Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/76C42A68CDE111EFA14BD74C762E951A.roa
File: 76C42A68CDE111EFA14BD74C762E951A.roa (raw, json)
Hash identifier: Hj63RJNyVHzfEhd2fXJ4T8tHCKsdkcR1kY+DUfBVUWE=
Subject key identifier: AA:5D:EF:22:71:3B:A0:A0:1A:D7:84:73:EC:7F:89:0E:3A:A4:4B:91
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0137C3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/76C42A68CDE111EFA14BD74C762E951A.roa
Signing time: Wed 08 Jan 2025 16:56:12 +0000
ROA not before: Wed 08 Jan 2025 16:56:08 +0000
ROA not after: Sat 03 Jan 2026 16:56:08 +0000
asID: 984
IP address blocks: 154.89.176.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79811 (0x137c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 16:56:08 2025 GMT
Not After : Jan 3 16:56:08 2026 GMT
Subject: CN=677eae2b-d0da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:16:b0:4e:c9:9b:f9:9d:4d:ea:ea:65:77:fc:
f2:83:0c:10:8a:18:f3:11:e2:22:56:20:3d:bd:41:
87:ab:56:2d:c1:38:79:5b:86:ea:1c:e3:0c:84:47:
b0:92:02:12:95:7e:bf:3e:d2:d5:29:74:36:9d:b2:
c3:ce:9d:6c:31:f0:de:38:b3:15:39:ad:20:9e:d9:
1e:43:90:68:2b:b9:c8:c2:47:6b:04:46:26:cd:44:
db:55:b9:a6:09:b5:50:e5:d1:4a:10:95:d2:39:e4:
81:f0:b0:02:51:da:43:06:eb:5d:fa:3b:8e:0c:a2:
af:5f:e8:aa:6c:1b:aa:81:21:d2:ce:15:03:74:13:
78:dc:94:e5:4b:4b:d4:0b:fc:81:27:16:a7:0a:ba:
50:98:27:cd:55:c5:fc:21:3e:bb:28:d5:9a:aa:f8:
14:27:7c:4f:09:18:7b:b4:9f:7e:16:ee:59:e4:2c:
c4:3b:3b:58:eb:5a:db:16:5d:13:5a:70:30:7b:5f:
4c:dd:8a:51:c3:eb:5c:aa:a3:37:14:58:0d:2d:95:
c3:c0:19:74:9d:2b:39:a6:59:e1:d5:a6:6c:94:20:
08:17:a6:3f:cc:1b:2a:ba:c0:2c:c1:21:e2:d2:51:
67:f3:0c:8b:49:8b:0f:d0:16:37:3f:d8:2e:ff:a4:
02:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:5D:EF:22:71:3B:A0:A0:1A:D7:84:73:EC:7F:89:0E:3A:A4:4B:91
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/76C42A68CDE111EFA14BD74C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.176.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:27:da:ad:d8:24:5f:84:a7:75:a6:49:f0:29:ec:a3:d5:2c:
75:57:97:4e:72:e5:69:16:82:a7:0b:db:49:e8:39:9d:b3:dd:
c6:d8:ef:28:e8:e5:8b:a5:c7:90:d5:15:09:d4:55:d0:7d:79:
a1:5f:1b:97:0a:08:2a:04:6d:7d:62:7f:88:19:b8:aa:ac:27:
a3:d0:5d:e5:98:32:e5:8f:3c:9c:e9:d1:56:04:a5:bc:79:94:
ac:db:a5:b1:e5:5e:ab:63:a0:db:88:04:77:ee:da:69:0b:99:
2d:87:2a:20:2f:00:fa:c9:3e:a1:ff:4e:3e:38:b7:ab:fa:df:
cb:ff:71:ce:19:8f:11:a4:bc:df:01:b0:cb:dd:2b:5f:41:22:
8f:b1:c6:0d:9f:fa:05:2b:bc:87:17:bc:ad:43:be:4b:a6:85:
ad:fc:02:94:b7:69:ec:a2:07:a7:e6:54:c4:e7:b7:60:3b:57:
e4:16:f1:c0:cb:a2:b8:84:f9:b3:2c:4c:92:a2:c8:a7:e3:96:
cb:5c:e1:63:04:69:69:f5:92:3b:0e:b6:cc:5a:e0:f2:c9:71:
10:e2:9d:04:9b:81:87:c1:b6:6f:c7:e0:7b:47:cc:8e:04:ee:
40:6b:46:0f:05:39:a4:4c:76:24:1e:ef:ac:81:78:c8:40:65:
5f:9e:f9:a4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATfDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTY1NjA4WhcNMjYwMTAzMTY1NjA4WjAYMRYw
FAYDVQQDEw02NzdlYWUyYi1kMGRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvBawTsmb+Z1N6upld/zygwwQihjzEeIiViA9vUGHq1YtwTh5W4bqHOMM
hEewkgISlX6/PtLVKXQ2nbLDzp1sMfDeOLMVOa0gntkeQ5BoK7nIwkdrBEYmzUTb
VbmmCbVQ5dFKEJXSOeSB8LACUdpDButd+juODKKvX+iqbBuqgSHSzhUDdBN43JTl
S0vUC/yBJxanCrpQmCfNVcX8IT67KNWaqvgUJ3xPCRh7tJ9+Fu5Z5CzEOztY61rb
Fl0TWnAwe19M3YpRw+tcqqM3FFgNLZXDwBl0nSs5plnh1aZslCAIF6Y/zBsqusAs
wSHi0lFn8wyLSYsP0BY3P9gu/6QCEwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKpd
7yJxO6CgGteEc+x/iQ46pEuRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NkM0MkE2OENERTExMUVGQTE0QkQ3NEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlmwMA0GCSqGSIb3DQEB
CwUAA4IBAQBcJ9qt2CRfhKd1pknwKeyj1Sx1V5dOcuVpFoKnC9tJ6Dmds93G2O8o
6OWLpceQ1RUJ1FXQfXmhXxuXCggqBG19Yn+IGbiqrCej0F3lmDLljzyc6dFWBKW8
eZSs26Wx5V6rY6DbiAR37tppC5kthyogLwD6yT6h/04+OLer+t/L/3HOGY8RpLzf
AbDL3StfQSKPscYNn/oFK7yHF7ytQ75LpoWt/AKUt2nsogen5lTE57dgO1fkFvHA
y6K4hPmzLEySosin45bLXOFjBGlp9ZI7DrbMWuDyyXEQ4p0Em4GHwbZvx+B7R8yO
BO5Aa0YPBTmkTHYkHu+sgXjIQGVfnvmk
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:48 2025 by rpki-client