Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2F39013AC92411EF8FD86FA0762E951A.roa
File: 2F39013AC92411EF8FD86FA0762E951A.roa (raw, json)
Hash identifier: Q7AHOln21xXj99IsM8JDJ08suNQw5FUNqipHR3TQI9s=
Subject key identifier: 8B:5B:E6:2B:A7:CF:16:B7:24:56:7E:10:E5:41:C1:BA:F4:80:6F:33
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013345
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2F39013AC92411EF8FD86FA0762E951A.roa
Signing time: Thu 02 Jan 2025 16:11:12 +0000
ROA not before: Thu 02 Jan 2025 16:11:08 +0000
ROA not after: Sat 13 Dec 2025 16:11:08 +0000
asID: 984
IP address blocks: 154.222.105.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78661 (0x13345)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 16:11:08 2025 GMT
Not After : Dec 13 16:11:08 2025 GMT
Subject: CN=6776baa0-896d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f7:0e:f3:72:73:97:82:d9:80:84:29:e3:dd:
28:21:6c:85:3b:a7:a8:f1:1b:32:39:35:4a:fa:3f:
11:b8:27:f6:6a:aa:fe:bc:9c:9b:84:ee:98:f8:eb:
96:cd:ed:22:9a:bb:f0:8b:3d:3e:7a:e4:00:93:79:
7d:6b:b4:0b:43:a1:15:ac:06:c7:af:2f:50:c0:b3:
32:09:6a:af:16:a3:45:7f:bf:79:d0:a7:55:19:e4:
c8:e1:37:1e:07:21:6a:df:f6:c4:6b:5e:a3:1d:63:
d1:55:a3:30:5e:52:21:dd:c6:12:84:f9:a4:e9:6a:
e3:f3:23:d6:c7:35:3d:e6:a1:9b:c6:7f:51:81:d9:
6d:15:b6:be:e6:bb:c3:c7:fa:2c:c8:ee:4d:e7:cc:
a1:13:dd:90:db:6e:35:ac:c7:4d:fe:af:a6:0a:47:
fa:e3:31:86:5d:65:40:46:d0:3c:26:e6:1c:d2:ba:
e8:7b:5e:44:38:42:78:b6:c1:28:4b:80:e8:81:5f:
ce:4c:46:2b:d2:a3:ce:20:6f:cf:7b:c1:e0:d2:59:
2f:a9:92:ec:d4:50:09:f4:f4:98:c9:16:a7:fe:9a:
0f:03:32:06:91:80:ad:ad:67:29:52:21:1e:ee:14:
b2:87:e1:68:4d:f5:29:ac:03:7b:88:18:49:c5:21:
16:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:5B:E6:2B:A7:CF:16:B7:24:56:7E:10:E5:41:C1:BA:F4:80:6F:33
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2F39013AC92411EF8FD86FA0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.105.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:d8:61:3d:95:42:b7:4d:26:64:f5:b5:ca:68:6f:6d:f4:cb:
54:9d:ea:61:77:76:69:d8:99:93:f6:06:e2:d1:73:65:6d:ec:
8c:12:fa:df:59:c2:15:0d:ec:e4:35:34:dd:08:4d:1d:2a:1c:
99:05:79:3b:a0:dd:29:a0:07:4e:7e:24:67:29:49:e9:5e:ba:
5b:0c:c2:10:5f:c1:76:5f:b0:c4:bb:c7:f1:01:e2:da:6a:74:
3e:9b:b0:c0:86:b2:27:ee:c8:e5:9f:60:c4:40:04:04:53:72:
7b:2c:ea:4b:ff:ed:55:fa:63:f6:1e:6e:05:77:26:36:28:21:
73:50:86:03:4c:32:37:b0:84:c4:93:a9:c6:99:2b:d1:4c:ba:
4a:61:ad:11:28:eb:b1:df:19:b9:27:45:51:8d:63:4c:b7:8e:
f4:74:ec:db:d4:7f:01:3c:d1:78:d4:7c:30:58:b2:a9:6c:c4:
c8:da:33:28:06:96:0b:8b:81:3d:a6:2c:e3:76:56:b2:ab:ed:
18:84:dd:ed:45:fd:7a:5c:d9:57:dc:98:00:ca:52:37:44:cc:
bb:ce:6d:8c:a8:70:db:5c:8c:2e:b3:6d:c2:29:04:d2:68:d5:
68:fc:1e:96:df:b6:a2:14:7d:fa:f0:fa:3f:10:ca:38:6d:f8:
f0:a0:5f:79
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATNFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTYxMTA4WhcNMjUxMjEzMTYxMTA4WjAYMRYw
FAYDVQQDEw02Nzc2YmFhMC04OTZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq/cO83Jzl4LZgIQp490oIWyFO6eo8RsyOTVK+j8RuCf2aqr+vJybhO6Y
+OuWze0imrvwiz0+euQAk3l9a7QLQ6EVrAbHry9QwLMyCWqvFqNFf7950KdVGeTI
4TceByFq3/bEa16jHWPRVaMwXlIh3cYShPmk6Wrj8yPWxzU95qGbxn9RgdltFba+
5rvDx/osyO5N58yhE92Q2241rMdN/q+mCkf64zGGXWVARtA8JuYc0rroe15EOEJ4
tsEoS4DogV/OTEYr0qPOIG/Pe8Hg0lkvqZLs1FAJ9PSYyRan/poPAzIGkYCtrWcp
UiEe7hSyh+FoTfUprAN7iBhJxSEW7QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFItb
5iunzxa3JFZ+EOVBwbr0gG8zMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRjM5MDEzQUM5MjQxMUVGOEZEODZGQTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt5pMA0GCSqGSIb3DQEB
CwUAA4IBAQDE2GE9lUK3TSZk9bXKaG9t9MtUnephd3Zp2JmT9gbi0XNlbeyMEvrf
WcIVDezkNTTdCE0dKhyZBXk7oN0poAdOfiRnKUnpXrpbDMIQX8F2X7DEu8fxAeLa
anQ+m7DAhrIn7sjln2DEQAQEU3J7LOpL/+1V+mP2Hm4FdyY2KCFzUIYDTDI3sITE
k6nGmSvRTLpKYa0RKOux3xm5J0VRjWNMt470dOzb1H8BPNF41HwwWLKpbMTI2jMo
BpYLi4E9pizjdlayq+0YhN3tRf16XNlX3JgAylI3RMy7zm2MqHDbXIwus23CKQTS
aNVo/B6W37aiFH368Po/EMo4bfjwoF95
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:48 2025 by rpki-client