Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3FFCDF0CDE311EFA143EB59762E951A.roa
File: A3FFCDF0CDE311EFA143EB59762E951A.roa (raw, json)
Hash identifier: pkqAimfM4/3G6Y4xVBC7tpfZ4i8RNzwBtNbthdMZCqI=
Subject key identifier: D0:4E:67:2D:17:28:B5:40:75:9F:C0:EA:B7:36:30:CF:0E:B8:DF:9F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0137D3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3FFCDF0CDE311EFA143EB59762E951A.roa
Signing time: Wed 08 Jan 2025 17:11:46 +0000
ROA not before: Wed 08 Jan 2025 17:11:43 +0000
ROA not after: Sat 03 Jan 2026 17:11:43 +0000
asID: 984
IP address blocks: 154.89.184.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79827 (0x137d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 17:11:43 2025 GMT
Not After : Jan 3 17:11:43 2026 GMT
Subject: CN=677eb1d2-6f4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:77:69:9d:8e:27:b6:fc:39:7c:05:ed:c2:b7:
78:74:3d:67:13:d5:c8:2e:c1:2a:2b:e6:23:d0:4a:
6b:b7:e2:69:9b:50:47:50:0d:c2:ea:75:db:0b:df:
d7:1d:18:3f:cd:44:d1:fa:af:b6:b8:a3:9a:4d:75:
50:43:79:28:5b:dd:e1:99:f9:22:c4:34:db:df:fd:
2c:59:89:dc:98:4b:af:f3:77:59:1a:0e:54:70:9e:
be:55:eb:2a:d5:a9:c5:8c:a9:17:7c:81:2e:27:06:
fa:48:08:d7:39:5b:ff:9f:a5:31:ea:8e:96:32:db:
02:79:e1:20:0d:49:a0:07:2b:95:25:ff:38:15:b7:
3f:fa:d1:b3:87:71:b9:d2:09:e5:da:d3:bf:00:1f:
52:54:20:62:31:13:2d:34:a8:ab:8e:61:ed:5f:31:
e9:31:24:4a:60:69:3c:5e:6f:ef:cf:54:2b:00:cc:
42:fb:69:0a:c7:4d:41:95:2e:a7:08:25:05:50:a0:
5c:b1:56:ad:49:7f:59:47:69:56:19:55:bb:83:0d:
0f:4b:5f:e7:94:1f:ad:80:dc:a2:08:02:47:a6:dc:
16:29:ee:86:b7:62:af:3e:ec:b0:57:bf:90:c8:f4:
43:08:b3:0f:5f:34:d5:ba:49:eb:f9:29:17:d1:2b:
e6:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:4E:67:2D:17:28:B5:40:75:9F:C0:EA:B7:36:30:CF:0E:B8:DF:9F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3FFCDF0CDE311EFA143EB59762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.184.0/24
Signature Algorithm: sha256WithRSAEncryption
01:5a:8e:92:c3:c6:a9:04:c5:75:2c:b8:5d:39:c5:15:47:89:
9b:83:af:cf:5f:27:c9:fd:1c:b2:cf:7a:8a:ce:f6:99:7b:15:
d5:ca:60:ff:df:e4:8c:ad:0e:6f:a8:de:41:68:76:12:87:5f:
9e:1e:45:b7:bc:e8:25:7f:27:7e:c5:44:25:f5:02:93:28:fc:
19:ad:c9:fc:d7:a0:59:90:85:2b:8b:29:44:99:ee:74:6c:f8:
17:a2:39:11:bc:bf:8b:01:e2:8d:73:9c:e5:1c:ee:58:8b:3c:
ae:72:11:e4:76:3f:bb:3b:5e:98:b0:82:53:9b:80:70:fe:4e:
f6:02:6f:fb:a5:7b:03:62:e1:1f:01:93:ea:0a:11:85:49:0d:
01:f0:43:5a:82:26:b3:da:ee:c0:62:6c:90:55:91:44:22:49:
77:b1:d8:f6:84:e2:19:75:39:d1:03:1d:d9:d4:22:bf:67:74:
63:2a:7f:a7:7d:7d:3a:4b:ef:44:90:f1:35:a0:5e:28:c3:ad:
3e:54:ed:ab:7d:da:1c:51:a9:f3:e3:0b:c3:24:15:31:5f:57:
54:4b:94:45:c1:88:b6:f1:6e:69:a4:d2:ca:b3:02:1f:d0:62:
a3:f7:b2:a7:2a:7f:e5:dd:e7:4f:e2:4e:55:93:82:4c:af:fa:
1f:48:1e:57
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATfTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTcxMTQzWhcNMjYwMTAzMTcxMTQzWjAYMRYw
FAYDVQQDEw02NzdlYjFkMi02ZjRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA13dpnY4ntvw5fAXtwrd4dD1nE9XILsEqK+Yj0Eprt+Jpm1BHUA3C6nXb
C9/XHRg/zUTR+q+2uKOaTXVQQ3koW93hmfkixDTb3/0sWYncmEuv83dZGg5UcJ6+
Vesq1anFjKkXfIEuJwb6SAjXOVv/n6Ux6o6WMtsCeeEgDUmgByuVJf84Fbc/+tGz
h3G50gnl2tO/AB9SVCBiMRMtNKirjmHtXzHpMSRKYGk8Xm/vz1QrAMxC+2kKx01B
lS6nCCUFUKBcsVatSX9ZR2lWGVW7gw0PS1/nlB+tgNyiCAJHptwWKe6Gt2KvPuyw
V7+QyPRDCLMPXzTVuknr+SkX0SvmvwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNBO
Zy0XKLVAdZ/A6rc2MM8OuN+fMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BM0ZGQ0RGMENERTMxMUVGQTE0M0VCNTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlm4MA0GCSqGSIb3DQEB
CwUAA4IBAQABWo6Sw8apBMV1LLhdOcUVR4mbg6/PXyfJ/Ryyz3qKzvaZexXVymD/
3+SMrQ5vqN5BaHYSh1+eHkW3vOglfyd+xUQl9QKTKPwZrcn816BZkIUriylEme50
bPgXojkRvL+LAeKNc5zlHO5YizyuchHkdj+7O16YsIJTm4Bw/k72Am/7pXsDYuEf
AZPqChGFSQ0B8ENagiaz2u7AYmyQVZFEIkl3sdj2hOIZdTnRAx3Z1CK/Z3RjKn+n
fX06S+9EkPE1oF4ow60+VO2rfdocUanz4wvDJBUxX1dUS5RFwYi28W5ppNLKswIf
0GKj97KnKn/l3edP4k5Vk4JMr/ofSB5X
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:59:43 2025 by rpki-client