Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32E48EFAC1A211EF8BEDFB5F762E951A.roa
File: 32E48EFAC1A211EF8BEDFB5F762E951A.roa (raw, json)
Hash identifier: 7s4ufRZzvTa7xEzaBbMk5ArA4geThHRg/A/y9mXQqqo=
Subject key identifier: 70:43:47:D0:70:24:CC:2D:99:43:33:0B:D7:B1:67:67:F5:49:30:35
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0120C1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32E48EFAC1A211EF8BEDFB5F762E951A.roa
Signing time: Tue 24 Dec 2024 02:53:06 +0000
ROA not before: Tue 24 Dec 2024 02:53:02 +0000
ROA not after: Wed 10 Dec 2025 02:53:02 +0000
asID: 984
IP address blocks: 154.90.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73921 (0x120c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 02:53:02 2024 GMT
Not After : Dec 10 02:53:02 2025 GMT
Subject: CN=676a2211-8c41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:46:36:0b:cf:98:f0:40:7a:ba:c6:ca:3f:d0:
44:e3:5d:58:1a:0a:1e:b1:02:5a:01:a9:64:65:d9:
16:53:80:c9:be:d8:4d:6b:2c:45:53:9d:54:7c:38:
26:7a:a7:1b:5e:4a:ab:2f:da:8f:21:02:35:5d:df:
79:63:db:1b:a8:ec:ae:33:48:ca:a3:98:8e:86:7c:
ca:fc:8b:d0:c5:de:9f:d8:7a:6f:b5:ab:0e:f5:41:
0e:be:4a:7d:07:f2:47:a3:d2:d5:1b:81:d0:65:43:
3c:7a:67:1a:82:e2:1a:67:38:68:6a:96:94:b6:13:
bf:3b:77:b6:43:63:ef:4e:7a:cd:6d:72:67:d0:2a:
97:7b:91:1d:fa:83:c3:bb:a1:ca:bb:34:db:73:40:
20:70:26:ae:5a:59:0a:56:39:d9:b8:65:ae:c3:f6:
0d:d3:f3:f0:ef:31:4a:f4:63:3f:1d:54:f4:57:d5:
0f:24:0f:2e:93:30:2b:4c:60:c9:b9:4b:53:8a:47:
01:c6:2f:e4:cb:d7:c1:d5:91:1b:79:1c:d9:54:f0:
c6:aa:37:ff:5c:e9:58:e4:8a:93:9b:9c:e1:2b:0a:
08:09:c4:c8:3c:f5:fe:4e:94:3d:78:ee:b6:e9:66:
62:ff:45:e5:77:9f:b3:fa:a1:b2:18:87:d0:8b:be:
63:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:43:47:D0:70:24:CC:2D:99:43:33:0B:D7:B1:67:67:F5:49:30:35
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32E48EFAC1A211EF8BEDFB5F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.252.0/24
Signature Algorithm: sha256WithRSAEncryption
83:c1:52:e5:0d:83:8f:92:89:81:8f:33:54:bf:e6:3e:f1:67:
d7:7f:68:24:15:59:ef:28:d6:02:8a:b2:03:05:98:cb:79:2d:
66:49:be:9d:9b:7d:80:30:fa:97:a3:50:ba:c4:08:9f:b6:1d:
f9:d7:20:74:b5:fe:f9:88:88:bb:2a:e3:21:78:e3:89:4d:86:
73:7d:ce:e6:cf:51:61:d0:38:f4:0c:c3:ee:28:a6:d8:b4:3b:
8d:9c:21:bd:63:d8:e4:c4:a1:e9:03:14:92:09:e7:62:55:d2:
c9:b1:7a:22:00:e3:2d:a2:aa:39:72:1f:07:c7:3f:54:1d:33:
e1:3b:f9:c2:08:16:6f:f0:f0:89:a0:d5:b1:14:f8:0f:da:95:
1a:09:ca:b6:20:7f:81:ff:8e:6b:5c:2b:7c:ef:07:14:70:b1:
70:9a:c0:91:57:59:f6:f4:73:7b:ab:f6:24:bc:14:42:30:4c:
f8:e1:9b:e0:ee:d1:37:66:c3:a5:f6:07:af:71:fe:3d:42:24:
94:da:86:8f:20:66:fb:93:b5:8e:ad:f4:c5:27:eb:3a:63:a1:
9f:d6:6e:2d:f9:63:cc:e6:e8:e8:fa:d3:24:40:11:1a:d3:1a:
3d:e4:71:d5:2c:6c:11:e2:f7:7f:6b:b5:7c:ac:10:1f:a2:de:
91:4e:49:7d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASDBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDI1MzAyWhcNMjUxMjEwMDI1MzAyWjAYMRYw
FAYDVQQDEw02NzZhMjIxMS04YzQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp0Y2C8+Y8EB6usbKP9BE411YGgoesQJaAalkZdkWU4DJvthNayxFU51U
fDgmeqcbXkqrL9qPIQI1Xd95Y9sbqOyuM0jKo5iOhnzK/IvQxd6f2HpvtasO9UEO
vkp9B/JHo9LVG4HQZUM8emcaguIaZzhoapaUthO/O3e2Q2PvTnrNbXJn0CqXe5Ed
+oPDu6HKuzTbc0AgcCauWlkKVjnZuGWuw/YN0/Pw7zFK9GM/HVT0V9UPJA8ukzAr
TGDJuUtTikcBxi/ky9fB1ZEbeRzZVPDGqjf/XOlY5IqTm5zhKwoICcTIPPX+TpQ9
eO626WZi/0Xld5+z+qGyGIfQi75jpQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHBD
R9BwJMwtmUMzC9exZ2f1STA1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMkU0OEVGQUMxQTIxMUVGOEJFREZCNUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlr8MA0GCSqGSIb3DQEB
CwUAA4IBAQCDwVLlDYOPkomBjzNUv+Y+8WfXf2gkFVnvKNYCirIDBZjLeS1mSb6d
m32AMPqXo1C6xAifth351yB0tf75iIi7KuMheOOJTYZzfc7mz1Fh0Dj0DMPuKKbY
tDuNnCG9Y9jkxKHpAxSSCediVdLJsXoiAOMtoqo5ch8Hxz9UHTPhO/nCCBZv8PCJ
oNWxFPgP2pUaCcq2IH+B/45rXCt87wcUcLFwmsCRV1n29HN7q/YkvBRCMEz44Zvg
7tE3ZsOl9gevcf49QiSU2oaPIGb7k7WOrfTFJ+s6Y6Gf1m4t+WPM5ujo+tMkQBEa
0xo95HHVLGwR4vd/a7V8rBAfot6RTkl9
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:58 2025 by rpki-client