Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/101E59CCF44311EF9DD6835A762E951A.roa
File: 101E59CCF44311EF9DD6835A762E951A.roa (raw, json)
Hash identifier: PH4eyhjUyBIMTjQJufTVGmdmuOeaG7tuFPrPX1cfafA=
Subject key identifier: FA:44:A9:9E:10:02:21:5D:C7:01:79:84:CD:60:6E:57:61:C1:FC:68
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01638E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/101E59CCF44311EF9DD6835A762E951A.roa
Signing time: Wed 26 Feb 2025 13:10:34 +0000
ROA not before: Wed 26 Feb 2025 13:10:31 +0000
ROA not after: Thu 19 Feb 2026 13:10:31 +0000
asID: 984
IP address blocks: 154.208.185.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91022 (0x1638e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 13:10:31 2025 GMT
Not After : Feb 19 13:10:31 2026 GMT
Subject: CN=67bf12ca-6662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:68:90:67:84:d3:77:f2:4f:a0:05:7c:43:5a:
8c:62:75:4b:ca:d4:05:93:01:57:60:85:80:e1:dc:
b5:d4:a3:cd:8a:a1:be:5f:03:ee:b6:b2:2b:5a:97:
de:56:27:76:22:d0:5c:0a:da:d3:b8:d5:78:b0:81:
aa:a1:ad:f3:25:74:1f:85:4c:00:b6:f0:3a:c2:e2:
1b:15:65:a3:f4:03:45:b8:e1:54:50:3d:b2:f2:81:
f6:ae:61:fa:7c:aa:55:cb:60:01:ef:58:63:a6:8a:
eb:a8:05:5d:eb:6b:62:b2:df:ec:d3:82:90:09:de:
bf:74:1f:7e:9a:ce:d9:59:86:b2:1a:1f:00:17:01:
dc:15:8e:0c:b8:83:08:3f:41:16:72:0f:11:19:50:
2d:f4:be:1f:da:38:8d:20:53:18:04:bd:a9:62:d5:
25:4a:c4:75:df:ea:c1:ef:a5:82:62:13:27:60:30:
31:ec:a2:1e:ef:e4:f2:1a:3c:ab:8d:3b:fa:dc:3f:
ce:37:7f:fa:ca:0c:37:85:ee:7f:00:eb:d5:00:34:
24:74:46:1e:ea:f2:ce:64:56:01:ed:e6:c1:f6:d8:
b0:08:7c:fe:21:0c:7a:63:cc:9c:f0:f0:a4:5d:10:
8e:db:ef:25:17:f3:6f:90:11:be:b4:69:5d:91:1f:
6c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:44:A9:9E:10:02:21:5D:C7:01:79:84:CD:60:6E:57:61:C1:FC:68
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/101E59CCF44311EF9DD6835A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.185.0/24
Signature Algorithm: sha256WithRSAEncryption
43:58:a0:39:cb:76:5b:12:cb:0d:a8:13:0a:27:9d:6c:68:57:
40:8b:65:27:ed:e3:e8:25:97:0f:86:32:f7:9d:a8:ae:22:f0:
03:c8:ac:26:40:db:dc:dd:5d:83:ed:48:dc:8c:6b:3c:aa:79:
d7:ba:04:a9:fb:a8:9b:0e:d1:bb:33:22:20:a8:c6:df:f9:64:
65:70:8e:85:e9:68:85:8d:a6:04:a1:bf:56:f2:4a:23:78:54:
5f:1b:c8:92:95:cd:a7:5f:0e:20:28:c5:3a:c8:82:47:8c:95:
76:2f:5a:7f:bc:7d:bb:cf:af:0d:d3:3c:c9:13:df:d5:a7:8c:
33:26:c2:32:f7:5e:95:96:84:0e:cd:33:2f:56:dc:9e:ee:50:
7f:41:99:26:cb:84:98:60:39:17:4f:0a:86:bf:ff:9f:fd:23:
4c:1f:98:c0:8a:10:2a:18:84:c2:c5:24:df:1a:4d:9c:1c:85:
07:cc:a5:e8:4f:c0:fd:1f:51:3d:c8:c2:fc:37:12:c0:d1:70:
b0:cf:e2:85:02:59:e8:62:04:a8:97:03:56:96:70:ac:35:aa:
25:07:99:9a:96:be:1f:e2:63:39:69:0e:04:18:a7:77:bd:63:
8b:72:bb:97:ea:0a:a6:dd:d4:1d:92:8c:6c:12:4b:e9:a1:42:
0e:ef:d1:96
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWOOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTMxMDMxWhcNMjYwMjE5MTMxMDMxWjAYMRYw
FAYDVQQDEw02N2JmMTJjYS02NjYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvGiQZ4TTd/JPoAV8Q1qMYnVLytQFkwFXYIWA4dy11KPNiqG+XwPutrIr
WpfeVid2ItBcCtrTuNV4sIGqoa3zJXQfhUwAtvA6wuIbFWWj9ANFuOFUUD2y8oH2
rmH6fKpVy2AB71hjporrqAVd62tist/s04KQCd6/dB9+ms7ZWYayGh8AFwHcFY4M
uIMIP0EWcg8RGVAt9L4f2jiNIFMYBL2pYtUlSsR13+rB76WCYhMnYDAx7KIe7+Ty
GjyrjTv63D/ON3/6ygw3he5/AOvVADQkdEYe6vLOZFYB7ebB9tiwCHz+IQx6Y8yc
8PCkXRCO2+8lF/NvkBG+tGldkR9sbQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPpE
qZ4QAiFdxwF5hM1gbldhwfxoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMDFFNTlDQ0Y0NDMxMUVGOURENjgzNUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtC5MA0GCSqGSIb3DQEB
CwUAA4IBAQBDWKA5y3ZbEssNqBMKJ51saFdAi2Un7ePoJZcPhjL3naiuIvADyKwm
QNvc3V2D7UjcjGs8qnnXugSp+6ibDtG7MyIgqMbf+WRlcI6F6WiFjaYEob9W8koj
eFRfG8iSlc2nXw4gKMU6yIJHjJV2L1p/vH27z68N0zzJE9/Vp4wzJsIy916VloQO
zTMvVtye7lB/QZkmy4SYYDkXTwqGv/+f/SNMH5jAihAqGITCxSTfGk2cHIUHzKXo
T8D9H1E9yML8NxLA0XCwz+KFAlnoYgSolwNWlnCsNaolB5malr4f4mM5aQ4EGKd3
vWOLcruX6gqm3dQdkoxsEkvpoUIO79GW
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:40:27 2025 by rpki-client