Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A88696F0C90711EFAC823E6D762E951A.roa
File: A88696F0C90711EFAC823E6D762E951A.roa (raw, json)
Hash identifier: VQ/E8x8ylsaLxZQpiPaSDJ8yzK3h7KPBIBA01bkEtMI=
Subject key identifier: E4:49:84:D4:83:26:CE:3E:DE:89:12:20:EF:C1:6B:7C:FA:A7:2E:40
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013277
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A88696F0C90711EFAC823E6D762E951A.roa
Signing time: Thu 02 Jan 2025 12:47:00 +0000
ROA not before: Thu 02 Jan 2025 12:46:56 +0000
ROA not after: Sat 13 Dec 2025 12:46:56 +0000
asID: 984
IP address blocks: 154.221.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78455 (0x13277)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 12:46:56 2025 GMT
Not After : Dec 13 12:46:56 2025 GMT
Subject: CN=67768ac4-a6d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:ac:bb:e9:eb:3e:2a:2b:dd:5e:c0:ca:5e:f8:
1d:b0:fa:57:3e:ee:37:5e:fe:79:c3:b5:a1:cc:e7:
64:a8:7a:38:f3:02:d4:52:76:82:14:df:97:d6:e7:
3e:e9:a4:4e:fd:63:8e:c8:0d:c2:54:c5:54:4d:90:
d9:99:a0:91:10:25:d1:9c:e2:53:51:20:fd:d1:e2:
31:08:64:c2:c8:33:90:db:af:54:c5:d6:6d:68:2a:
71:f4:c8:de:d9:e9:05:03:99:a3:75:f3:d5:77:9d:
ca:23:6d:86:87:91:58:1d:54:28:7b:cd:21:ac:45:
69:6e:90:34:78:76:5d:e6:91:8b:2c:f7:2d:a1:83:
e1:46:03:56:69:63:83:9d:8a:2e:8e:7c:a0:f8:97:
8d:1e:24:9e:0b:a0:8d:1e:25:12:ef:e1:a5:f4:ae:
f8:1d:82:fa:12:88:c0:cc:97:f7:b5:20:b8:f5:01:
69:79:f7:4b:5a:09:f2:33:4b:16:08:33:e4:b9:8f:
22:45:eb:d8:41:d4:53:6a:70:f3:70:11:48:a3:66:
a5:75:1a:3c:f6:23:ee:24:8d:cb:54:5e:a1:87:96:
c4:b4:3e:b9:e9:03:65:18:4d:1e:11:f1:70:c2:8a:
84:fb:11:31:5b:f3:71:13:3c:8d:b6:80:e1:66:22:
49:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:49:84:D4:83:26:CE:3E:DE:89:12:20:EF:C1:6B:7C:FA:A7:2E:40
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A88696F0C90711EFAC823E6D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.200.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:45:43:18:a2:76:cb:00:e2:db:e9:af:2a:c0:4a:41:20:6f:
22:82:d8:cc:f2:0a:3a:71:14:2c:85:ec:91:70:50:e4:19:87:
7f:c3:e5:15:19:1b:b5:00:28:7a:bf:6d:87:c1:8a:e7:81:a9:
c7:97:3f:99:b2:08:91:91:5b:4a:4a:8d:18:49:f7:c8:de:f4:
06:56:69:90:3b:70:a3:20:ef:ba:08:de:77:1f:59:d4:f9:5f:
ce:b6:64:80:6c:3c:28:bc:08:b7:a6:84:3c:50:61:a1:4e:10:
cf:38:45:ed:af:c4:84:95:38:fa:db:ab:a2:1c:30:1f:18:71:
2d:d7:ee:8c:9f:b1:5e:1a:f1:47:6b:5f:21:5f:63:ed:d8:d9:
68:34:cc:9c:f3:fc:19:a9:77:44:db:82:65:e6:9c:92:4c:f9:
b1:de:ba:b2:dc:9d:6b:fe:68:d5:af:af:3a:ed:38:1a:e4:19:
20:35:a1:26:39:cc:59:7b:8d:86:62:d5:c1:78:05:4a:c2:c3:
e0:86:a8:f6:9d:70:c2:ee:7a:76:c8:4f:8f:a6:e3:04:05:2c:
eb:19:98:db:0e:65:f0:d8:18:71:a1:d3:9f:73:4f:ce:fa:8b:
5f:3e:1f:b5:86:58:2d:1b:84:d2:09:09:24:f7:18:1a:9c:22:
48:b2:aa:e6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATJ3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTI0NjU2WhcNMjUxMjEzMTI0NjU2WjAYMRYw
FAYDVQQDEw02Nzc2OGFjNC1hNmQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5qy76es+KivdXsDKXvgdsPpXPu43Xv55w7WhzOdkqHo48wLUUnaCFN+X
1uc+6aRO/WOOyA3CVMVUTZDZmaCRECXRnOJTUSD90eIxCGTCyDOQ269UxdZtaCpx
9Mje2ekFA5mjdfPVd53KI22Gh5FYHVQoe80hrEVpbpA0eHZd5pGLLPctoYPhRgNW
aWODnYoujnyg+JeNHiSeC6CNHiUS7+Gl9K74HYL6EojAzJf3tSC49QFpefdLWgny
M0sWCDPkuY8iRevYQdRTanDzcBFIo2aldRo89iPuJI3LVF6hh5bEtD656QNlGE0e
EfFwwoqE+xExW/NxEzyNtoDhZiJJ3QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFORJ
hNSDJs4+3okSIO/Ba3z6py5AMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BODg2OTZGMEM5MDcxMUVGQUM4MjNFNkQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt3IMA0GCSqGSIb3DQEB
CwUAA4IBAQC0RUMYonbLAOLb6a8qwEpBIG8igtjM8go6cRQsheyRcFDkGYd/w+UV
GRu1ACh6v22HwYrnganHlz+ZsgiRkVtKSo0YSffI3vQGVmmQO3CjIO+6CN53H1nU
+V/OtmSAbDwovAi3poQ8UGGhThDPOEXtr8SElTj626uiHDAfGHEt1+6Mn7FeGvFH
a18hX2Pt2NloNMyc8/wZqXdE24Jl5pySTPmx3rqy3J1r/mjVr6867Tga5BkgNaEm
OcxZe42GYtXBeAVKwsPghqj2nXDC7np2yE+PpuMEBSzrGZjbDmXw2BhxodOfc0/O
+otfPh+1hlgtG4TSCQkk9xganCJIsqrm
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:26:50 2025 by rpki-client