Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8DCF8AE0C25B11EF8B2EEF79762E951A.roa
File: 8DCF8AE0C25B11EF8B2EEF79762E951A.roa (raw, json)
Hash identifier: U+bbW8Q+RfGo2p0QI4UukE6P4FYSkeI1W+z+5xoF0xg=
Subject key identifier: 1B:62:BD:D7:AA:A8:60:9F:F2:BD:2A:E5:D0:EA:0C:10:C8:BE:AB:52
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012372
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8DCF8AE0C25B11EF8B2EEF79762E951A.roa
Signing time: Wed 25 Dec 2024 00:59:55 +0000
ROA not before: Wed 25 Dec 2024 00:00:51 +0000
ROA not after: Wed 10 Dec 2025 00:00:51 +0000
asID: 984
IP address blocks: 154.199.70.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74610 (0x12372)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 00:00:51 2024 GMT
Not After : Dec 10 00:00:51 2025 GMT
Subject: CN=676b590b-7bf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f5:0f:fc:69:02:57:3a:89:d7:cc:72:15:5b:
60:a2:46:33:b7:8f:50:3e:6f:d7:0e:fe:1d:2a:a4:
ba:b7:b1:00:a4:a2:01:6c:6b:55:79:91:f5:65:3f:
3d:c1:58:b8:21:f8:32:07:f6:7b:4b:39:3a:d3:f7:
7a:e8:77:1b:32:33:7c:27:e5:9b:fb:68:c6:73:94:
b8:1d:ad:47:47:26:d5:ec:24:81:ac:4f:33:09:8e:
ec:5f:ca:f2:6b:83:3b:61:50:55:ce:0c:cb:03:c4:
43:b5:f0:2f:d1:fa:e5:19:5e:db:89:ef:f4:01:6f:
b3:59:03:e9:c8:63:ba:56:57:46:30:78:f0:a1:b6:
ee:a2:a7:46:f0:36:cc:30:12:40:40:7e:59:5a:75:
f7:ef:27:43:57:57:a3:79:79:9a:9c:8d:2a:f9:aa:
a4:0a:41:1a:0e:08:e7:3f:d6:17:89:1c:50:1d:58:
d3:67:81:1f:7e:a5:84:9e:0e:ec:06:e9:08:97:c3:
38:85:c4:df:46:db:d4:35:3e:6a:2a:7a:83:4a:b7:
92:12:5f:7f:e9:d2:6f:5a:1b:71:8f:ea:ce:dc:8e:
dd:a6:e8:ea:66:fb:02:7d:ab:ab:ec:e9:44:d1:c4:
7b:f9:76:48:94:33:b5:81:76:bc:32:f6:e1:ed:45:
38:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:62:BD:D7:AA:A8:60:9F:F2:BD:2A:E5:D0:EA:0C:10:C8:BE:AB:52
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8DCF8AE0C25B11EF8B2EEF79762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.70.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:99:b7:44:ce:03:f6:4a:d6:cd:55:1c:4e:b6:45:d8:87:27:
ae:f9:ed:d5:ef:bd:57:b4:4d:a2:ac:31:3b:d9:07:43:bb:29:
c6:c0:f5:dc:44:f9:0c:53:d6:6c:6d:64:63:9e:da:3b:c6:df:
ef:b7:81:81:21:53:80:ff:56:d4:d9:91:78:33:53:45:cf:a9:
98:52:bc:f0:59:97:1b:17:63:29:ff:d9:06:e9:ab:a3:d9:56:
eb:53:1d:bb:74:eb:9c:d4:6e:76:c9:50:10:81:81:12:6e:e2:
67:62:6e:b1:13:e8:64:35:f8:d9:00:5a:ba:1d:f9:ea:fa:4e:
9d:01:b2:3d:b8:eb:ad:ea:c5:ce:7c:a5:cb:ee:fc:da:74:70:
ea:60:4e:f4:71:6b:75:4a:03:75:2f:c9:e4:81:be:5a:35:c7:
cf:55:c8:aa:34:5d:1b:ac:25:52:88:59:d2:f3:17:ad:77:16:
0d:52:b4:07:ef:bb:f9:c9:82:52:d8:76:97:cf:50:cd:ef:cb:
44:d8:a5:a2:71:4e:f7:c3:87:f6:bc:c9:38:cd:5b:a9:b0:3c:
73:11:e7:ca:23:86:d8:fd:b9:02:da:00:3b:55:9d:a9:bf:5d:
63:c2:10:76:d3:59:3c:2c:36:db:66:b3:f6:a6:9c:ad:6d:50:
da:22:19:c0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASNyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDAwMDUxWhcNMjUxMjEwMDAwMDUxWjAYMRYw
FAYDVQQDEw02NzZiNTkwYi03YmYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv/UP/GkCVzqJ18xyFVtgokYzt49QPm/XDv4dKqS6t7EApKIBbGtVeZH1
ZT89wVi4IfgyB/Z7Szk60/d66HcbMjN8J+Wb+2jGc5S4Ha1HRybV7CSBrE8zCY7s
X8rya4M7YVBVzgzLA8RDtfAv0frlGV7bie/0AW+zWQPpyGO6VldGMHjwobbuoqdG
8DbMMBJAQH5ZWnX37ydDV1ejeXmanI0q+aqkCkEaDgjnP9YXiRxQHVjTZ4EffqWE
ng7sBukIl8M4hcTfRtvUNT5qKnqDSreSEl9/6dJvWhtxj+rO3I7dpujqZvsCfaur
7OlE0cR7+XZIlDO1gXa8Mvbh7UU4vQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBti
vdeqqGCf8r0q5dDqDBDIvqtSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RENGOEFFMEMyNUIxMUVGOEIyRUVGNzk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsdGMA0GCSqGSIb3DQEB
CwUAA4IBAQA8mbdEzgP2StbNVRxOtkXYhyeu+e3V771XtE2irDE72QdDuynGwPXc
RPkMU9ZsbWRjnto7xt/vt4GBIVOA/1bU2ZF4M1NFz6mYUrzwWZcbF2Mp/9kG6auj
2VbrUx27dOuc1G52yVAQgYESbuJnYm6xE+hkNfjZAFq6Hfnq+k6dAbI9uOut6sXO
fKXL7vzadHDqYE70cWt1SgN1L8nkgb5aNcfPVciqNF0brCVSiFnS8xetdxYNUrQH
77v5yYJS2HaXz1DN78tE2KWicU73w4f2vMk4zVupsDxzEefKI4bY/bkC2gA7VZ2p
v11jwhB201k8LDbbZrP2ppytbVDaIhnA
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:57 2025 by rpki-client