Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/18436E34CDDE11EF8D17B8B5762E951A.roa
File: 18436E34CDDE11EF8D17B8B5762E951A.roa (raw, json)
Hash identifier: vHji/QFoqVnZHuWbDRJCXnCxhu2P6hQ02vs1kDGOTpM=
Subject key identifier: 67:4D:75:2D:DD:BC:8E:87:23:22:E5:C5:ED:A2:19:2D:81:E1:A3:62
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0137A9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/18436E34CDDE11EF8D17B8B5762E951A.roa
Signing time: Wed 08 Jan 2025 16:32:05 +0000
ROA not before: Wed 08 Jan 2025 16:32:01 +0000
ROA not after: Sat 03 Jan 2026 16:32:01 +0000
asID: 984
IP address blocks: 154.89.163.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79785 (0x137a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 16:32:01 2025 GMT
Not After : Jan 3 16:32:01 2026 GMT
Subject: CN=677ea884-a2f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:44:47:73:85:19:bc:62:77:35:e6:ad:e5:4a:
da:10:91:4f:b2:7b:cb:7d:3c:5e:db:64:c7:3c:cd:
5f:7b:a9:e9:d9:69:4a:45:89:40:fd:d1:72:09:99:
d4:7c:87:0d:a1:be:4a:a1:ff:36:60:1a:cb:6b:e6:
d8:00:f8:31:79:f6:90:48:b7:1e:c4:7d:49:5d:59:
2f:f7:10:4f:d9:22:10:f4:82:40:12:49:70:ee:98:
6a:5f:73:38:54:b1:f4:97:25:50:dd:ec:1b:b5:76:
7d:3b:65:93:18:0d:04:31:74:7e:ad:8e:62:bb:72:
a3:ee:a7:f9:ae:2c:e9:63:fd:ee:f6:93:83:d0:3d:
9c:4f:fc:85:04:3b:ee:5d:1b:ad:b9:41:a4:97:a0:
2f:93:51:f1:ed:d0:32:dd:08:03:2d:1d:f2:19:0d:
bd:2d:7c:1b:d4:d2:f9:97:4c:a7:e0:8a:63:79:ee:
91:09:1c:c2:87:3b:ea:49:d1:04:38:54:7b:bf:7d:
51:8e:22:4a:dc:8a:b5:9f:7f:b1:c1:e1:2d:95:d4:
a2:26:82:55:6e:9e:76:2b:0e:6c:2d:a7:c9:ad:c0:
86:5c:fc:f0:6f:ae:b1:f2:20:ca:a2:1e:87:0f:a6:
e6:46:4a:3c:1c:0a:c5:19:86:3a:0e:d6:99:9d:bb:
92:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:4D:75:2D:DD:BC:8E:87:23:22:E5:C5:ED:A2:19:2D:81:E1:A3:62
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/18436E34CDDE11EF8D17B8B5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.163.0/24
Signature Algorithm: sha256WithRSAEncryption
62:4f:77:a7:61:79:e9:a9:c8:6c:b5:a3:bf:a8:d7:af:07:0d:
8a:85:0c:de:a1:ab:b8:b5:9f:98:60:e9:a2:e8:88:2f:d0:5b:
cd:cd:79:4a:ca:12:1b:af:36:0d:8b:a4:dd:1b:25:af:39:05:
d6:79:b3:8a:cd:ef:f4:ef:05:13:c6:bd:5d:79:c2:19:a5:90:
f2:b4:98:e8:fc:5a:ad:6a:be:45:85:f6:45:af:f7:79:55:a9:
53:17:2c:d4:69:71:d4:f5:11:3d:f5:b3:e7:94:a3:8f:b4:0d:
43:40:94:b4:c5:3f:22:b5:c9:79:af:66:0e:e2:35:29:79:45:
8c:00:3c:b2:26:81:cf:9b:16:79:6d:09:fa:4c:12:94:19:88:
35:cf:f6:f7:85:fb:c5:ef:6c:d4:75:0e:24:4a:91:26:76:f4:
09:5a:6c:e7:0b:56:a7:9d:4c:ad:e7:dd:a2:6e:d2:ff:b4:11:
c0:fc:80:28:0c:e2:5b:8a:17:be:67:8e:99:e2:99:6a:ae:ad:
3b:da:5c:2d:1b:4c:5a:8a:e3:28:0f:46:91:f9:4e:a4:15:47:
d5:0b:63:93:ba:71:1c:81:b9:ab:4b:6a:15:b7:d9:b5:18:56:
4b:e1:8a:18:51:0b:9a:28:99:87:0c:39:c3:6b:fd:e6:58:bf:
a4:83:ee:b4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATepMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTYzMjAxWhcNMjYwMTAzMTYzMjAxWjAYMRYw
FAYDVQQDEw02NzdlYTg4NC1hMmY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1kRHc4UZvGJ3Neat5UraEJFPsnvLfTxe22THPM1fe6np2WlKRYlA/dFy
CZnUfIcNob5Kof82YBrLa+bYAPgxefaQSLcexH1JXVkv9xBP2SIQ9IJAEklw7phq
X3M4VLH0lyVQ3ewbtXZ9O2WTGA0EMXR+rY5iu3Kj7qf5rizpY/3u9pOD0D2cT/yF
BDvuXRutuUGkl6Avk1Hx7dAy3QgDLR3yGQ29LXwb1NL5l0yn4Ipjee6RCRzChzvq
SdEEOFR7v31RjiJK3Iq1n3+xweEtldSiJoJVbp52Kw5sLafJrcCGXPzwb66x8iDK
oh6HD6bmRko8HArFGYY6DtaZnbuSTwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGdN
dS3dvI6HIyLlxe2iGS2B4aNiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xODQzNkUzNENEREUxMUVGOEQxN0I4QjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlmjMA0GCSqGSIb3DQEB
CwUAA4IBAQBiT3enYXnpqchstaO/qNevBw2KhQzeoau4tZ+YYOmi6Igv0FvNzXlK
yhIbrzYNi6TdGyWvOQXWebOKze/07wUTxr1decIZpZDytJjo/Fqtar5FhfZFr/d5
ValTFyzUaXHU9RE99bPnlKOPtA1DQJS0xT8itcl5r2YO4jUpeUWMADyyJoHPmxZ5
bQn6TBKUGYg1z/b3hfvF72zUdQ4kSpEmdvQJWmznC1annUyt592ibtL/tBHA/IAo
DOJbihe+Z46Z4plqrq072lwtG0xaiuMoD0aR+U6kFUfVC2OTunEcgbmrS2oVt9m1
GFZL4YoYUQuaKJmHDDnDa/3mWL+kg+60
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:05 2025 by rpki-client