Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4556D7B6CDE911EFAC7C377C762E951A.roa
File: 4556D7B6CDE911EFAC7C377C762E951A.roa (raw, json)
Hash identifier: RajtOgRwMYspMRpxAZ5T9qWjfsLUSru+U9HTmUZnWMs=
Subject key identifier: B4:49:3C:53:A7:CD:54:A7:E7:14:0E:12:05:47:85:C2:17:2F:50:EE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0137FB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4556D7B6CDE911EFAC7C377C762E951A.roa
Signing time: Wed 08 Jan 2025 17:52:05 +0000
ROA not before: Wed 08 Jan 2025 17:52:01 +0000
ROA not after: Sat 03 Jan 2026 17:52:01 +0000
asID: 984
IP address blocks: 154.89.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79867 (0x137fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 17:52:01 2025 GMT
Not After : Jan 3 17:52:01 2026 GMT
Subject: CN=677ebb44-2dc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a8:4c:46:ca:d9:88:c7:fd:ae:c9:b1:2a:70:
b6:35:d6:a9:aa:f1:94:f0:dc:fc:52:08:39:54:f7:
fc:f6:90:29:8e:99:e5:4f:df:b4:0f:53:e4:16:ad:
dc:ac:05:60:a5:f8:28:85:55:70:5e:b7:65:bb:14:
99:8d:ec:85:b9:cf:3a:09:df:6e:3e:8b:7f:42:8d:
cf:7b:7b:32:d4:00:dd:c8:de:34:91:44:96:90:8e:
89:47:0c:19:4b:12:f7:88:81:de:5e:c9:02:dc:26:
9c:b7:02:3e:dd:45:08:4a:40:f9:ed:9d:4f:92:67:
01:0a:37:0c:c6:9a:71:45:98:31:0c:b7:6c:41:04:
60:55:a3:c2:a7:80:ad:57:19:5d:6a:eb:99:8b:04:
a6:41:9a:4e:06:94:fa:09:6d:9f:c2:69:ae:f1:7a:
d6:26:3a:5e:28:64:53:76:83:26:43:de:51:fd:ed:
10:1f:a0:7f:42:6c:c2:d3:c8:3f:77:0e:0b:cf:69:
cb:2d:d2:04:db:45:9d:4a:24:9b:19:f4:65:12:fb:
a1:91:d8:5d:01:48:83:c4:31:6b:be:84:12:3c:bd:
78:71:76:b3:b1:af:54:93:a6:2f:a6:c4:0d:b7:53:
3b:32:55:33:26:66:59:49:7e:a6:53:57:f2:f4:f3:
83:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:49:3C:53:A7:CD:54:A7:E7:14:0E:12:05:47:85:C2:17:2F:50:EE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4556D7B6CDE911EFAC7C377C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.204.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:ac:14:5b:2b:76:f4:d0:5b:d6:ed:c1:d5:fd:0d:a2:6e:f0:
e5:5d:c9:03:2e:01:f8:f1:42:6e:39:44:37:7a:02:ab:b7:81:
84:0b:c2:74:32:94:12:d8:14:45:42:c4:f0:56:cf:e6:91:08:
00:00:ec:26:c5:8f:12:9a:bf:45:bb:f7:9c:89:cd:ca:ba:13:
8d:e5:59:2e:b8:74:f7:23:d2:ce:9f:84:31:2d:df:75:63:90:
b4:0e:ed:c6:96:0f:99:37:ee:9b:d7:0d:15:78:3a:c6:3b:e7:
72:fc:1b:09:a5:01:77:82:dd:3b:8f:d7:c5:55:94:71:8e:af:
d0:f2:80:a9:8e:64:67:46:cc:0f:b0:8a:f7:a1:f9:9b:09:b7:
87:6b:20:c4:28:de:52:81:7f:7e:cd:19:42:dd:e1:bf:b5:ff:
34:6d:8f:7b:6b:a2:ce:03:ad:66:56:89:13:4e:45:84:37:df:
46:ee:fb:46:bd:a8:0a:bb:52:84:7a:fe:5d:ce:79:dd:33:e7:
82:f1:cf:b8:fd:6a:82:04:ff:72:17:9a:1b:77:81:6f:e7:5c:
59:a7:84:a2:09:72:29:2c:4f:9a:b1:e3:68:56:91:22:63:9a:
f2:29:3d:44:44:0c:0a:48:ff:85:3b:b3:ec:71:b7:3e:87:8e:
47:71:98:9f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATf7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTc1MjAxWhcNMjYwMTAzMTc1MjAxWjAYMRYw
FAYDVQQDEw02NzdlYmI0NC0yZGMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt6hMRsrZiMf9rsmxKnC2NdapqvGU8Nz8Ugg5VPf89pApjpnlT9+0D1Pk
Fq3crAVgpfgohVVwXrdluxSZjeyFuc86Cd9uPot/Qo3Pe3sy1ADdyN40kUSWkI6J
RwwZSxL3iIHeXskC3CactwI+3UUISkD57Z1PkmcBCjcMxppxRZgxDLdsQQRgVaPC
p4CtVxldauuZiwSmQZpOBpT6CW2fwmmu8XrWJjpeKGRTdoMmQ95R/e0QH6B/QmzC
08g/dw4Lz2nLLdIE20WdSiSbGfRlEvuhkdhdAUiDxDFrvoQSPL14cXazsa9Uk6Yv
psQNt1M7MlUzJmZZSX6mU1fy9PODgQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLRJ
PFOnzVSn5xQOEgVHhcIXL1DuMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NTU2RDdCNkNERTkxMUVGQUM3QzM3N0M3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlnMMA0GCSqGSIb3DQEB
CwUAA4IBAQB8rBRbK3b00FvW7cHV/Q2ibvDlXckDLgH48UJuOUQ3egKrt4GEC8J0
MpQS2BRFQsTwVs/mkQgAAOwmxY8Smr9Fu/ecic3KuhON5VkuuHT3I9LOn4QxLd91
Y5C0Du3Glg+ZN+6b1w0VeDrGO+dy/BsJpQF3gt07j9fFVZRxjq/Q8oCpjmRnRswP
sIr3ofmbCbeHayDEKN5SgX9+zRlC3eG/tf80bY97a6LOA61mVokTTkWEN99G7vtG
vagKu1KEev5dznndM+eC8c+4/WqCBP9yF5obd4Fv51xZp4SiCXIpLE+aseNoVpEi
Y5ryKT1ERAwKSP+FO7Pscbc+h45HcZif
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:08:06 2025 by rpki-client