Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C2B2412F45011EF9587CFB6762E951A.roa
File: 2C2B2412F45011EF9587CFB6762E951A.roa (raw, json)
Hash identifier: gyIEYAGGg+Fk3oocBcaBabmNYmZW88pAp+JzGVnK/1Y=
Subject key identifier: C5:8C:2D:1D:A5:AE:60:D3:F6:9D:CB:A5:ED:4A:1B:21:A4:79:3D:CF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016474
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C2B2412F45011EF9587CFB6762E951A.roa
Signing time: Wed 26 Feb 2025 14:44:25 +0000
ROA not before: Wed 26 Feb 2025 14:44:21 +0000
ROA not after: Thu 19 Feb 2026 14:44:21 +0000
asID: 984
IP address blocks: 154.210.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91252 (0x16474)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 14:44:21 2025 GMT
Not After : Feb 19 14:44:21 2026 GMT
Subject: CN=67bf28c9-d818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f1:ca:39:e5:7a:a9:6b:2e:be:00:36:8e:d1:
d5:19:7b:96:12:2c:e1:31:e2:14:2e:b1:da:82:32:
7c:0c:e6:2f:48:29:49:0e:d4:6a:68:81:9f:30:aa:
03:f5:f1:4d:12:ca:b3:47:93:cf:f0:1c:7c:f6:38:
52:92:ae:34:d4:4b:cc:a7:25:0a:00:df:4b:c9:8f:
ac:eb:35:08:d2:a9:33:8c:83:a0:d8:9b:1f:17:16:
77:0d:f1:07:82:84:cf:97:66:5b:e8:aa:fa:74:d8:
d3:a6:79:e4:c0:8b:9a:0c:64:67:80:ee:ba:a9:bd:
9f:8e:fa:57:f1:f5:6a:97:fa:69:8b:8f:c0:03:8b:
06:8c:a7:73:7b:f0:8d:ea:a0:38:a4:61:83:0a:3b:
0c:fe:e4:3d:27:50:3d:9f:9b:9f:ed:c2:1b:92:24:
e6:5d:66:18:89:9b:d2:ec:90:e0:0c:09:34:8c:4c:
9e:a3:8a:9a:90:9c:ef:6e:60:3a:65:63:2b:fc:0a:
e5:33:a5:bd:89:4f:ca:45:63:ad:fb:2f:8e:14:7f:
52:2f:85:bc:37:db:ec:96:54:89:2d:de:57:11:b1:
4f:4e:10:cb:5b:0d:09:ca:bd:03:a1:9d:c9:95:f3:
6a:4e:07:ac:a6:0f:e5:31:d0:b5:db:ab:ae:23:6d:
0e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:8C:2D:1D:A5:AE:60:D3:F6:9D:CB:A5:ED:4A:1B:21:A4:79:3D:CF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C2B2412F45011EF9587CFB6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.59.0/24
Signature Algorithm: sha256WithRSAEncryption
76:f7:53:88:d1:4c:a5:c0:05:a5:e8:e8:81:99:79:a2:28:ec:
f4:fd:b9:14:98:4d:f3:e0:a1:cd:11:00:20:a1:f3:a9:86:25:
13:27:aa:7c:7d:bd:f4:95:4d:a5:da:34:15:2a:b3:6e:99:96:
95:87:02:91:75:fa:95:bf:a1:ee:1c:99:7b:c6:fc:70:22:0c:
56:76:4c:e7:0f:a5:38:53:05:c2:b0:87:79:4d:be:86:7a:06:
22:f8:e1:e9:52:16:d0:58:a8:77:f0:02:da:a1:b7:9b:4b:d6:
28:b8:8c:99:b8:c1:e2:93:d9:d8:17:67:92:39:3c:02:70:3a:
f2:9c:3a:40:61:e3:e1:dc:bc:d3:d9:9e:b6:78:7d:5c:91:89:
d1:36:ab:0b:17:c6:b9:52:a1:3d:15:bb:64:c2:b2:10:ed:34:
89:9e:c0:95:2e:11:79:8f:20:a3:84:ca:18:80:51:a0:0a:75:
22:ad:1f:b9:c6:42:6a:64:c3:77:07:1f:05:66:8f:99:b2:c2:
22:d1:c8:28:97:bf:79:7b:d8:b8:9e:27:3e:f7:ca:67:df:fb:
67:70:19:72:71:d0:e5:40:8d:c7:42:05:7e:8e:2b:fd:6f:21:
55:1b:91:bb:88:13:3c:b7:7f:4b:36:6f:19:7e:19:bb:d4:60:
bd:96:1b:e2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWR0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTQ0NDIxWhcNMjYwMjE5MTQ0NDIxWjAYMRYw
FAYDVQQDEw02N2JmMjhjOS1kODE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2PHKOeV6qWsuvgA2jtHVGXuWEizhMeIULrHagjJ8DOYvSClJDtRqaIGf
MKoD9fFNEsqzR5PP8Bx89jhSkq401EvMpyUKAN9LyY+s6zUI0qkzjIOg2JsfFxZ3
DfEHgoTPl2Zb6Kr6dNjTpnnkwIuaDGRngO66qb2fjvpX8fVql/ppi4/AA4sGjKdz
e/CN6qA4pGGDCjsM/uQ9J1A9n5uf7cIbkiTmXWYYiZvS7JDgDAk0jEyeo4qakJzv
bmA6ZWMr/ArlM6W9iU/KRWOt+y+OFH9SL4W8N9vsllSJLd5XEbFPThDLWw0Jyr0D
oZ3JlfNqTgespg/lMdC126uuI20OBQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMWM
LR2lrmDT9p3Lpe1KGyGkeT3PMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQzJCMjQxMkY0NTAxMUVGOTU4N0NGQjY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtI7MA0GCSqGSIb3DQEB
CwUAA4IBAQB291OI0UylwAWl6OiBmXmiKOz0/bkUmE3z4KHNEQAgofOphiUTJ6p8
fb30lU2l2jQVKrNumZaVhwKRdfqVv6HuHJl7xvxwIgxWdkznD6U4UwXCsId5Tb6G
egYi+OHpUhbQWKh38ALaobebS9YouIyZuMHik9nYF2eSOTwCcDrynDpAYePh3LzT
2Z62eH1ckYnRNqsLF8a5UqE9FbtkwrIQ7TSJnsCVLhF5jyCjhMoYgFGgCnUirR+5
xkJqZMN3Bx8FZo+ZssIi0cgol795e9i4nic+98pn3/tncBlycdDlQI3HQgV+jiv9
byFVG5G7iBM8t39LNm8Zfhm71GC9lhvi
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:00:19 2025 by rpki-client