Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7DA958BECDC611EFA18D34A2762E951A.roa
File: 7DA958BECDC611EFA18D34A2762E951A.roa (raw, json)
Hash identifier: xg5d2MBAQgX9RxnsGZFtfEJV4rF6rMh++Ff8lW2gS04=
Subject key identifier: 35:CB:AC:C2:F8:CA:C8:64:DD:69:8E:5D:F1:12:1C:0C:CA:0E:C0:E4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013740
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7DA958BECDC611EFA18D34A2762E951A.roa
Signing time: Wed 08 Jan 2025 13:43:07 +0000
ROA not before: Wed 08 Jan 2025 13:43:03 +0000
ROA not after: Tue 23 Dec 2025 13:43:03 +0000
asID: 984
IP address blocks: 154.89.25.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79680 (0x13740)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 13:43:03 2025 GMT
Not After : Dec 23 13:43:03 2025 GMT
Subject: CN=677e80eb-20c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:88:8c:95:d6:c3:0b:ad:56:72:9b:41:0d:6b:
05:2e:02:ff:0a:ef:9c:73:d9:7e:e2:c8:d5:20:84:
2f:92:47:f9:72:da:81:8d:ea:5a:64:17:68:e1:ff:
a6:20:01:e2:a1:c3:b2:8a:c0:35:74:38:61:27:09:
88:c8:5c:6e:f5:a3:f3:83:02:6b:99:18:ac:d7:b3:
f9:34:2c:2d:72:fe:94:cf:df:6e:f4:cc:3b:00:48:
5c:f7:28:52:81:fa:12:62:34:5c:fc:1e:78:f2:11:
c0:fa:08:bd:6e:b5:e9:4c:45:de:20:84:a8:dd:ae:
56:de:e8:39:75:15:34:2c:03:67:ff:09:80:41:66:
3a:d0:59:94:0d:ed:b9:a3:c3:9d:64:7c:f6:96:4e:
13:7c:06:0c:33:91:1d:dc:96:2e:90:aa:a8:87:f0:
40:07:86:8e:a3:84:ea:02:0c:c5:e1:7c:81:6c:9f:
fe:4d:75:a5:e3:1d:58:26:b1:7d:06:f0:54:d6:d6:
ab:89:71:4c:c1:1a:d8:ab:7c:3a:a7:01:4c:c7:99:
57:06:89:85:21:82:a3:9d:57:4e:01:c9:d5:8a:a6:
b6:95:45:17:a2:79:32:80:e9:6f:25:c3:60:f0:aa:
3e:79:b0:98:92:42:80:63:0a:04:74:bc:86:5c:8f:
33:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:CB:AC:C2:F8:CA:C8:64:DD:69:8E:5D:F1:12:1C:0C:CA:0E:C0:E4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7DA958BECDC611EFA18D34A2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.25.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:71:c6:9e:ce:d7:ed:76:8d:cd:ee:db:fc:00:94:c0:71:48:
4d:40:c3:36:73:c3:90:2c:1e:03:12:4e:e2:a1:d1:c4:02:73:
5a:02:09:30:ec:e7:26:76:79:c1:2e:c2:02:40:f2:58:08:b0:
e5:a9:45:91:85:9c:5f:06:d7:4e:62:69:70:67:61:83:ed:dc:
b2:7c:89:54:b3:d5:69:8b:2f:f3:e5:bf:41:39:1b:ff:39:39:
c4:25:ce:d8:80:f3:09:fe:e4:bb:69:32:0a:51:f3:6e:95:ac:
5b:3e:5f:67:d3:73:a5:14:c9:72:fc:e7:92:0d:7b:78:3f:00:
67:72:2d:3a:c0:1a:04:c4:df:9a:69:aa:89:93:73:9b:16:f2:
8f:82:0d:f6:d1:49:47:b6:10:ec:4b:39:de:ab:28:e8:7b:c0:
e3:1e:05:45:65:b7:6f:46:6b:64:7f:4f:eb:f1:20:f9:e6:c0:
5c:54:96:54:f5:20:f7:23:ac:5f:c5:9f:16:d2:63:d4:39:00:
88:df:d2:02:10:44:e4:bc:6b:15:be:f9:d8:5a:6d:f3:27:7c:
d8:44:46:ec:ec:28:55:e9:bf:f6:52:3d:14:9b:7f:f7:0a:de:
5f:81:69:31:37:29:76:11:e4:7c:9f:d5:4e:02:24:34:06:4e:
3e:d1:ed:e8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATdAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTM0MzAzWhcNMjUxMjIzMTM0MzAzWjAYMRYw
FAYDVQQDEw02NzdlODBlYi0yMGM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzIiMldbDC61WcptBDWsFLgL/Cu+cc9l+4sjVIIQvkkf5ctqBjepaZBdo
4f+mIAHiocOyisA1dDhhJwmIyFxu9aPzgwJrmRis17P5NCwtcv6Uz99u9Mw7AEhc
9yhSgfoSYjRc/B548hHA+gi9brXpTEXeIISo3a5W3ug5dRU0LANn/wmAQWY60FmU
De25o8OdZHz2lk4TfAYMM5Ed3JYukKqoh/BAB4aOo4TqAgzF4XyBbJ/+TXWl4x1Y
JrF9BvBU1tariXFMwRrYq3w6pwFMx5lXBomFIYKjnVdOAcnViqa2lUUXonkygOlv
JcNg8Ko+ebCYkkKAYwoEdLyGXI8zJQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDXL
rML4yshk3WmOXfESHAzKDsDkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83REE5NThCRUNEQzYxMUVGQTE4RDM0QTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlkZMA0GCSqGSIb3DQEB
CwUAA4IBAQAvccaeztftdo3N7tv8AJTAcUhNQMM2c8OQLB4DEk7iodHEAnNaAgkw
7OcmdnnBLsICQPJYCLDlqUWRhZxfBtdOYmlwZ2GD7dyyfIlUs9Vpiy/z5b9BORv/
OTnEJc7YgPMJ/uS7aTIKUfNulaxbPl9n03OlFMly/OeSDXt4PwBnci06wBoExN+a
aaqJk3ObFvKPgg320UlHthDsSzneqyjoe8DjHgVFZbdvRmtkf0/r8SD55sBcVJZU
9SD3I6xfxZ8W0mPUOQCI39ICEETkvGsVvvnYWm3zJ3zYREbs7ChV6b/2Uj0Um3/3
Ct5fgWkxNyl2EeR8n9VOAiQ0Bk4+0e3o
-----END CERTIFICATE-----
Generated at Thu Apr 10 21:12:37 2025 by rpki-client