Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89C0E18CC38311EF94BEC25E762E951A.roa
File: 89C0E18CC38311EF94BEC25E762E951A.roa (raw, json)
Hash identifier: PckTOAZzv+xU/jOaSjR5M9AT8uYTlkaWeGMHGxOxB5c=
Subject key identifier: 2E:A1:F7:B4:4C:F1:E0:2B:19:23:2A:6C:BE:35:AE:B6:9A:31:6C:58
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012778
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89C0E18CC38311EF94BEC25E762E951A.roa
Signing time: Thu 26 Dec 2024 12:18:39 +0000
ROA not before: Thu 26 Dec 2024 12:18:35 +0000
ROA not after: Fri 12 Dec 2025 12:18:35 +0000
asID: 984
IP address blocks: 154.94.211.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75640 (0x12778)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 12:18:35 2024 GMT
Not After : Dec 12 12:18:35 2025 GMT
Subject: CN=676d499f-48ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:86:2d:70:2d:89:d7:4e:aa:8d:ac:78:1f:cf:
e1:cf:23:56:ee:d4:a8:57:c4:98:cf:a3:d2:7f:6b:
e9:73:e2:c1:25:6b:19:f1:e1:2a:2c:be:49:f2:84:
7e:2f:c4:ac:4b:c8:b8:5c:6c:29:d0:e8:ce:ec:db:
c8:aa:9d:34:0e:76:60:84:53:3e:47:24:19:f4:cf:
dd:2a:52:22:20:53:17:63:08:24:9c:6c:6a:3e:63:
bf:f7:f0:71:06:3a:fd:b1:40:ab:dc:fa:d6:f2:f2:
4b:05:6a:b3:db:6b:6e:0c:1e:a5:a4:01:b0:2a:a7:
0d:29:0f:7d:4c:ac:88:3d:a6:3a:7d:9a:d4:14:46:
60:5f:8d:9e:91:59:69:a9:77:de:40:d2:11:61:fa:
67:f5:ad:5d:ee:0f:7b:04:1e:b9:2e:b7:4b:e5:38:
0f:5d:5e:0b:bb:a6:9a:9c:ed:68:8d:35:e7:79:0b:
24:32:78:9a:62:9a:d0:9b:ff:92:a8:6c:d4:f7:06:
f7:5b:27:e5:7b:3d:42:21:57:1a:0e:12:67:96:df:
3c:a7:0d:a8:49:3f:83:f9:57:6c:e9:f1:34:e7:99:
39:a2:8b:81:fe:7b:2f:eb:b1:8d:34:ef:de:18:6a:
a9:62:c1:12:e8:6d:5c:12:ee:6c:fd:43:53:11:45:
b6:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:A1:F7:B4:4C:F1:E0:2B:19:23:2A:6C:BE:35:AE:B6:9A:31:6C:58
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89C0E18CC38311EF94BEC25E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.211.0/24
Signature Algorithm: sha256WithRSAEncryption
60:0e:0c:4e:87:3d:62:9f:30:33:be:b2:91:38:db:a6:32:e3:
a9:ca:1e:0d:c5:fc:b9:13:7f:a5:5b:9e:e5:ba:6d:45:2f:cc:
fd:67:e2:0a:23:bd:0d:de:74:3f:bb:06:74:58:14:7f:9f:92:
cd:53:d8:c5:ff:c8:e0:e3:33:7c:88:0c:4d:6d:d4:17:13:67:
9b:ea:6c:b7:35:a8:49:76:9a:a3:ed:fc:b2:6e:52:87:d6:da:
ea:72:ad:52:19:20:64:01:5b:5f:cf:d7:9f:00:0e:07:04:9e:
91:22:d2:59:d0:80:d6:5a:b0:ea:0f:f8:fd:90:26:88:a8:34:
9b:ca:8a:09:e8:1e:43:14:26:7e:2b:ba:0f:ce:12:39:91:90:
96:e3:fe:95:c6:6f:9f:13:8f:cf:dd:eb:0b:a1:ae:52:d0:17:
31:5a:bd:08:3b:a6:9c:29:9d:72:41:8c:84:f8:5c:30:75:2c:
43:06:fa:e6:b6:c5:e4:b4:90:9e:77:66:18:cc:3f:00:5c:6d:
df:a6:b0:07:33:4e:32:83:48:ac:8c:cc:15:a1:5e:ac:07:31:
93:44:b7:ed:aa:5f:fb:2c:7d:60:29:12:da:8e:1a:a9:80:62:
7c:4b:51:d4:89:3a:81:44:60:af:24:c5:c8:00:44:57:d9:14:
f7:c2:17:45
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASd4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MTIxODM1WhcNMjUxMjEyMTIxODM1WjAYMRYw
FAYDVQQDEw02NzZkNDk5Zi00OGJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx4YtcC2J106qjax4H8/hzyNW7tSoV8SYz6PSf2vpc+LBJWsZ8eEqLL5J
8oR+L8SsS8i4XGwp0OjO7NvIqp00DnZghFM+RyQZ9M/dKlIiIFMXYwgknGxqPmO/
9/BxBjr9sUCr3PrW8vJLBWqz22tuDB6lpAGwKqcNKQ99TKyIPaY6fZrUFEZgX42e
kVlpqXfeQNIRYfpn9a1d7g97BB65LrdL5TgPXV4Lu6aanO1ojTXneQskMniaYprQ
m/+SqGzU9wb3Wyflez1CIVcaDhJnlt88pw2oST+D+Vds6fE055k5oouB/nsv67GN
NO/eGGqpYsES6G1cEu5s/UNTEUW2/QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFC6h
97RM8eArGSMqbL41rraaMWxYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84OUMwRTE4Q0MzODMxMUVGOTRCRUMyNUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml7TMA0GCSqGSIb3DQEB
CwUAA4IBAQBgDgxOhz1inzAzvrKRONumMuOpyh4Nxfy5E3+lW57lum1FL8z9Z+IK
I70N3nQ/uwZ0WBR/n5LNU9jF/8jg4zN8iAxNbdQXE2eb6my3NahJdpqj7fyyblKH
1trqcq1SGSBkAVtfz9efAA4HBJ6RItJZ0IDWWrDqD/j9kCaIqDSbyooJ6B5DFCZ+
K7oPzhI5kZCW4/6Vxm+fE4/P3esLoa5S0BcxWr0IO6acKZ1yQYyE+FwwdSxDBvrm
tsXktJCed2YYzD8AXG3fprAHM04yg0isjMwVoV6sBzGTRLftql/7LH1gKRLajhqp
gGJ8S1HUiTqBRGCvJMXIAERX2RT3whdF
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:49:34 2025 by rpki-client