn
wDrTxtASsGqt2eF8Te4wZmot576f64frjISrnS+rmNwzWE7l110C8WKXQMY39Xez
ihT/z1KU7NleQUEybh7c+u4JePQab6vqQ1TOCj1ykTrytpIjrOKe09b6Dy+dwr6M
16bnEhfgZq9COJBu/5f+aeuEf7jV96yG1+I0VbaJbIZngX0eaEG/huy31Q9oStfF
9f3c8JZEdSwNV8iuWKKwDZl8n9c6ZwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKk5
UQw+Ooz1w4SKhfHGMK5KZzJyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MDAyOTlGQ0Q5N0ExMUVGOUQ3MzdGQjE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsunMA0GCSqGSIb3DQEB
CwUAA4IBAQAynoZhFTCf5beiGY/Hfts5TS2/V98+pZD6xnkZBQqYloyMFi3U3+3X
zZXo4Zfsjp4kq+McdXCrY78OkprP9Gp10ayNId6y22oJResq13hAOLrGZ+fIes+3
Xq/g7dyCJcwVMcT8MpnRo4YEtgE3y8f9sxWkC5A/f5g855S8rqLsXsbzoDvC99KV
8L0/3zvUTbL6xad7/LjJLz+C85eaiFmHUy2Xvazn1ed9xf67z2Jke7D3new6+Vns
UMrRWU+JdwnAXgtfFhuL8Tw6lF1epOVhYocDvso3lBn1AQ0zPjVAPZnLgJgZEdIU
/6x1olILTUti35q/ZS9W1FGb9Pnhrs6M
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:33:44 2025 by rpki-client