Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/798DCCCCFF1411EF95967E87762E951A.roa
File: 798DCCCCFF1411EF95967E87762E951A.roa (raw, json)
Hash identifier: rIpB9euBxYJ/6R3h8N0eB9/SWtC4zLCNA3hpvjPfRVk=
Subject key identifier: 21:EE:72:D0:23:BB:38:4B:4B:DB:0C:14:54:30:C7:74:7C:08:68:3C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017397
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/798DCCCCFF1411EF95967E87762E951A.roa
Signing time: Wed 12 Mar 2025 07:34:48 +0000
ROA not before: Wed 12 Mar 2025 07:34:44 +0000
ROA not after: Thu 12 Jun 2025 07:34:44 +0000
asID: 398823
IP address blocks: 154.199.208.0/20 maxlen: 24
154.199.224.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95127 (0x17397)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 12 07:34:44 2025 GMT
Not After : Jun 12 07:34:44 2025 GMT
Subject: CN=67d13917-eea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:59:60:46:ee:53:cf:0e:cd:b4:15:78:9a:cb:
27:05:7d:b0:c7:c8:b3:08:2c:10:54:1f:d2:56:60:
d1:ed:73:00:1d:1a:65:24:5c:17:23:bf:6d:1a:0d:
9c:44:24:b8:4e:9c:1b:b5:2b:4f:ba:c4:af:bb:ef:
0c:57:8b:92:57:d8:f5:26:42:21:75:0e:9b:c3:9b:
b9:76:7d:71:44:28:61:b4:d8:0e:e7:84:6d:62:be:
9a:ce:35:c0:c5:33:b7:f1:9c:bd:c3:ff:f4:09:40:
0c:b7:72:03:df:53:ce:02:db:1f:76:dc:32:2f:d1:
11:81:4f:03:0d:07:ac:6f:59:af:9a:54:a1:a6:9d:
29:a6:96:c4:f0:8d:22:a6:f9:10:0b:0e:3e:75:c1:
6b:65:92:cc:9b:f9:19:0f:50:46:c6:13:6e:81:1d:
80:ce:dc:62:bf:bf:b6:f4:4c:42:b1:93:b4:d2:34:
9e:d3:77:34:c0:c4:1c:4d:18:f9:ea:fb:4a:7b:9a:
44:c5:2d:bf:2c:77:e8:c5:ca:03:4f:c4:4a:57:dc:
15:d5:8f:73:51:85:d3:1b:a5:41:7b:5f:7e:22:e3:
1a:91:56:df:cb:87:25:2b:0b:4c:18:35:56:a5:07:
dd:aa:4e:de:a1:e8:f6:5c:21:e3:e5:f3:10:5e:e7:
db:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:EE:72:D0:23:BB:38:4B:4B:DB:0C:14:54:30:C7:74:7C:08:68:3C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/798DCCCCFF1411EF95967E87762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.208.0-154.199.255.255
Signature Algorithm: sha256WithRSAEncryption
50:58:8f:86:f4:1c:16:17:f7:6f:10:ce:13:bd:11:f5:d7:ab:
7d:c2:1a:e7:c1:1b:28:e0:63:e8:e1:6b:a9:4b:fe:36:74:e4:
e5:00:b0:35:7e:24:81:02:8b:1c:1a:0f:ee:18:df:22:aa:ed:
73:e1:c5:0c:e1:5a:c8:af:81:4f:f9:b8:d0:4d:0f:8c:75:5d:
e0:d8:cb:fe:99:d7:59:7d:c1:b3:e3:b1:dd:5d:89:46:ce:b3:
62:d5:a5:90:4e:9f:aa:f2:cf:f0:1f:0d:b6:47:26:60:0f:10:
33:56:96:2b:a2:71:51:cb:c5:d2:73:d4:1e:60:54:48:b7:84:
98:91:69:29:d3:b6:eb:53:ff:10:41:79:63:db:79:04:ec:9a:
70:b0:9e:ed:56:b7:21:61:65:24:68:4b:c0:c9:e7:1d:90:2e:
73:69:31:e3:82:c3:95:28:dd:cd:c5:4e:0e:54:18:0c:28:3b:
37:a7:65:5a:d4:d9:36:7f:d2:89:b8:e9:7e:ca:93:a5:35:a8:
aa:ff:52:e4:a4:ca:14:b8:1e:68:99:21:48:50:29:89:df:27:
15:d7:04:5f:c1:bf:62:57:06:98:4a:84:a2:ee:4c:71:32:70:
7e:25:bc:f7:20:3e:a2:3e:4f:e3:ac:26:05:d4:7a:ec:0b:fb:
16:7b:91:b7
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgIDAXOXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzEyMDczNDQ0WhcNMjUwNjEyMDczNDQ0WjAYMRYw
FAYDVQQDEw02N2QxMzkxNy1lZWEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt1lgRu5Tzw7NtBV4mssnBX2wx8izCCwQVB/SVmDR7XMAHRplJFwXI79t
Gg2cRCS4TpwbtStPusSvu+8MV4uSV9j1JkIhdQ6bw5u5dn1xRChhtNgO54RtYr6a
zjXAxTO38Zy9w//0CUAMt3ID31POAtsfdtwyL9ERgU8DDQesb1mvmlShpp0pppbE
8I0ipvkQCw4+dcFrZZLMm/kZD1BGxhNugR2Aztxiv7+29ExCsZO00jSe03c0wMQc
TRj56vtKe5pExS2/LHfoxcoDT8RKV9wV1Y9zUYXTG6VBe19+IuMakVbfy4clKwtM
GDVWpQfdqk7eoej2XCHj5fMQXufbSQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFCHu
ctAjuzhLS9sMFFQwx3R8CGg8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83OThEQ0NDQ0ZGMTQxMUVGOTU5NjdFODc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDBASax9ADAwOawDANBgkq
hkiG9w0BAQsFAAOCAQEAUFiPhvQcFhf3bxDOE70R9derfcIa58EbKOBj6OFrqUv+
NnTk5QCwNX4kgQKLHBoP7hjfIqrtc+HFDOFayK+BT/m40E0PjHVd4NjL/pnXWX3B
s+Ox3V2JRs6zYtWlkE6fqvLP8B8NtkcmYA8QM1aWK6JxUcvF0nPUHmBUSLeEmJFp
KdO261P/EEF5Y9t5BOyacLCe7Va3IWFlJGhLwMnnHZAuc2kx44LDlSjdzcVODlQY
DCg7N6dlWtTZNn/SibjpfsqTpTWoqv9S5KTKFLgeaJkhSFApid8nFdcEX8G/YlcG
mEqEou5McTJwfiW89yA+oj5P46wmBdR67Av7FnuRtw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:45:30 2025 by rpki-client