Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/34DC8C20C5F911EFB3ACE27A762E951A.roa
File: 34DC8C20C5F911EFB3ACE27A762E951A.roa (raw, json)
Hash identifier: Fs8wxRFVsd8bI5pawR5s/wtA5AbGH+7Jyh0bntMShlw=
Subject key identifier: 1E:E8:C3:F3:AC:63:0F:C5:55:E0:50:51:DD:AD:BE:B1:AB:A3:72:51
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012E1C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/34DC8C20C5F911EFB3ACE27A762E951A.roa
Signing time: Sun 29 Dec 2024 15:26:00 +0000
ROA not before: Sun 29 Dec 2024 15:25:56 +0000
ROA not after: Fri 12 Dec 2025 15:25:56 +0000
asID: 984
IP address blocks: 154.213.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77340 (0x12e1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 15:25:56 2024 GMT
Not After : Dec 12 15:25:56 2025 GMT
Subject: CN=67716a08-8a58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:09:3b:34:f1:93:c3:25:43:08:f6:af:f5:ac:
25:8b:ed:2f:c9:4a:19:0e:8c:db:7d:3f:6b:4f:13:
98:8e:26:a7:90:13:be:ef:02:bc:f4:9f:a5:44:1d:
22:70:88:68:b1:d7:b8:75:79:45:e4:da:c1:0b:64:
a9:86:f8:92:ff:19:63:d3:4e:8e:54:1f:46:ba:53:
a2:dd:46:ee:39:a9:8e:fa:da:1c:92:1b:22:5c:44:
2e:8d:8e:f3:16:26:73:5c:a2:a2:25:7b:49:87:a5:
fc:89:ef:d0:36:9d:13:d7:c2:cd:4a:76:57:48:b7:
be:86:35:dc:28:92:4c:f1:d6:6f:4e:98:09:7b:81:
22:63:18:8f:54:fd:ff:bb:66:8b:e2:13:5a:6b:3c:
06:11:b8:e0:e1:9b:c6:94:f6:42:bb:c5:e8:61:34:
44:d1:f7:2c:a3:ba:ea:1e:eb:ca:6a:8a:1d:4d:7c:
af:14:89:db:13:6d:04:84:61:4a:6b:77:18:68:a9:
7a:94:ed:06:1d:71:c3:42:4e:5d:8d:e6:80:41:2b:
b8:ce:af:78:1a:72:e7:d7:8e:86:2d:f4:8c:38:88:
3c:81:1e:e8:b2:69:7f:51:78:f1:05:73:80:6c:e0:
f6:a5:fc:78:73:2c:e1:0d:2a:65:f9:d5:48:79:8c:
0e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:E8:C3:F3:AC:63:0F:C5:55:E0:50:51:DD:AD:BE:B1:AB:A3:72:51
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/34DC8C20C5F911EFB3ACE27A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.220.0/24
Signature Algorithm: sha256WithRSAEncryption
04:f9:9b:62:c7:14:7d:3e:84:9f:4a:f7:67:63:0b:c2:95:51:
ed:b6:c6:44:91:b2:76:c2:4d:9a:de:a3:59:4d:86:f8:5f:a3:
41:c7:ac:ff:20:d1:09:80:e5:96:d5:70:57:c2:72:0f:8c:9b:
86:1b:94:a9:36:d8:34:f2:9e:9a:d1:2a:b3:a2:0d:30:fb:84:
77:2e:ae:08:05:cc:32:20:91:dd:42:f0:56:1c:9a:1d:8d:46:
82:c6:8f:84:82:00:20:ea:79:cf:7f:8a:2b:59:e0:b0:a8:79:
10:28:b2:2f:f0:2d:58:8d:31:eb:2d:b9:2a:af:4f:da:10:10:
45:0f:fa:29:4b:ba:d5:7f:ff:a0:3d:8b:03:f5:e6:0d:98:59:
68:98:d5:35:40:db:63:20:be:2a:f8:c1:d1:97:1e:cf:ca:19:
50:eb:3e:41:f3:11:fe:a3:65:83:09:5b:28:60:1b:1d:da:50:
c1:3e:7d:49:85:65:01:d5:e4:94:27:48:a2:d3:f8:d1:75:a1:
d5:fc:fb:ea:48:77:6e:aa:92:c1:a9:72:a3:2b:12:8f:98:97:
44:f2:60:26:cf:21:4c:af:b0:66:82:33:51:d6:8a:6c:f2:6c:
5b:30:00:94:48:be:56:c8:e0:9d:f5:9b:a0:c1:6f:2b:45:5e:
c6:d4:7c:3b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS4cMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTUyNTU2WhcNMjUxMjEyMTUyNTU2WjAYMRYw
FAYDVQQDEw02NzcxNmEwOC04YTU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqwk7NPGTwyVDCPav9awli+0vyUoZDozbfT9rTxOYjiankBO+7wK89J+l
RB0icIhosde4dXlF5NrBC2SphviS/xlj006OVB9GulOi3UbuOamO+tockhsiXEQu
jY7zFiZzXKKiJXtJh6X8ie/QNp0T18LNSnZXSLe+hjXcKJJM8dZvTpgJe4EiYxiP
VP3/u2aL4hNaazwGEbjg4ZvGlPZCu8XoYTRE0fcso7rqHuvKaoodTXyvFInbE20E
hGFKa3cYaKl6lO0GHXHDQk5djeaAQSu4zq94GnLn146GLfSMOIg8gR7osml/UXjx
BXOAbOD2pfx4cyzhDSpl+dVIeYwOoQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFB7o
w/OsYw/FVeBQUd2tvrGro3JRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNERDOEMyMEM1RjkxMUVGQjNBQ0UyN0E3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtXcMA0GCSqGSIb3DQEB
CwUAA4IBAQAE+ZtixxR9PoSfSvdnYwvClVHttsZEkbJ2wk2a3qNZTYb4X6NBx6z/
INEJgOWW1XBXwnIPjJuGG5SpNtg08p6a0Sqzog0w+4R3Lq4IBcwyIJHdQvBWHJod
jUaCxo+EggAg6nnPf4orWeCwqHkQKLIv8C1YjTHrLbkqr0/aEBBFD/opS7rVf/+g
PYsD9eYNmFlomNU1QNtjIL4q+MHRlx7PyhlQ6z5B8xH+o2WDCVsoYBsd2lDBPn1J
hWUB1eSUJ0ii0/jRdaHV/PvqSHduqpLBqXKjKxKPmJdE8mAmzyFMr7BmgjNR1ops
8mxbMACUSL5WyOCd9ZugwW8rRV7G1Hw7
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:59:40 2025 by rpki-client