Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/671E16D2BEDC11EFABB44D64762E951A.roa
File: 671E16D2BEDC11EFABB44D64762E951A.roa (raw, json)
Hash identifier: PBd2e4RycrKW3VBAdoCHxdnw6talWfRWvTiO+Ut9pzc=
Subject key identifier: D9:D2:BF:1A:83:F2:FC:9A:F5:AB:85:94:7D:4C:F8:6B:DF:8D:E8:BC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011D2E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/671E16D2BEDC11EFABB44D64762E951A.roa
Signing time: Fri 20 Dec 2024 14:12:10 +0000
ROA not before: Fri 20 Dec 2024 14:12:07 +0000
ROA not after: Wed 25 Jun 2025 14:12:07 +0000
asID: 395886
IP address blocks: 154.84.48.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73006 (0x11d2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 20 14:12:07 2024 GMT
Not After : Jun 25 14:12:07 2025 GMT
Subject: CN=67657b3a-7409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3a:c2:5e:a9:cf:be:36:64:ac:77:54:6f:db:
b5:76:a3:bb:ad:0a:9c:9a:75:df:8f:64:3d:87:ac:
5d:3c:cb:1c:7e:33:c3:b6:fd:5e:06:50:fc:4b:26:
b3:ca:c5:7c:11:7e:6f:30:f9:02:84:34:b5:2c:6f:
ae:dc:5c:2f:c5:a2:da:39:86:c9:00:04:25:3c:62:
fb:82:05:ce:87:40:29:66:f1:e8:c7:ff:f0:74:17:
e2:91:66:bd:99:3a:d6:8a:9f:e9:7c:c2:31:47:85:
19:ad:ce:b2:36:a3:2a:f1:cd:25:fd:fb:48:8c:eb:
dd:bd:3a:09:28:b9:78:94:1a:34:db:47:ef:12:2f:
50:9b:a0:05:f4:bb:e8:d3:fd:f5:27:c9:71:b6:17:
43:ec:f2:12:34:a7:02:d5:6f:5c:04:c4:ba:4f:cd:
0e:bd:12:2b:0b:81:26:2c:66:80:5b:e6:6b:1a:54:
ae:a4:f1:3e:71:66:b0:7b:50:20:d6:c6:13:2c:a0:
1c:20:49:f7:c2:b7:ec:2a:58:b1:3e:5c:6d:25:8f:
aa:29:3f:b4:00:67:2a:60:da:e5:9a:9e:25:96:28:
d8:f4:88:1e:da:af:dd:b5:b3:07:99:8c:2e:c3:b4:
f7:ee:95:c9:fe:03:4f:e4:34:86:43:5d:10:f0:17:
82:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D2:BF:1A:83:F2:FC:9A:F5:AB:85:94:7D:4C:F8:6B:DF:8D:E8:BC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/671E16D2BEDC11EFABB44D64762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.48.0/21
Signature Algorithm: sha256WithRSAEncryption
44:a6:0b:ef:e0:4b:f3:18:7a:a4:b8:bf:c5:48:10:0d:8b:fa:
6f:0a:fc:7c:63:dc:c0:ab:46:6c:2a:58:a0:99:58:2f:a7:4a:
aa:f4:d1:95:70:0b:5b:76:0b:4a:56:77:9e:39:7a:77:4c:2e:
c2:72:90:b7:8b:9e:0a:59:4b:ea:a1:a3:6d:0c:80:3c:5f:17:
0b:e7:c4:e4:b8:d7:29:d7:7d:2e:05:aa:3a:23:4f:6d:a2:9c:
75:ea:a5:2a:36:8a:71:23:ac:e1:31:a1:f3:d7:7b:67:f2:80:
1f:c4:f9:81:d5:10:2d:27:49:23:00:bf:ca:93:b0:05:ff:60:
5f:0e:35:93:b9:07:93:c6:5d:13:d0:bd:f1:74:06:3a:29:19:
0e:48:78:f3:cc:c8:18:5d:e7:8c:e6:ae:44:6d:54:f4:36:ad:
76:51:97:8e:a2:cf:e7:86:2d:22:6f:3d:e7:08:b6:53:49:59:
d4:79:7a:74:3f:66:64:b8:18:bb:8d:9d:b1:0d:04:0c:8d:36:
f0:4f:a6:33:7b:37:8f:78:de:e7:31:3d:6e:e7:20:02:07:d5:
c5:9a:f3:aa:b1:22:01:ce:ee:2f:ab:e1:d2:03:3f:95:5c:5e:
8d:92:6d:41:0b:65:3e:ac:6a:4f:82:0d:f1:87:4b:e7:6f:de:
7f:f0:d0:68
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR0uMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIwMTQxMjA3WhcNMjUwNjI1MTQxMjA3WjAYMRYw
FAYDVQQDEw02NzY1N2IzYS03NDA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzzrCXqnPvjZkrHdUb9u1dqO7rQqcmnXfj2Q9h6xdPMscfjPDtv1eBlD8
SyazysV8EX5vMPkChDS1LG+u3FwvxaLaOYbJAAQlPGL7ggXOh0ApZvHox//wdBfi
kWa9mTrWip/pfMIxR4UZrc6yNqMq8c0l/ftIjOvdvToJKLl4lBo020fvEi9Qm6AF
9Lvo0/31J8lxthdD7PISNKcC1W9cBMS6T80OvRIrC4EmLGaAW+ZrGlSupPE+cWaw
e1Ag1sYTLKAcIEn3wrfsKlixPlxtJY+qKT+0AGcqYNrlmp4llijY9Ige2q/dtbMH
mYwuw7T37pXJ/gNP5DSGQ10Q8BeCDQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNnS
vxqD8vya9auFlH1M+Gvfjei8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NzFFMTZEMkJFREMxMUVGQUJCNDRENjQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmlQwMA0GCSqGSIb3DQEB
CwUAA4IBAQBEpgvv4EvzGHqkuL/FSBANi/pvCvx8Y9zAq0ZsKligmVgvp0qq9NGV
cAtbdgtKVneeOXp3TC7CcpC3i54KWUvqoaNtDIA8XxcL58TkuNcp130uBao6I09t
opx16qUqNopxI6zhMaHz13tn8oAfxPmB1RAtJ0kjAL/Kk7AF/2BfDjWTuQeTxl0T
0L3xdAY6KRkOSHjzzMgYXeeM5q5EbVT0Nq12UZeOos/nhi0ibz3nCLZTSVnUeXp0
P2ZkuBi7jZ2xDQQMjTbwT6YzezePeN7nMT1u5yACB9XFmvOqsSIBzu4vq+HSAz+V
XF6Nkm1BC2U+rGpPgg3xh0vnb95/8NBo
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:35:43 2025 by rpki-client