Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1448B49CFB3311EFAF0A329E762E951A.roa
File: 1448B49CFB3311EFAF0A329E762E951A.roa (raw, json)
Hash identifier: xNV+XYqYnqn+jUsHHvp8fT+CiP5NLZkO1+co0sHJH1k=
Subject key identifier: 92:56:25:C2:B0:BF:56:D4:62:93:71:52:72:58:C0:48:57:A1:CD:20
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0172DA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1448B49CFB3311EFAF0A329E762E951A.roa
Signing time: Fri 07 Mar 2025 09:03:48 +0000
ROA not before: Fri 07 Mar 2025 09:03:43 +0000
ROA not after: Fri 27 Feb 2026 09:03:43 +0000
asID: 12709
IP address blocks: 154.85.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94938 (0x172da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 7 09:03:43 2025 GMT
Not After : Feb 27 09:03:43 2026 GMT
Subject: CN=67cab674-fac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b5:62:61:ae:91:d6:77:05:8b:be:52:96:a6:
1a:58:48:d3:69:01:5a:f2:9e:2d:a6:35:60:40:40:
78:64:b3:02:84:0c:9a:81:bc:84:7a:98:cd:71:98:
50:48:a0:18:66:72:f5:af:37:53:8a:7d:03:93:24:
ae:2f:7b:a1:8b:30:cb:11:07:e7:81:46:03:84:c6:
37:7b:b7:7b:59:d0:34:43:23:5d:3a:0c:b7:f6:b8:
5e:e6:5c:e6:7f:99:b8:1e:f8:8d:dc:e9:62:56:d7:
27:18:bf:3b:e0:de:70:89:45:98:e6:e1:f4:3e:92:
6e:38:49:db:cd:d2:82:6e:8f:d7:92:39:6d:b1:c9:
fe:dc:ba:d1:39:2e:84:d3:22:ca:07:26:19:bf:29:
b9:d2:2c:66:74:1e:de:10:21:92:3f:d1:0f:9a:26:
db:e8:71:56:cb:d8:61:14:bc:e2:3a:1f:1b:b0:8e:
8c:ee:92:2b:92:ea:21:48:b3:c8:b5:83:53:5b:eb:
5d:e9:1e:0a:f6:b9:63:71:f1:f0:ba:0d:29:a9:bf:
bb:6b:52:59:7d:21:5d:4f:82:e1:c0:ce:50:69:50:
91:12:b5:1c:90:6a:df:fa:01:bb:6a:4e:61:5f:d7:
8a:f9:fb:42:27:92:8f:8b:40:5f:aa:d5:a3:61:ad:
0f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:56:25:C2:B0:BF:56:D4:62:93:71:52:72:58:C0:48:57:A1:CD:20
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1448B49CFB3311EFAF0A329E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.21.0/24
Signature Algorithm: sha256WithRSAEncryption
26:00:ef:24:dd:1a:70:5d:b5:85:cf:b4:4b:32:50:76:3f:48:
f7:60:1b:de:6f:14:98:a7:25:b4:3c:35:61:e8:11:42:d9:a3:
0a:86:84:ae:71:83:b6:b9:1a:d1:c3:4b:bf:60:e5:c1:75:45:
98:19:41:b0:85:47:72:f9:9c:18:98:c9:64:1d:9d:92:a9:d5:
2c:7b:ae:33:99:9e:85:3c:80:a1:f0:ff:f7:14:cf:fb:ac:81:
d1:fb:27:63:25:71:c8:37:0b:21:33:d7:b5:b2:e5:45:b3:c5:
c8:f4:14:29:38:b2:cc:e9:ba:59:f5:ee:e5:e6:92:14:d2:9c:
41:1d:07:98:16:ad:e3:10:f2:69:8c:28:03:7d:74:56:11:c2:
a2:67:6e:ae:94:78:b0:73:29:c1:d7:ca:03:e3:be:d1:32:eb:
ac:26:52:de:6e:91:ae:99:c9:fc:89:3c:ce:1f:c2:b6:13:de:
29:24:7f:ad:43:00:b0:c8:94:19:8e:1d:36:69:64:c3:1c:b8:
6b:78:06:61:c1:e8:e7:80:3e:79:5f:af:73:28:49:a5:b4:83:
e5:89:4e:3e:66:f0:62:8b:75:15:f0:39:b6:f1:c1:ec:db:c9:
d3:64:ea:ad:64:84:80:b7:69:18:4c:16:b9:74:00:4f:9c:c6:
9f:53:61:36
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXLaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA3MDkwMzQzWhcNMjYwMjI3MDkwMzQzWjAYMRYw
FAYDVQQDEw02N2NhYjY3NC1mYWM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1LViYa6R1ncFi75SlqYaWEjTaQFa8p4tpjVgQEB4ZLMChAyagbyEepjN
cZhQSKAYZnL1rzdTin0DkySuL3uhizDLEQfngUYDhMY3e7d7WdA0QyNdOgy39rhe
5lzmf5m4HviN3OliVtcnGL874N5wiUWY5uH0PpJuOEnbzdKCbo/Xkjltscn+3LrR
OS6E0yLKByYZvym50ixmdB7eECGSP9EPmibb6HFWy9hhFLziOh8bsI6M7pIrkuoh
SLPItYNTW+td6R4K9rljcfHwug0pqb+7a1JZfSFdT4LhwM5QaVCRErUckGrf+gG7
ak5hX9eK+ftCJ5KPi0BfqtWjYa0PowIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJJW
JcKwv1bUYpNxUnJYwEhXoc0gMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNDQ4QjQ5Q0ZCMzMxMUVGQUYwQTMyOUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlUVMA0GCSqGSIb3DQEB
CwUAA4IBAQAmAO8k3RpwXbWFz7RLMlB2P0j3YBvebxSYpyW0PDVh6BFC2aMKhoSu
cYO2uRrRw0u/YOXBdUWYGUGwhUdy+ZwYmMlkHZ2SqdUse64zmZ6FPICh8P/3FM/7
rIHR+ydjJXHINwshM9e1suVFs8XI9BQpOLLM6bpZ9e7l5pIU0pxBHQeYFq3jEPJp
jCgDfXRWEcKiZ26ulHiwcynB18oD477RMuusJlLebpGumcn8iTzOH8K2E94pJH+t
QwCwyJQZjh02aWTDHLhreAZhwejngD55X69zKEmltIPliU4+ZvBii3UV8Dm28cHs
28nTZOqtZISAt2kYTBa5dABPnMafU2E2
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:06 2025 by rpki-client