Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/675FEF7CE06911EFA7315985762E951A.roa
File: 675FEF7CE06911EFA7315985762E951A.roa (raw, json)
Hash identifier: XNd3MC88eLd65uvdkJunyjsLD4nx8HBj3gguVBBRgeY=
Subject key identifier: 04:42:57:53:FF:77:1B:BA:F4:5F:4D:6C:D7:E4:17:E3:6E:4C:58:C7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014E82
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/675FEF7CE06911EFA7315985762E951A.roa
Signing time: Sat 01 Feb 2025 06:54:38 +0000
ROA not before: Sat 01 Feb 2025 06:54:34 +0000
ROA not after: Sat 03 Jan 2026 06:54:34 +0000
asID: 40065
IP address blocks: 154.84.2.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85634 (0x14e82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 1 06:54:34 2025 GMT
Not After : Jan 3 06:54:34 2026 GMT
Subject: CN=679dc52e-26da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5c:48:8b:7d:a7:12:e8:d6:c0:7a:40:12:16:
c5:40:d4:92:f4:98:8a:30:99:38:58:21:a7:37:a7:
64:fd:60:e5:e4:d3:17:60:60:22:22:f6:ac:de:fa:
85:f6:ba:50:6f:33:df:7a:11:09:15:7c:94:1e:87:
1c:08:3d:47:7c:e6:91:8c:63:f2:d3:4d:fa:b0:d6:
1f:71:75:62:ba:52:bb:09:11:78:78:00:ad:c9:0a:
d1:67:c9:47:22:29:6d:95:92:a2:45:e8:ca:86:6c:
be:50:11:7a:e8:47:08:75:20:fc:33:70:fc:d7:3c:
6a:3b:93:b9:99:3c:87:a7:ea:59:69:5b:e2:23:ba:
f1:00:c5:d0:5d:f0:22:76:fa:de:c5:93:b5:56:c7:
0a:02:7c:1e:25:5d:0b:bf:8b:34:15:eb:43:19:f3:
fe:b5:b1:e5:4f:6e:c2:73:b0:37:0b:65:3b:8e:1a:
69:ee:ae:5b:df:86:94:91:15:51:a4:56:ec:94:4f:
f9:cb:c1:e6:45:ff:70:70:05:5f:ab:81:d8:ab:0f:
57:71:d9:e9:9b:38:2f:0b:55:50:e6:98:79:d5:ce:
eb:fe:8f:dc:07:73:8c:c7:0b:40:42:fd:98:7f:a9:
b8:ed:8e:b1:5b:b4:cf:00:4c:e6:e8:04:ea:bf:fd:
51:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:42:57:53:FF:77:1B:BA:F4:5F:4D:6C:D7:E4:17:E3:6E:4C:58:C7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/675FEF7CE06911EFA7315985762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.2.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:73:c6:a5:bb:97:e3:b9:b9:31:1d:4e:f8:9d:c8:c0:cb:0e:
25:7a:e2:05:a6:c0:3b:99:ee:b6:ba:60:61:b3:f6:90:a5:f6:
77:33:19:c7:9d:e5:40:f2:67:d3:58:cd:ca:eb:63:a5:4e:09:
dc:85:10:46:3e:6e:fe:2c:36:01:14:b3:37:fc:e5:77:3b:3a:
a7:ac:73:6a:81:4f:36:74:52:25:24:a6:3c:5a:b7:35:e5:26:
5d:bd:d4:95:c3:4f:14:98:b4:c1:8d:ef:5b:73:d0:e7:10:99:
d7:bf:aa:4b:ef:1e:79:1d:e7:f3:0d:3e:4b:f9:cb:fa:96:4f:
84:33:cb:cd:79:0f:91:dd:84:1d:2e:2b:5d:e3:8e:e2:83:cf:
18:24:a9:99:7a:36:07:a2:e8:70:9e:da:6d:ea:ca:b2:52:3e:
b9:67:5d:27:7a:57:1c:e2:78:ef:51:f1:30:62:41:f4:fd:fb:
f4:b7:66:14:5a:23:1e:32:79:85:7c:d5:78:36:7a:60:f9:74:
ec:10:c6:dc:20:f8:9d:ea:43:f2:06:c3:7c:71:ad:82:38:f9:
64:6c:56:7e:1c:f4:5c:ad:49:4f:44:a1:36:e2:15:9d:77:1d:
62:60:bb:70:ee:64:3d:b3:34:3f:97:51:c8:50:4f:fe:37:06:
30:84:bd:b1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAU6CMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjAxMDY1NDM0WhcNMjYwMTAzMDY1NDM0WjAYMRYw
FAYDVQQDEw02NzlkYzUyZS0yNmRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuVxIi32nEujWwHpAEhbFQNSS9JiKMJk4WCGnN6dk/WDl5NMXYGAiIvas
3vqF9rpQbzPfehEJFXyUHoccCD1HfOaRjGPy0036sNYfcXViulK7CRF4eACtyQrR
Z8lHIiltlZKiRejKhmy+UBF66EcIdSD8M3D81zxqO5O5mTyHp+pZaVviI7rxAMXQ
XfAidvrexZO1VscKAnweJV0Lv4s0FetDGfP+tbHlT27Cc7A3C2U7jhpp7q5b34aU
kRVRpFbslE/5y8HmRf9wcAVfq4HYqw9XcdnpmzgvC1VQ5ph51c7r/o/cB3OMxwtA
Qv2Yf6m47Y6xW7TPAEzm6ATqv/1RJQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFARC
V1P/dxu69F9NbNfkF+NuTFjHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NzVGRUY3Q0UwNjkxMUVGQTczMTU5ODU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlQCMA0GCSqGSIb3DQEB
CwUAA4IBAQBvc8alu5fjubkxHU74ncjAyw4leuIFpsA7me62umBhs/aQpfZ3MxnH
neVA8mfTWM3K62OlTgnchRBGPm7+LDYBFLM3/OV3OzqnrHNqgU82dFIlJKY8Wrc1
5SZdvdSVw08UmLTBje9bc9DnEJnXv6pL7x55HefzDT5L+cv6lk+EM8vNeQ+R3YQd
Litd447ig88YJKmZejYHouhwntpt6sqyUj65Z10nelcc4njvUfEwYkH0/fv0t2YU
WiMeMnmFfNV4Nnpg+XTsEMbcIPid6kPyBsN8ca2COPlkbFZ+HPRcrUlPRKE24hWd
dx1iYLtw7mQ9szQ/l1HIUE/+NwYwhL2x
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:44 2025 by rpki-client