Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6684CF08CDBF11EF9D3B5074762E951A.roa
File: 6684CF08CDBF11EF9D3B5074762E951A.roa (raw, json)
Hash identifier: 03kjVNiE2xr7ZP64N4MHk5v8JInCj/I8+7yZOkS4AoM=
Subject key identifier: 26:5C:B9:C3:7E:6C:5A:51:B1:70:5F:EC:85:A9:08:D8:67:52:96:2E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013704
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6684CF08CDBF11EF9D3B5074762E951A.roa
Signing time: Wed 08 Jan 2025 12:52:21 +0000
ROA not before: Wed 08 Jan 2025 12:52:18 +0000
ROA not after: Tue 16 Dec 2025 12:52:18 +0000
asID: 984
IP address blocks: 154.200.224.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79620 (0x13704)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 12:52:18 2025 GMT
Not After : Dec 16 12:52:18 2025 GMT
Subject: CN=677e7505-008c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:71:af:01:48:25:32:a5:67:5e:9c:2c:50:b2:
38:71:35:0e:6a:5b:c3:6a:5e:42:29:d5:57:90:fd:
26:f3:7d:31:58:59:89:1e:72:01:f0:b7:a4:7e:9e:
c4:c4:6c:8c:f3:02:c3:54:96:bc:ea:bb:22:10:e1:
f4:34:6d:68:91:2a:49:5c:02:ab:61:57:02:0c:15:
88:e5:57:74:10:10:f0:93:f3:b2:24:ee:0e:8d:71:
94:d6:57:81:e0:ee:63:c2:22:d1:08:0d:52:e0:02:
e9:45:d3:97:e5:cf:3a:04:ba:2a:9e:ac:02:c3:d4:
f6:2a:b2:9b:82:2b:08:35:b1:8e:21:ad:22:6e:9c:
44:8e:fd:5a:93:ae:84:88:c2:fa:93:cd:b8:3c:9b:
03:16:a9:46:1a:d3:81:6f:8c:3d:f3:08:e9:9b:8e:
b5:bd:57:c8:c5:07:85:98:4f:4e:b7:6b:d8:d1:4e:
30:b3:33:27:6b:bb:98:be:a4:82:62:17:34:d0:4e:
8d:83:e1:95:4b:b1:ed:16:e4:66:3a:83:04:9e:65:
b5:6b:b2:56:cc:6d:9a:55:18:63:18:d0:dc:55:4c:
f8:4a:0c:49:17:91:bd:12:14:5c:c5:35:51:57:a6:
98:2d:ef:35:c2:00:fd:46:2c:1b:b5:59:cb:4a:eb:
68:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:5C:B9:C3:7E:6C:5A:51:B1:70:5F:EC:85:A9:08:D8:67:52:96:2E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6684CF08CDBF11EF9D3B5074762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.224.0/24
Signature Algorithm: sha256WithRSAEncryption
79:d0:18:b7:8f:25:cf:da:b6:7c:57:86:de:cc:de:6c:3d:04:
6c:53:52:95:5b:e9:e5:e8:5f:1b:13:ec:2a:e7:42:ed:da:02:
14:70:f1:7d:0b:5d:38:07:3b:6e:59:41:a8:da:c1:09:f5:16:
a7:43:23:2d:a8:9a:b5:36:74:73:ff:2d:31:07:5e:b0:9e:95:
a9:02:0a:db:c4:6e:13:93:ee:3b:c8:8e:b5:f5:3d:6c:43:1b:
57:6c:5c:76:91:c6:c3:69:4c:5d:6c:a8:dc:eb:a7:2e:ed:7d:
d1:ec:a7:b8:5d:88:00:0e:02:b1:cb:6b:bd:1e:af:77:1e:06:
5e:8c:43:6f:b7:3d:5d:17:2c:75:36:55:4a:cb:7c:1d:98:23:
15:17:8b:ad:20:2b:27:63:d7:66:04:f8:4d:f8:3e:63:bf:dc:
e7:4b:08:12:8a:91:c1:28:af:3c:a7:e5:74:82:bf:18:56:1c:
9c:1c:e4:b6:b5:6f:83:ba:ad:dd:57:65:13:06:00:ac:f1:a5:
62:63:23:3a:31:68:5b:3b:9d:8c:2f:b3:b0:61:e5:1d:50:61:
42:1a:19:ed:0f:a3:90:52:a6:38:08:0a:6a:90:ac:1d:89:45:
c3:24:db:a4:d5:8e:8e:19:90:c9:00:a5:c5:8a:59:82:f9:15:
ed:d1:37:2a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATcEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTI1MjE4WhcNMjUxMjE2MTI1MjE4WjAYMRYw
FAYDVQQDEw02NzdlNzUwNS0wMDhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu3GvAUglMqVnXpwsULI4cTUOalvDal5CKdVXkP0m830xWFmJHnIB8Lek
fp7ExGyM8wLDVJa86rsiEOH0NG1okSpJXAKrYVcCDBWI5Vd0EBDwk/OyJO4OjXGU
1leB4O5jwiLRCA1S4ALpRdOX5c86BLoqnqwCw9T2KrKbgisINbGOIa0ibpxEjv1a
k66EiML6k824PJsDFqlGGtOBb4w98wjpm461vVfIxQeFmE9Ot2vY0U4wszMna7uY
vqSCYhc00E6Ng+GVS7HtFuRmOoMEnmW1a7JWzG2aVRhjGNDcVUz4SgxJF5G9EhRc
xTVRV6aYLe81wgD9RiwbtVnLSuto+QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCZc
ucN+bFpRsXBf7IWpCNhnUpYuMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82Njg0Q0YwOENEQkYxMUVGOUQzQjUwNzQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsjgMA0GCSqGSIb3DQEB
CwUAA4IBAQB50Bi3jyXP2rZ8V4bezN5sPQRsU1KVW+nl6F8bE+wq50Lt2gIUcPF9
C104BztuWUGo2sEJ9RanQyMtqJq1NnRz/y0xB16wnpWpAgrbxG4Tk+47yI619T1s
QxtXbFx2kcbDaUxdbKjc66cu7X3R7Ke4XYgADgKxy2u9Hq93HgZejENvtz1dFyx1
NlVKy3wdmCMVF4utICsnY9dmBPhN+D5jv9znSwgSipHBKK88p+V0gr8YVhycHOS2
tW+Duq3dV2UTBgCs8aViYyM6MWhbO52ML7OwYeUdUGFCGhntD6OQUqY4CApqkKwd
iUXDJNuk1Y6OGZDJAKXFilmC+RXt0Tcq
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:39 2025 by rpki-client