Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8FD57D66C60E11EFBAAE0680762E951A.roa
File: 8FD57D66C60E11EFBAAE0680762E951A.roa (raw, json)
Hash identifier: eR6qzKqUV/MXNdAK7cBuTy9tiD9UIL6JLZB2QI2zFyU=
Subject key identifier: 86:4B:27:15:3E:48:9B:CB:93:71:14:70:7A:F5:85:1A:D7:DE:18:35
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012ED2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8FD57D66C60E11EFBAAE0680762E951A.roa
Signing time: Sun 29 Dec 2024 17:58:52 +0000
ROA not before: Sun 29 Dec 2024 17:58:48 +0000
ROA not after: Sun 12 Dec 2027 17:58:48 +0000
asID: 17561
IP address blocks: 154.217.76.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77522 (0x12ed2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 17:58:48 2024 GMT
Not After : Dec 12 17:58:48 2027 GMT
Subject: CN=67718ddc-5b7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3b:0d:c6:7c:17:71:18:c9:85:d1:87:1c:76:
b7:b2:c9:78:a9:ed:cd:94:fa:ee:ff:b8:1b:9c:e8:
82:37:b7:cc:7f:1f:f1:a9:b2:ff:f9:fb:88:7b:f5:
f3:f6:16:de:f8:08:b9:99:7a:3c:74:ca:fc:e9:23:
1f:26:e0:a6:66:f0:3e:e6:fa:54:80:f7:a8:42:52:
12:b2:18:d5:46:54:db:f1:20:15:fc:77:a1:75:74:
6a:1d:e6:cc:51:40:c5:26:a1:16:9e:e3:7a:cc:f6:
75:54:4f:ce:a3:63:55:62:c6:ab:88:49:1a:71:49:
9f:b6:45:08:f0:22:b5:8a:79:bb:e5:19:88:35:fb:
b7:de:3a:08:b5:7f:3a:d5:2e:ad:fe:08:e8:a4:a4:
cb:cd:c1:cc:60:bc:98:19:c4:7c:5d:16:c9:5c:e0:
92:92:00:1c:c0:86:ab:50:11:2c:b4:90:9e:d5:2b:
ca:bf:88:04:5b:15:4e:53:dc:04:a8:3a:88:72:54:
6b:87:21:9e:6b:b8:a6:ef:ac:68:aa:fd:4c:ca:6b:
1d:d4:6a:38:e2:46:37:cc:c9:bc:05:b8:96:5f:3a:
6a:1d:04:fd:20:7b:f3:e1:28:0b:a0:e5:81:0c:71:
41:7c:69:d2:c6:3a:aa:27:98:d4:34:7b:06:fc:7a:
75:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:4B:27:15:3E:48:9B:CB:93:71:14:70:7A:F5:85:1A:D7:DE:18:35
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8FD57D66C60E11EFBAAE0680762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.76.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:c4:73:ad:eb:be:55:10:69:e4:95:1b:11:88:c5:d3:c3:da:
4a:ad:50:66:f3:43:b3:f0:b2:d6:9f:7b:3b:34:79:89:6c:56:
53:30:10:8c:29:06:f3:a0:ed:94:8b:ee:b2:cc:d7:77:1d:73:
d8:68:c2:ef:d7:45:22:b0:be:eb:18:36:37:57:6a:e8:bb:3f:
d9:fb:75:f6:c4:51:ea:20:a2:3e:86:42:7e:00:ba:27:ca:12:
9c:02:89:a5:e2:b6:40:8c:84:c8:56:50:28:c8:00:3f:cc:a7:
1a:e5:13:f7:44:ac:ea:50:2f:aa:8d:49:79:3c:2c:ee:ae:ee:
03:06:bb:97:5c:d7:b4:68:23:46:b5:6e:33:a0:81:a7:cc:94:
41:87:e3:98:52:f0:8e:60:42:f3:98:6d:5f:93:f0:07:f5:42:
ee:d8:91:4d:c4:8c:6d:fb:d6:2d:e1:93:d9:42:c1:8d:67:ba:
4b:60:44:80:37:25:1f:03:db:ec:7c:d5:5b:8b:ca:29:5a:8a:
d5:36:1b:38:e1:54:16:7a:65:d0:04:55:b2:3c:f1:9e:c7:37:
7d:15:91:1b:b9:25:05:18:55:5b:66:47:a8:0b:64:b2:5d:09:
2f:9e:7c:e7:66:37:81:10:8d:0c:7e:4d:78:56:bc:f5:e4:1c:
86:f1:97:85
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS7SMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTc1ODQ4WhcNMjcxMjEyMTc1ODQ4WjAYMRYw
FAYDVQQDEw02NzcxOGRkYy01YjdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoTsNxnwXcRjJhdGHHHa3ssl4qe3NlPru/7gbnOiCN7fMfx/xqbL/+fuI
e/Xz9hbe+Ai5mXo8dMr86SMfJuCmZvA+5vpUgPeoQlISshjVRlTb8SAV/HehdXRq
HebMUUDFJqEWnuN6zPZ1VE/Oo2NVYsariEkacUmftkUI8CK1inm75RmINfu33joI
tX861S6t/gjopKTLzcHMYLyYGcR8XRbJXOCSkgAcwIarUBEstJCe1SvKv4gEWxVO
U9wEqDqIclRrhyGea7im76xoqv1Mymsd1Go44kY3zMm8BbiWXzpqHQT9IHvz4SgL
oOWBDHFBfGnSxjqqJ5jUNHsG/Hp1EwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIZL
JxU+SJvLk3EUcHr1hRrX3hg1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RkQ1N0Q2NkM2MEUxMUVGQkFBRTA2ODA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtlMMA0GCSqGSIb3DQEB
CwUAA4IBAQBexHOt675VEGnklRsRiMXTw9pKrVBm80Oz8LLWn3s7NHmJbFZTMBCM
KQbzoO2Ui+6yzNd3HXPYaMLv10UisL7rGDY3V2rouz/Z+3X2xFHqIKI+hkJ+ALon
yhKcAoml4rZAjITIVlAoyAA/zKca5RP3RKzqUC+qjUl5PCzuru4DBruXXNe0aCNG
tW4zoIGnzJRBh+OYUvCOYELzmG1fk/AH9ULu2JFNxIxt+9Yt4ZPZQsGNZ7pLYESA
NyUfA9vsfNVbi8opWorVNhs44VQWemXQBFWyPPGexzd9FZEbuSUFGFVbZkeoC2Sy
XQkvnnznZjeBEI0Mfk14Vrz15ByG8ZeF
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:34:32 2025 by rpki-client