Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0353FB2EF43011EFB89B3155762E951A.roa
File: 0353FB2EF43011EFB89B3155762E951A.roa (raw, json)
Hash identifier: rBSuHLU5LIi/fSPU2EF+CHjAmDpzhcIzBXma+7kZFNk=
Subject key identifier: 44:67:6E:9D:6F:7C:4E:0A:BA:6A:76:B5:38:C9:D2:98:85:82:A8:8B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01625F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0353FB2EF43011EFB89B3155762E951A.roa
Signing time: Wed 26 Feb 2025 10:54:12 +0000
ROA not before: Wed 26 Feb 2025 10:54:09 +0000
ROA not after: Fri 20 Feb 2026 10:54:09 +0000
asID: 984
IP address blocks: 154.199.12.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90719 (0x1625f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 10:54:09 2025 GMT
Not After : Feb 20 10:54:09 2026 GMT
Subject: CN=67bef2d4-be59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a7:9b:e8:68:60:14:d3:85:41:1a:36:a3:e1:
68:46:8f:74:66:66:05:49:1b:09:3d:93:83:89:14:
12:59:f1:00:57:e6:e2:a6:7d:b4:28:83:7e:07:75:
f1:80:1f:94:8b:27:19:06:2e:eb:eb:10:22:59:ec:
f9:63:b7:1e:d2:9d:28:e4:b7:ea:f0:49:09:ea:8f:
7d:76:40:cc:f4:6e:1a:e4:90:02:a9:d3:0d:5c:e1:
24:a3:bb:52:ce:0a:d1:d2:f0:ea:5a:f6:a3:7a:9e:
1a:b8:ba:7f:c7:ae:88:fb:86:a9:56:0c:35:cd:87:
d7:f0:21:df:48:91:7f:2a:d0:2a:1e:4c:bc:28:e8:
90:20:92:fa:4e:11:dd:b4:65:91:0f:32:c5:e8:ab:
77:27:9d:49:57:30:85:c0:4a:d9:72:f0:7e:cb:9d:
b0:fb:0c:65:bf:a2:68:bd:6f:28:0d:7d:98:de:c2:
e2:1e:67:ad:bd:93:28:43:86:05:9e:fc:b9:25:89:
9d:7b:da:f7:9d:cf:17:93:cc:d3:98:5f:88:72:df:
9e:f1:f0:cf:81:02:7a:1f:3e:8f:01:dd:96:96:8f:
7d:1b:60:a4:e6:29:b5:c4:d3:10:c2:84:9e:6a:46:
f7:5a:3d:b4:e3:1c:0f:51:49:fc:66:94:54:59:9b:
b3:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:67:6E:9D:6F:7C:4E:0A:BA:6A:76:B5:38:C9:D2:98:85:82:A8:8B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0353FB2EF43011EFB89B3155762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.12.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:ca:ce:41:fa:d2:7b:8b:43:7f:14:e9:c1:fd:53:ff:de:5c:
75:2f:53:4a:ca:61:ae:8a:01:d1:af:7e:a3:39:e3:4c:69:1e:
f5:8e:d7:c4:32:ab:f9:49:8e:48:85:cb:28:52:ef:ee:32:5e:
25:a8:9e:44:40:87:3c:8c:a1:7a:23:b9:d7:f6:42:60:a9:e1:
29:24:1d:67:0c:3a:d0:81:76:a2:0d:68:ba:50:f1:45:ba:c8:
0c:d6:b8:d5:f4:9e:8b:e9:1f:4e:84:b8:60:6b:08:b4:9a:d3:
fb:a6:58:2c:d8:50:e2:11:8a:cd:c8:71:2a:83:3c:92:71:53:
02:a2:ab:8a:59:d1:3c:ce:e3:3c:60:cb:07:9c:50:58:8a:e0:
f9:2c:d6:fc:3f:27:07:5e:c7:ae:f8:b0:15:a3:c0:38:d2:9c:
eb:0b:3a:a6:32:b0:f4:d1:4f:f8:f8:a4:36:90:96:cb:0a:12:
cc:2f:a0:c9:a9:8f:8a:f7:06:20:bb:9b:0f:8d:56:2f:45:df:
db:9d:49:f5:9d:af:99:72:0b:ae:97:37:60:34:c3:d9:f3:11:
31:3e:99:02:1a:64:e2:f8:63:ed:c2:a4:37:8e:3a:53:56:ef:
4f:2d:96:ad:17:d5:cb:b1:5e:ad:e7:25:eb:23:fb:df:01:47:
cb:0a:5d:c5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWJfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTA1NDA5WhcNMjYwMjIwMTA1NDA5WjAYMRYw
FAYDVQQDEw02N2JlZjJkNC1iZTU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsKeb6GhgFNOFQRo2o+FoRo90ZmYFSRsJPZODiRQSWfEAV+bipn20KIN+
B3XxgB+UiycZBi7r6xAiWez5Y7ce0p0o5Lfq8EkJ6o99dkDM9G4a5JACqdMNXOEk
o7tSzgrR0vDqWvajep4auLp/x66I+4apVgw1zYfX8CHfSJF/KtAqHky8KOiQIJL6
ThHdtGWRDzLF6Kt3J51JVzCFwErZcvB+y52w+wxlv6JovW8oDX2Y3sLiHmetvZMo
Q4YFnvy5JYmde9r3nc8Xk8zTmF+Ict+e8fDPgQJ6Hz6PAd2Wlo99G2Ck5im1xNMQ
woSeakb3Wj204xwPUUn8ZpRUWZuzvQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFERn
bp1vfE4Kump2tTjJ0piFgqiLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMzUzRkIyRUY0MzAxMUVGQjg5QjMxNTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmscMMA0GCSqGSIb3DQEB
CwUAA4IBAQDLys5B+tJ7i0N/FOnB/VP/3lx1L1NKymGuigHRr36jOeNMaR71jtfE
Mqv5SY5IhcsoUu/uMl4lqJ5EQIc8jKF6I7nX9kJgqeEpJB1nDDrQgXaiDWi6UPFF
usgM1rjV9J6L6R9OhLhgawi0mtP7plgs2FDiEYrNyHEqgzyScVMCoquKWdE8zuM8
YMsHnFBYiuD5LNb8PycHXseu+LAVo8A40pzrCzqmMrD00U/4+KQ2kJbLChLML6DJ
qY+K9wYgu5sPjVYvRd/bnUn1na+ZcguulzdgNMPZ8xExPpkCGmTi+GPtwqQ3jjpT
Vu9PLZatF9XLsV6t5yXrI/vfAUfLCl3F
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:37:24 2025 by rpki-client