Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/72B8257CC0D111EF866BF9B0762E951A.roa
File: 72B8257CC0D111EF866BF9B0762E951A.roa (raw, json)
Hash identifier: 0dLFoaH8Kztxa9cNKdsXMqz2jFdk1GYY2HGIcycz8PU=
Subject key identifier: D1:44:94:8D:D3:52:E5:23:3A:F6:73:39:C5:AE:9D:AA:25:F2:5E:63
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011E3A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/72B8257CC0D111EF866BF9B0762E951A.roa
Signing time: Mon 23 Dec 2024 01:58:48 +0000
ROA not before: Mon 23 Dec 2024 01:58:44 +0000
ROA not after: Wed 10 Dec 2025 01:58:44 +0000
asID: 984
IP address blocks: 154.83.105.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73274 (0x11e3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 01:58:44 2024 GMT
Not After : Dec 10 01:58:44 2025 GMT
Subject: CN=6768c3d8-af7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bd:2e:bb:1f:20:0e:67:16:d2:83:f6:d8:db:
bf:69:ca:62:f4:95:e7:7e:e8:aa:6d:ad:c1:20:24:
f1:36:e7:da:02:d7:d1:0f:94:7b:aa:65:3d:32:2d:
b6:9a:6c:f0:cd:cd:79:bf:5c:9b:78:5b:ce:62:63:
09:d1:2c:0d:c0:0b:7b:0c:54:e0:c1:89:9a:2b:65:
7f:fa:66:fc:5c:49:bf:07:56:a2:62:4b:63:8c:8c:
25:35:c4:fd:d2:54:c8:b3:7a:e4:42:a8:54:77:1e:
a5:8c:81:d5:eb:d9:a2:58:f9:1c:38:7a:71:50:5a:
0c:f1:eb:5d:c3:cf:e5:55:bf:a7:30:c8:6e:40:fa:
ce:89:e6:f3:cb:74:61:25:4c:19:0d:3b:32:cd:5b:
8d:02:a4:0d:39:19:f6:10:02:56:fd:b0:ba:21:7a:
37:41:da:bc:1d:79:19:4d:20:a8:24:b5:85:75:ce:
7c:c6:06:cd:a0:80:91:ee:2a:a3:d5:53:ea:eb:82:
87:12:00:0a:41:77:7d:25:6f:46:aa:2b:cf:58:39:
2e:f6:cf:b9:61:85:56:d2:e0:51:01:ea:ab:5e:f1:
dd:88:68:42:78:01:66:ae:33:8c:93:d7:b5:a8:f2:
bb:9d:1d:df:0d:be:31:31:5e:26:54:0d:e3:52:bb:
f9:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:44:94:8D:D3:52:E5:23:3A:F6:73:39:C5:AE:9D:AA:25:F2:5E:63
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/72B8257CC0D111EF866BF9B0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.105.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:07:44:89:40:ce:12:e7:55:77:4b:5b:a1:92:58:11:8d:bb:
6a:9b:ae:18:9a:1e:9a:08:02:c5:83:08:9b:33:8d:74:06:a0:
d9:3d:8c:57:8f:ac:3b:98:34:bf:00:93:6b:99:83:65:06:65:
1e:a0:62:e0:f1:c5:ca:69:86:aa:ec:db:3c:c3:61:64:2d:96:
ae:c9:70:e3:3b:dc:83:e3:22:dd:25:f7:5f:1f:5b:99:ff:f1:
31:12:03:b6:58:74:54:08:fc:8d:7e:b7:2b:e5:6b:02:53:87:
3a:b0:58:1b:05:24:32:93:b8:cd:2a:f3:cb:45:c8:b3:04:59:
cc:7f:67:62:db:48:96:14:b6:9b:d5:89:b9:4c:e6:18:9b:5e:
19:00:3e:a1:08:25:1a:c4:5a:ed:a7:18:cc:6f:1c:74:a0:16:
6f:41:9c:65:ee:e6:ac:8b:0b:e8:ab:58:60:36:a4:77:99:3c:
90:47:71:4a:1b:74:e5:3c:3a:a3:6d:ec:d5:d6:1a:76:08:4d:
96:4f:47:ec:16:1b:cb:77:19:66:e5:5d:9c:84:4c:47:07:bc:
02:60:b1:e5:3f:21:92:71:0c:16:23:39:bd:84:e7:5e:1b:27:
93:5f:0a:f4:f7:7d:ef:d3:57:a6:a3:10:03:f9:f2:25:94:5b:
ba:37:c4:6d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR46MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDE1ODQ0WhcNMjUxMjEwMDE1ODQ0WjAYMRYw
FAYDVQQDEw02NzY4YzNkOC1hZjdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv70uux8gDmcW0oP22Nu/acpi9JXnfuiqba3BICTxNufaAtfRD5R7qmU9
Mi22mmzwzc15v1ybeFvOYmMJ0SwNwAt7DFTgwYmaK2V/+mb8XEm/B1aiYktjjIwl
NcT90lTIs3rkQqhUdx6ljIHV69miWPkcOHpxUFoM8etdw8/lVb+nMMhuQPrOiebz
y3RhJUwZDTsyzVuNAqQNORn2EAJW/bC6IXo3Qdq8HXkZTSCoJLWFdc58xgbNoICR
7iqj1VPq64KHEgAKQXd9JW9GqivPWDku9s+5YYVW0uBRAeqrXvHdiGhCeAFmrjOM
k9e1qPK7nR3fDb4xMV4mVA3jUrv5NQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNFE
lI3TUuUjOvZzOcWunaol8l5jMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MkI4MjU3Q0MwRDExMUVGODY2QkY5QjA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlNpMA0GCSqGSIb3DQEB
CwUAA4IBAQBaB0SJQM4S51V3S1uhklgRjbtqm64Ymh6aCALFgwibM410BqDZPYxX
j6w7mDS/AJNrmYNlBmUeoGLg8cXKaYaq7Ns8w2FkLZauyXDjO9yD4yLdJfdfH1uZ
//ExEgO2WHRUCPyNfrcr5WsCU4c6sFgbBSQyk7jNKvPLRcizBFnMf2di20iWFLab
1Ym5TOYYm14ZAD6hCCUaxFrtpxjMbxx0oBZvQZxl7uasiwvoq1hgNqR3mTyQR3FK
G3TlPDqjbezV1hp2CE2WT0fsFhvLdxlm5V2chExHB7wCYLHlPyGScQwWIzm9hOde
GyeTXwr0933v01emoxAD+fIllFu6N8Rt
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:12:52 2025 by rpki-client