Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/97F636C4F43B11EF9D15F0A6762E951A.roa
File: 97F636C4F43B11EF9D15F0A6762E951A.roa (raw, json)
Hash identifier: uWwcd7838xbaBPOoFEqrcVLs9edM5eOpip/TXQI5gVw=
Subject key identifier: E1:28:C9:22:BA:0A:64:92:2C:57:67:0B:1C:F6:73:F1:83:AD:4E:62
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016307
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/97F636C4F43B11EF9D15F0A6762E951A.roa
Signing time: Wed 26 Feb 2025 12:17:06 +0000
ROA not before: Wed 26 Feb 2025 12:17:02 +0000
ROA not after: Fri 20 Feb 2026 12:17:02 +0000
asID: 984
IP address blocks: 154.199.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90887 (0x16307)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 12:17:02 2025 GMT
Not After : Feb 20 12:17:02 2026 GMT
Subject: CN=67bf0642-813c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:df:a4:51:29:9b:81:12:33:c0:36:0c:6f:8f:
2f:23:e2:8c:74:ef:8c:e7:5e:d1:b5:c0:60:26:56:
51:50:e2:e5:7d:23:f0:15:a3:e0:e6:42:d3:3a:b2:
d0:68:57:93:ed:24:bd:df:a8:08:58:ca:1c:14:71:
3a:d1:49:24:bf:06:7f:19:e9:ac:8d:47:47:b7:2a:
3a:6d:5f:d8:e3:69:fc:09:48:60:a2:8b:d2:5e:5a:
78:02:65:e3:c7:82:6c:ae:84:84:ec:8b:2c:93:1a:
46:d4:04:c9:02:c5:a2:fb:9d:56:03:1c:b9:e9:05:
42:62:a4:90:79:73:90:5c:3b:9b:d6:d0:38:69:88:
22:92:51:64:6d:25:f5:59:5e:29:5a:6d:4f:f2:51:
37:0e:6b:c3:b4:71:f5:5d:73:94:99:c4:31:53:61:
25:c3:89:a9:bd:d2:04:68:67:4c:50:4c:bc:d8:ce:
df:84:dc:ed:31:13:ef:05:90:87:ce:dd:2c:26:38:
4a:9a:e7:79:2c:36:21:ca:d5:a7:b9:34:f1:55:6f:
70:39:91:62:6b:83:03:7b:c8:90:5f:f7:48:b7:bc:
02:2b:9d:84:ed:4c:9d:a8:46:15:ce:8b:63:1d:68:
95:fd:79:cb:47:f9:45:65:a7:77:31:fe:38:d8:14:
d5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:28:C9:22:BA:0A:64:92:2C:57:67:0B:1C:F6:73:F1:83:AD:4E:62
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/97F636C4F43B11EF9D15F0A6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.154.0/24
Signature Algorithm: sha256WithRSAEncryption
97:91:2c:66:0e:b6:12:6b:5c:ec:1d:35:d1:40:51:74:3f:8c:
d1:a4:a4:80:b9:5f:f7:77:4e:c5:e7:e0:c0:6f:e4:54:9f:6d:
b7:75:5f:d4:6e:96:9a:e3:38:2c:64:ba:90:1e:61:cc:8e:62:
72:27:1f:63:cb:fd:95:d2:dd:21:22:01:23:58:3d:88:16:01:
0f:6f:30:f5:0c:af:5a:53:e0:0b:b6:88:7b:11:5a:e7:63:e3:
f9:6d:3e:eb:96:f3:c0:72:6d:ac:30:f0:ba:30:df:06:6e:2c:
04:14:bf:48:44:ea:f5:47:39:a0:c6:b6:e9:d9:45:29:fb:0b:
17:01:39:85:5b:e4:99:f8:72:7b:e1:fe:3e:cf:0c:44:59:89:
d3:32:6b:b9:5e:d2:a1:68:6b:73:fb:16:46:1e:7c:6d:f9:5c:
4b:5e:30:23:a9:03:3e:c3:6f:18:bb:52:da:bf:d1:0d:4f:04:
30:e2:a4:f6:e2:6e:f5:62:bc:2b:e4:e1:4a:8c:d4:df:78:3f:
2d:69:d8:97:7d:be:7c:7c:98:7c:75:cf:dc:95:a2:a1:b8:e2:
71:26:4a:fa:e8:80:9b:6a:0c:b0:92:87:b7:31:2a:6a:46:e5:
a2:28:06:0d:0f:e7:10:b0:66:18:fe:03:76:0d:c2:03:43:03:
32:f1:f0:06
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWMHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTIxNzAyWhcNMjYwMjIwMTIxNzAyWjAYMRYw
FAYDVQQDEw02N2JmMDY0Mi04MTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA49+kUSmbgRIzwDYMb48vI+KMdO+M517RtcBgJlZRUOLlfSPwFaPg5kLT
OrLQaFeT7SS936gIWMocFHE60UkkvwZ/GemsjUdHtyo6bV/Y42n8CUhgoovSXlp4
AmXjx4JsroSE7IsskxpG1ATJAsWi+51WAxy56QVCYqSQeXOQXDub1tA4aYgiklFk
bSX1WV4pWm1P8lE3DmvDtHH1XXOUmcQxU2Elw4mpvdIEaGdMUEy82M7fhNztMRPv
BZCHzt0sJjhKmud5LDYhytWnuTTxVW9wOZFia4MDe8iQX/dIt7wCK52E7UydqEYV
zotjHWiV/XnLR/lFZad3Mf442BTVMQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOEo
ySK6CmSSLFdnCxz2c/GDrU5iMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85N0Y2MzZDNEY0M0IxMUVGOUQxNUYwQTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmseaMA0GCSqGSIb3DQEB
CwUAA4IBAQCXkSxmDrYSa1zsHTXRQFF0P4zRpKSAuV/3d07F5+DAb+RUn223dV/U
bpaa4zgsZLqQHmHMjmJyJx9jy/2V0t0hIgEjWD2IFgEPbzD1DK9aU+ALtoh7EVrn
Y+P5bT7rlvPAcm2sMPC6MN8GbiwEFL9IROr1Rzmgxrbp2UUp+wsXATmFW+SZ+HJ7
4f4+zwxEWYnTMmu5XtKhaGtz+xZGHnxt+VxLXjAjqQM+w28Yu1Lav9ENTwQw4qT2
4m71Yrwr5OFKjNTfeD8tadiXfb58fJh8dc/claKhuOJxJkr66ICbagywkoe3MSpq
RuWiKAYND+cQsGYY/gN2DcIDQwMy8fAG
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:19 2025 by rpki-client