Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4968DA94F43F11EFBE5FBB40762E951A.roa
File: 4968DA94F43F11EFBE5FBB40762E951A.roa (raw, json)
Hash identifier: UGSmXGVXZJbczGQDAJXQw07C1MvCoEQuXE3LFISPS8M=
Subject key identifier: 41:02:C4:AF:7E:98:13:F7:03:57:E0:E3:D5:DE:60:EA:00:DA:9F:CB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016340
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4968DA94F43F11EFBE5FBB40762E951A.roa
Signing time: Wed 26 Feb 2025 12:43:32 +0000
ROA not before: Wed 26 Feb 2025 12:43:28 +0000
ROA not after: Thu 19 Feb 2026 12:43:28 +0000
asID: 984
IP address blocks: 154.208.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90944 (0x16340)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 12:43:28 2025 GMT
Not After : Feb 19 12:43:28 2026 GMT
Subject: CN=67bf0c74-a0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:00:af:33:aa:8c:77:27:e9:af:4f:76:3b:1c:
59:ce:ef:77:8f:07:88:ea:37:8c:67:23:e3:3d:c1:
0e:61:1e:8c:14:c7:16:8a:b8:a0:34:a3:bb:85:48:
70:f3:79:af:b0:e6:e5:d7:59:f6:20:ca:c2:2a:2a:
a8:a5:3a:5a:10:d8:94:5e:31:e5:66:66:c1:7c:80:
55:55:ad:d4:05:62:bb:fa:94:7f:26:d1:ee:65:2e:
8b:d0:77:73:91:07:2e:ad:e4:7b:4c:77:47:ff:7a:
5e:e9:86:fb:85:a0:dc:7e:31:2e:58:c3:b6:98:05:
cd:18:e3:ca:bb:df:4f:fa:53:f4:7d:5f:4b:27:4d:
c2:3d:a7:b0:62:f1:7c:12:9a:12:ef:7b:27:4a:97:
a0:aa:3e:a1:4c:de:42:2f:d8:6e:30:69:c9:f0:32:
37:28:31:51:36:96:e8:0d:33:c9:26:36:07:70:e4:
f7:bd:b8:5a:2e:8f:57:22:5b:5c:b7:f8:f1:9d:7d:
ef:c4:0d:bb:9e:75:2c:8d:2b:b2:c1:03:45:fa:64:
eb:16:7c:bb:b5:47:9c:53:b9:d3:95:41:01:d6:02:
0e:2a:69:af:ef:30:31:36:7c:da:be:5c:1c:c4:fe:
a1:c5:92:f4:15:5b:39:67:99:54:f9:72:54:c8:b3:
61:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:02:C4:AF:7E:98:13:F7:03:57:E0:E3:D5:DE:60:EA:00:DA:9F:CB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4968DA94F43F11EFBE5FBB40762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.127.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:bc:b6:15:21:66:82:b0:06:4e:6e:c0:67:c6:c3:18:a8:96:
c3:57:6a:38:42:92:6b:9e:d5:2e:87:31:dc:34:1a:64:87:d4:
a1:1e:7b:57:40:93:d1:72:ca:49:98:cb:c1:22:63:53:22:11:
47:e2:e1:d0:16:45:a3:68:89:ad:19:4e:88:50:70:13:b9:5d:
ee:9f:af:ad:7b:7b:d9:08:a2:2c:a2:cc:17:13:ed:39:36:71:
ee:86:21:2d:90:81:da:6b:f5:58:19:ba:13:0e:7f:e0:b9:30:
ff:b3:d3:5c:00:c2:c9:54:a5:d8:d3:04:e0:b3:ec:95:9d:14:
d8:fe:e0:25:d3:19:db:96:15:1e:4f:bb:19:d7:c3:a3:06:28:
7b:dc:b2:de:ef:cb:ed:1d:58:46:fe:f8:7c:2f:55:70:76:ec:
43:74:55:93:d5:87:d4:7c:56:1a:8f:94:f7:6d:09:ee:49:81:
c7:fe:f3:62:b3:4d:ad:8e:2b:35:ec:07:b0:9a:b8:d3:9d:09:
21:e1:42:db:25:01:6a:ef:a1:a5:57:78:67:9f:85:d8:f1:95:
59:9f:d4:bf:a5:ca:32:eb:d1:6e:7a:fe:88:1c:5e:dd:da:79:
19:0c:3c:38:1a:4b:f8:cc:88:e9:6d:96:7c:99:45:bd:67:13:
09:5c:3d:3e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWNAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTI0MzI4WhcNMjYwMjE5MTI0MzI4WjAYMRYw
FAYDVQQDEw02N2JmMGM3NC1hMGZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtACvM6qMdyfpr092OxxZzu93jweI6jeMZyPjPcEOYR6MFMcWirigNKO7
hUhw83mvsObl11n2IMrCKiqopTpaENiUXjHlZmbBfIBVVa3UBWK7+pR/JtHuZS6L
0HdzkQcureR7THdH/3pe6Yb7haDcfjEuWMO2mAXNGOPKu99P+lP0fV9LJ03CPaew
YvF8EpoS73snSpegqj6hTN5CL9huMGnJ8DI3KDFRNpboDTPJJjYHcOT3vbhaLo9X
Iltct/jxnX3vxA27nnUsjSuywQNF+mTrFny7tUecU7nTlUEB1gIOKmmv7zAxNnza
vlwcxP6hxZL0FVs5Z5lU+XJUyLNhTwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEEC
xK9+mBP3A1fg49XeYOoA2p/LMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80OTY4REE5NEY0M0YxMUVGQkU1RkJCNDA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtB/MA0GCSqGSIb3DQEB
CwUAA4IBAQCovLYVIWaCsAZObsBnxsMYqJbDV2o4QpJrntUuhzHcNBpkh9ShHntX
QJPRcspJmMvBImNTIhFH4uHQFkWjaImtGU6IUHATuV3un6+te3vZCKIsoswXE+05
NnHuhiEtkIHaa/VYGboTDn/guTD/s9NcAMLJVKXY0wTgs+yVnRTY/uAl0xnblhUe
T7sZ18OjBih73LLe78vtHVhG/vh8L1VwduxDdFWT1YfUfFYaj5T3bQnuSYHH/vNi
s02tjis17AewmrjTnQkh4ULbJQFq76GlV3hnn4XY8ZVZn9S/pcoy69Fuev6IHF7d
2nkZDDw4Gkv4zIjpbZZ8mUW9ZxMJXD0+
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:08:05 2025 by rpki-client