Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29F8B7DEC1A811EF8BC3E888762E951A.roa
File: 29F8B7DEC1A811EF8BC3E888762E951A.roa (raw, json)
Hash identifier: RXbyqURUjHRV5IAZ4TBEolG6THmrHVka1uDKptzqJFc=
Subject key identifier: 79:02:B2:89:42:32:9B:7C:82:E3:27:53:C0:5F:B9:5D:37:58:47:92
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012109
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29F8B7DEC1A811EF8BC3E888762E951A.roa
Signing time: Tue 24 Dec 2024 03:35:48 +0000
ROA not before: Tue 24 Dec 2024 03:35:44 +0000
ROA not after: Wed 10 Dec 2025 03:35:44 +0000
asID: 984
IP address blocks: 154.92.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73993 (0x12109)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 03:35:44 2024 GMT
Not After : Dec 10 03:35:44 2025 GMT
Subject: CN=676a2c13-e10e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c1:a9:90:2a:76:d2:65:cb:31:b1:ac:70:f0:
cb:2a:d8:eb:41:ed:a3:b0:04:11:16:95:9c:28:d1:
9b:65:d7:61:06:ec:bb:25:db:75:83:53:80:d5:82:
27:17:c1:82:0e:c3:a6:a1:bc:a5:bc:e3:3e:8e:49:
57:12:3b:4a:f0:16:0b:6d:7a:de:a1:cb:00:17:87:
73:24:f0:19:4b:f3:26:7b:53:79:da:bf:05:75:1f:
3b:1b:fd:c4:44:32:e6:1f:a0:b4:67:14:5e:2c:ba:
a5:8f:ed:aa:02:c5:99:ab:d4:5f:ae:89:28:44:06:
29:79:68:b6:ed:0f:52:7e:e7:fb:18:4f:ec:91:e7:
39:85:3e:8c:ff:c0:fb:ec:4b:2b:77:2c:52:86:c5:
37:0d:41:fc:7d:b7:d8:94:83:e5:b2:90:da:ba:a9:
21:93:57:5d:53:8c:c2:7c:99:98:75:aa:67:be:72:
c5:0d:dc:95:06:0c:45:40:39:5b:3a:55:ea:a2:0b:
6b:ca:05:d6:7b:50:b5:13:7f:0b:11:57:60:77:42:
fa:b7:28:37:59:58:a7:29:11:50:ee:43:7f:5a:40:
d8:72:a5:64:a3:97:1f:bf:ba:a9:d7:10:42:3c:28:
e6:13:bc:18:0b:d9:0a:d6:0c:81:1f:56:fe:1e:7a:
7c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:02:B2:89:42:32:9B:7C:82:E3:27:53:C0:5F:B9:5D:37:58:47:92
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29F8B7DEC1A811EF8BC3E888762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.204.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:5b:98:80:7a:7c:d3:be:13:be:26:f0:3d:98:f1:8a:21:b6:
78:09:7f:8d:bd:8c:18:8d:bb:1d:36:ff:09:e6:7e:2d:a9:4a:
67:94:95:c7:b2:79:64:39:31:be:53:d5:52:46:6f:84:d1:ee:
99:8e:b5:53:d2:58:fe:f9:61:c5:68:df:7f:98:4f:74:e8:40:
16:f7:ca:e6:ec:04:70:83:d2:ea:20:ba:b5:45:61:39:ff:08:
93:8a:b4:92:1c:49:68:2f:42:d0:91:47:16:17:86:22:61:cf:
66:72:c6:b1:3b:21:21:07:f1:89:18:f1:06:3d:0a:36:bf:01:
b9:00:42:26:d7:89:98:c9:31:85:64:21:4d:b4:6b:4b:9c:ba:
2d:05:a9:7a:81:92:c6:92:46:56:c7:85:ce:54:1c:55:cd:ed:
00:a3:6c:e6:8e:0d:7c:2b:a1:ae:6f:c2:3f:56:4b:11:b1:2b:
d6:82:4e:56:b4:75:52:49:c7:ba:f1:5b:3a:aa:8e:4e:05:0e:
ff:a2:c5:20:69:a9:b0:6d:62:71:9d:03:5b:db:cb:c5:f7:65:
3d:37:95:6c:97:61:1d:73:f1:f0:fa:ff:0b:d4:37:87:71:9f:
70:a5:5e:8a:ca:3a:b0:8e:ad:59:4c:3c:22:fb:43:87:d9:cb:
f1:10:95:a2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASEJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDMzNTQ0WhcNMjUxMjEwMDMzNTQ0WjAYMRYw
FAYDVQQDEw02NzZhMmMxMy1lMTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlMGpkCp20mXLMbGscPDLKtjrQe2jsAQRFpWcKNGbZddhBuy7Jdt1g1OA
1YInF8GCDsOmobylvOM+jklXEjtK8BYLbXreocsAF4dzJPAZS/Mme1N52r8FdR87
G/3ERDLmH6C0ZxReLLqlj+2qAsWZq9RfrokoRAYpeWi27Q9Sfuf7GE/skec5hT6M
/8D77EsrdyxShsU3DUH8fbfYlIPlspDauqkhk1ddU4zCfJmYdapnvnLFDdyVBgxF
QDlbOlXqogtrygXWe1C1E38LEVdgd0L6tyg3WVinKRFQ7kN/WkDYcqVko5cfv7qp
1xBCPCjmE7wYC9kK1gyBH1b+Hnp8EQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHkC
solCMpt8guMnU8BfuV03WEeSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOUY4QjdERUMxQTgxMUVGOEJDM0U4ODg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlzMMA0GCSqGSIb3DQEB
CwUAA4IBAQCPW5iAenzTvhO+JvA9mPGKIbZ4CX+NvYwYjbsdNv8J5n4tqUpnlJXH
snlkOTG+U9VSRm+E0e6ZjrVT0lj++WHFaN9/mE906EAW98rm7ARwg9LqILq1RWE5
/wiTirSSHEloL0LQkUcWF4YiYc9mcsaxOyEhB/GJGPEGPQo2vwG5AEIm14mYyTGF
ZCFNtGtLnLotBal6gZLGkkZWx4XOVBxVze0Ao2zmjg18K6Gub8I/VksRsSvWgk5W
tHVSSce68Vs6qo5OBQ7/osUgaamwbWJxnQNb28vF92U9N5Vsl2Edc/Hw+v8L1DeH
cZ9wpV6Kyjqwjq1ZTDwi+0OH2cvxEJWi
-----END CERTIFICATE-----
Generated at Thu Apr 10 04:15:53 2025 by rpki-client