Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8704A2F4CDDC11EF8558F0AC762E951A.roa
File: 8704A2F4CDDC11EF8558F0AC762E951A.roa (raw, json)
Hash identifier: d2p6V5BY+8AGyWUP+waFixAiZBcFMQUcAH3o8LxcygE=
Subject key identifier: F4:F3:20:7C:FD:6A:2F:CF:72:3B:28:BD:8C:F4:45:4B:E3:9E:18:C1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01379D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8704A2F4CDDC11EF8558F0AC762E951A.roa
Signing time: Wed 08 Jan 2025 16:20:51 +0000
ROA not before: Wed 08 Jan 2025 16:20:48 +0000
ROA not after: Sat 03 Jan 2026 16:20:48 +0000
asID: 984
IP address blocks: 154.89.157.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79773 (0x1379d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 16:20:48 2025 GMT
Not After : Jan 3 16:20:48 2026 GMT
Subject: CN=677ea5e3-29c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ec:b2:89:02:56:3c:55:f0:09:15:a8:9e:c1:
2e:6b:5f:e2:f6:03:74:4e:f1:c3:0b:ae:53:3b:df:
cd:14:e0:4e:1c:9f:cf:74:cc:cc:17:6a:1a:c2:bd:
9b:6a:f6:d2:da:70:e8:de:07:3c:0c:e4:69:02:3c:
38:cb:03:a8:83:0f:f3:2e:f2:6a:68:dc:38:1a:2e:
aa:08:b6:0b:f6:05:85:29:a3:9d:d8:7d:fe:80:20:
50:c5:ba:99:36:46:03:be:bf:1c:13:85:f0:15:b0:
80:eb:a9:e0:0c:ca:cd:c8:b9:18:2b:8a:52:74:47:
b7:d6:c3:b3:e5:f9:ef:77:a4:d4:ce:35:3f:02:a9:
ea:d1:94:af:19:ff:a1:6b:08:85:e5:0b:f4:74:9d:
95:15:eb:72:c0:56:1e:59:5f:fa:d3:65:9f:20:ec:
9b:b6:a1:88:ee:bb:80:93:99:7f:0c:35:c8:b1:37:
10:0a:e5:85:92:b1:db:27:c5:df:03:87:f5:bd:f2:
d4:8e:b4:54:39:91:a6:4e:31:04:a5:c8:aa:69:d7:
1a:a5:ea:7f:6e:c8:a3:7e:fe:7e:9d:7e:12:8c:21:
86:fa:83:f1:40:d0:a4:49:09:ef:22:3a:d7:22:48:
44:b3:44:6d:8a:29:9a:76:84:c2:5c:37:d2:15:9e:
c1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F3:20:7C:FD:6A:2F:CF:72:3B:28:BD:8C:F4:45:4B:E3:9E:18:C1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8704A2F4CDDC11EF8558F0AC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.157.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:f2:97:37:2f:41:bc:9c:d3:c9:b0:7e:31:8f:7f:6d:dd:8f:
18:0d:64:bb:7e:45:00:a4:9e:ba:72:49:50:0f:b3:6d:91:ce:
34:55:03:26:22:86:6d:e3:7f:10:36:f1:98:0a:67:26:50:ff:
6c:56:48:d3:97:4d:32:d1:dd:34:dc:36:93:65:35:85:4e:9d:
5e:df:69:75:83:b8:e5:70:f6:af:06:5d:32:ad:d3:0c:fa:6a:
c2:2d:4c:23:44:55:01:55:dd:3e:6c:ed:4c:5f:61:39:44:35:
d2:64:5c:cd:a5:15:9d:b0:df:35:88:bd:60:1f:12:16:c3:84:
d6:45:1c:eb:77:c3:49:ab:12:60:4f:0b:d8:f2:42:2b:47:80:
4c:f9:6d:5f:df:34:69:a5:f5:90:91:fd:3a:0b:83:7a:0d:a9:
4e:71:62:c5:df:eb:3e:36:c0:4e:20:78:1b:cb:53:43:f7:a0:
b0:34:4d:d8:7d:b5:ce:51:c9:33:f1:41:01:cc:98:38:e1:4d:
7a:e4:38:96:7d:9b:0c:7f:48:55:5e:af:55:a5:cc:87:7d:50:
f4:83:6c:75:ca:a8:9f:81:04:98:de:34:22:ab:b2:d1:7a:52:
e0:31:c1:a9:24:ce:9f:d9:34:51:79:f8:4e:56:6d:c8:30:f4:
78:4b:31:30
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATedMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTYyMDQ4WhcNMjYwMTAzMTYyMDQ4WjAYMRYw
FAYDVQQDEw02NzdlYTVlMy0yOWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1uyyiQJWPFXwCRWonsEua1/i9gN0TvHDC65TO9/NFOBOHJ/PdMzMF2oa
wr2bavbS2nDo3gc8DORpAjw4ywOogw/zLvJqaNw4Gi6qCLYL9gWFKaOd2H3+gCBQ
xbqZNkYDvr8cE4XwFbCA66ngDMrNyLkYK4pSdEe31sOz5fnvd6TUzjU/Aqnq0ZSv
Gf+hawiF5Qv0dJ2VFetywFYeWV/602WfIOybtqGI7ruAk5l/DDXIsTcQCuWFkrHb
J8XfA4f1vfLUjrRUOZGmTjEEpciqadcapep/bsijfv5+nX4SjCGG+oPxQNCkSQnv
IjrXIkhEs0RtiimadoTCXDfSFZ7B7wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPTz
IHz9ai/PcjsovYz0RUvjnhjBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NzA0QTJGNENEREMxMUVGODU1OEYwQUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlmdMA0GCSqGSIb3DQEB
CwUAA4IBAQDL8pc3L0G8nNPJsH4xj39t3Y8YDWS7fkUApJ66cklQD7Ntkc40VQMm
IoZt438QNvGYCmcmUP9sVkjTl00y0d003DaTZTWFTp1e32l1g7jlcPavBl0yrdMM
+mrCLUwjRFUBVd0+bO1MX2E5RDXSZFzNpRWdsN81iL1gHxIWw4TWRRzrd8NJqxJg
TwvY8kIrR4BM+W1f3zRppfWQkf06C4N6DalOcWLF3+s+NsBOIHgby1ND96CwNE3Y
fbXOUckz8UEBzJg44U165DiWfZsMf0hVXq9VpcyHfVD0g2x1yqifgQSY3jQiq7LR
elLgMcGpJM6f2TRRefhOVm3IMPR4SzEw
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:50:34 2025 by rpki-client