Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3F676970CDB611EFAC6286BA762E951A.roa
File: 3F676970CDB611EFAC6286BA762E951A.roa (raw, json)
Hash identifier: O2y/dozC+9gG/cRVb1JYbJN6eQawiccKeh7QuxCmtS4=
Subject key identifier: 22:76:00:9A:B4:A6:96:8C:EE:14:FF:58:FA:0F:8F:5B:59:51:44:0D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0136B8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3F676970CDB611EFAC6286BA762E951A.roa
Signing time: Wed 08 Jan 2025 11:46:50 +0000
ROA not before: Wed 08 Jan 2025 11:46:47 +0000
ROA not after: Tue 16 Dec 2025 11:46:47 +0000
asID: 984
IP address blocks: 154.200.164.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79544 (0x136b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 11:46:47 2025 GMT
Not After : Dec 16 11:46:47 2025 GMT
Subject: CN=677e65aa-d20f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:27:80:55:09:24:4d:42:b5:f3:df:b2:6d:46:
5d:b4:de:e3:7b:6a:2e:f0:fa:56:e2:b7:a8:f8:8c:
3f:ec:8b:02:d3:04:50:ea:d5:8b:e0:16:6e:b8:25:
84:c3:89:4d:ab:77:b0:e5:02:44:f2:da:20:29:21:
a0:0e:9b:d0:1f:ea:b5:a0:f1:9c:9c:06:4e:c2:7d:
c5:07:9f:4b:ba:34:24:a1:9f:76:47:80:f4:89:34:
ad:09:eb:65:f4:93:e0:db:16:5c:8c:27:b7:ec:81:
2e:7f:4e:7e:0e:fa:95:12:92:c0:10:06:5b:2d:61:
6a:3a:73:59:a8:a4:e3:21:30:d5:b1:96:2b:b1:07:
30:ac:30:08:f1:0e:61:7b:1f:3e:0f:05:1f:35:26:
bf:06:32:8d:79:59:18:5b:cb:ad:a0:75:df:96:48:
6d:f8:21:16:18:54:c7:8f:8f:d1:3b:4e:65:76:ba:
2b:2f:55:c6:e3:3f:45:17:4b:20:95:17:d5:9a:36:
63:6b:9c:1b:c5:3e:cf:cb:7b:ad:c9:81:91:b0:18:
bc:16:41:0d:cd:ef:4e:b7:bb:44:5b:b6:d0:7f:54:
94:6b:44:eb:7d:6f:7e:c5:93:cb:b3:f8:5a:7a:82:
48:9e:ff:04:05:cf:42:e6:55:f3:97:e7:1d:c9:33:
75:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:76:00:9A:B4:A6:96:8C:EE:14:FF:58:FA:0F:8F:5B:59:51:44:0D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3F676970CDB611EFAC6286BA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.164.0/24
Signature Algorithm: sha256WithRSAEncryption
54:50:ce:ad:59:08:bd:b6:dc:e5:e6:b1:dc:02:59:80:bc:4e:
11:3a:90:61:4a:57:f2:e3:f0:f6:e4:f8:fb:1b:c1:d4:05:b4:
59:f7:9c:8c:55:14:25:9e:43:65:f8:53:c6:c0:cc:0a:2a:6b:
7c:93:53:30:26:6d:9f:a8:dd:ff:88:21:80:3a:df:f5:14:5b:
6b:67:7e:36:88:31:73:e8:25:f6:01:1b:5a:fb:3e:32:bc:31:
f1:17:bf:5c:f5:ae:7f:b7:e0:8e:3c:e5:13:c9:91:fa:83:01:
07:6d:64:94:79:59:78:6e:59:34:19:b4:06:2d:58:3d:d4:05:
ae:8d:6b:22:e8:37:4d:17:c2:82:b2:f1:31:46:3d:1c:06:98:
09:1f:0f:f9:f5:23:ca:c6:6c:02:cd:2e:55:3c:48:f9:45:57:
6a:dc:0a:d0:a3:4e:17:18:b9:44:eb:d2:71:00:5d:af:13:7c:
81:75:0a:a9:2f:44:20:e7:c9:b0:b5:5a:7a:7e:b2:e0:8b:c7:
32:5b:31:29:10:4d:f2:cf:59:c5:65:30:0b:d6:2c:14:05:96:
c1:e5:1f:9e:7d:78:01:c7:26:c8:b5:46:1e:bb:d9:56:74:b1:
95:d1:4f:e6:c8:a9:86:bf:db:2d:ae:0e:79:94:ce:2c:81:f8:
b7:40:30:69
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATa4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTE0NjQ3WhcNMjUxMjE2MTE0NjQ3WjAYMRYw
FAYDVQQDEw02NzdlNjVhYS1kMjBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsieAVQkkTUK189+ybUZdtN7je2ou8PpW4reo+Iw/7IsC0wRQ6tWL4BZu
uCWEw4lNq3ew5QJE8togKSGgDpvQH+q1oPGcnAZOwn3FB59LujQkoZ92R4D0iTSt
Cetl9JPg2xZcjCe37IEuf05+DvqVEpLAEAZbLWFqOnNZqKTjITDVsZYrsQcwrDAI
8Q5hex8+DwUfNSa/BjKNeVkYW8utoHXflkht+CEWGFTHj4/RO05ldrorL1XG4z9F
F0sglRfVmjZja5wbxT7Py3utyYGRsBi8FkENze9Ot7tEW7bQf1SUa0TrfW9+xZPL
s/haeoJInv8EBc9C5lXzl+cdyTN1/wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCJ2
AJq0ppaM7hT/WPoPj1tZUUQNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRjY3Njk3MENEQjYxMUVGQUM2Mjg2QkE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsikMA0GCSqGSIb3DQEB
CwUAA4IBAQBUUM6tWQi9ttzl5rHcAlmAvE4ROpBhSlfy4/D25Pj7G8HUBbRZ95yM
VRQlnkNl+FPGwMwKKmt8k1MwJm2fqN3/iCGAOt/1FFtrZ342iDFz6CX2ARta+z4y
vDHxF79c9a5/t+COPOUTyZH6gwEHbWSUeVl4blk0GbQGLVg91AWujWsi6DdNF8KC
svExRj0cBpgJHw/59SPKxmwCzS5VPEj5RVdq3ArQo04XGLlE69JxAF2vE3yBdQqp
L0Qg58mwtVp6frLgi8cyWzEpEE3yz1nFZTAL1iwUBZbB5R+efXgBxybItUYeu9lW
dLGV0U/myKmGv9strg55lM4sgfi3QDBp
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:49:55 2025 by rpki-client