Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A8877DD0BEDB11EFB5AB0360762E951A.roa
File: A8877DD0BEDB11EFB5AB0360762E951A.roa (raw, json)
Hash identifier: 9O+8Shy3UeYXBNuOSgypA6nbxDJKSVS4SS3BuaIFBH4=
Subject key identifier: F8:BC:DC:5D:5E:C1:77:FE:DF:53:11:67:26:DC:D6:2F:B6:EA:4F:70
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011D24
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A8877DD0BEDB11EFB5AB0360762E951A.roa
Signing time: Fri 20 Dec 2024 14:06:51 +0000
ROA not before: Fri 20 Dec 2024 14:06:47 +0000
ROA not after: Wed 25 Jun 2025 14:06:47 +0000
asID: 400619
IP address blocks: 154.84.56.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72996 (0x11d24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 20 14:06:47 2024 GMT
Not After : Jun 25 14:06:47 2025 GMT
Subject: CN=676579fa-a1a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3d:1d:ec:ff:37:67:45:35:52:56:0b:b6:6b:
51:9f:71:8e:31:32:6f:7e:94:12:2a:90:a6:4a:bc:
5f:e9:7b:24:8a:18:74:c0:7f:50:75:41:62:9c:e3:
dc:b5:af:fb:4f:e6:6a:1e:1d:51:b8:a3:10:98:f9:
14:c8:f7:82:fc:43:37:5d:ca:62:d8:e2:66:0d:7e:
be:17:23:cd:8c:9c:93:4c:f1:2a:54:9d:e2:8a:de:
77:88:c9:44:45:96:bf:36:5e:fd:46:e7:25:e0:1d:
d7:bf:60:6e:77:b8:fc:b2:eb:1a:2b:01:fa:01:1f:
d3:22:26:f2:29:6f:81:cf:a0:31:7c:f3:0a:2d:37:
fa:b4:04:66:24:1e:70:ff:3c:82:5a:c8:e2:05:6b:
1a:52:e0:a3:75:94:8a:78:ca:59:31:d3:c8:36:14:
4f:f2:d8:61:66:c9:df:71:66:2f:69:f7:c8:cb:4b:
6b:46:82:af:32:b0:fa:3e:43:55:ec:55:4b:51:7a:
37:90:5d:e1:42:c9:c7:26:a7:92:b3:98:7c:d9:c1:
53:fb:38:c3:67:b5:e8:d6:45:89:f9:53:1d:8f:eb:
0a:96:7f:6c:53:a3:d8:88:9c:96:52:0f:de:74:bc:
ec:15:c1:66:c6:18:e4:f1:e6:68:1f:b3:59:86:89:
e9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:BC:DC:5D:5E:C1:77:FE:DF:53:11:67:26:DC:D6:2F:B6:EA:4F:70
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A8877DD0BEDB11EFB5AB0360762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.56.0/21
Signature Algorithm: sha256WithRSAEncryption
4a:45:20:86:0e:69:01:35:93:9a:53:15:45:9e:ec:ad:05:2a:
07:6a:53:ce:9c:ac:6e:93:aa:a3:cf:37:fa:b8:a9:36:1a:c5:
86:04:aa:bd:d9:79:a0:f9:c0:ec:41:05:be:0d:d2:10:e8:12:
af:08:de:3a:3f:56:0c:5d:c2:70:5b:6b:70:0a:87:d1:ea:cb:
82:e8:44:85:66:73:58:07:48:fa:32:10:99:2d:3c:3c:c9:c9:
92:9f:17:ec:2d:61:b5:76:aa:36:c1:35:d1:be:52:f3:74:1e:
fd:9b:59:2b:68:8c:ea:af:8b:fc:39:c4:71:50:94:62:00:9c:
3c:48:9e:86:21:47:03:5c:30:74:e9:b7:9f:21:78:8c:51:08:
d1:db:c1:07:b5:82:f6:a3:00:7a:72:9e:eb:cf:0e:f0:10:17:
f1:2d:83:be:53:ac:86:38:3f:0e:98:44:66:ca:36:d1:74:f9:
5f:0e:2a:6d:55:5a:3f:7e:30:56:f8:42:87:21:ff:9e:b1:75:
ef:c0:c6:c1:60:4f:2e:aa:b5:36:f6:78:1f:74:54:9e:e9:bc:
44:06:c5:35:6b:35:98:9f:ad:6c:23:ba:a5:dd:44:0b:97:1c:
ae:87:32:0d:ac:28:d1:55:f1:fb:57:1c:70:f2:73:82:53:e7:
0c:31:9d:7f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR0kMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIwMTQwNjQ3WhcNMjUwNjI1MTQwNjQ3WjAYMRYw
FAYDVQQDEw02NzY1NzlmYS1hMWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsj0d7P83Z0U1UlYLtmtRn3GOMTJvfpQSKpCmSrxf6Xskihh0wH9QdUFi
nOPcta/7T+ZqHh1RuKMQmPkUyPeC/EM3Xcpi2OJmDX6+FyPNjJyTTPEqVJ3iit53
iMlERZa/Nl79Rucl4B3Xv2Bud7j8susaKwH6AR/TIibyKW+Bz6AxfPMKLTf6tARm
JB5w/zyCWsjiBWsaUuCjdZSKeMpZMdPINhRP8thhZsnfcWYvaffIy0trRoKvMrD6
PkNV7FVLUXo3kF3hQsnHJqeSs5h82cFT+zjDZ7Xo1kWJ+VMdj+sKln9sU6PYiJyW
Ug/edLzsFcFmxhjk8eZoH7NZhonpQQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPi8
3F1ewXf+31MRZybc1i+26k9wMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BODg3N0REMEJFREIxMUVGQjVBQjAzNjA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmlQ4MA0GCSqGSIb3DQEB
CwUAA4IBAQBKRSCGDmkBNZOaUxVFnuytBSoHalPOnKxuk6qjzzf6uKk2GsWGBKq9
2Xmg+cDsQQW+DdIQ6BKvCN46P1YMXcJwW2twCofR6suC6ESFZnNYB0j6MhCZLTw8
ycmSnxfsLWG1dqo2wTXRvlLzdB79m1kraIzqr4v8OcRxUJRiAJw8SJ6GIUcDXDB0
6befIXiMUQjR28EHtYL2owB6cp7rzw7wEBfxLYO+U6yGOD8OmERmyjbRdPlfDipt
VVo/fjBW+EKHIf+esXXvwMbBYE8uqrU29ngfdFSe6bxEBsU1azWYn61sI7ql3UQL
lxyuhzINrCjRVfH7Vxxw8nOCU+cMMZ1/
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:39:34 2025 by rpki-client