Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB8D79F4C40C11EFA0187054762E951A.roa
File: AB8D79F4C40C11EFA0187054762E951A.roa (raw, json)
Hash identifier: HAm74vjAP18IBXuUjg+ofuavzK42gx9tLz80XPrBSAI=
Subject key identifier: 99:AB:3A:C5:B4:8C:DA:EE:DB:87:D9:3E:0B:21:05:45:49:5D:1C:B5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012925
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB8D79F4C40C11EFA0187054762E951A.roa
Signing time: Fri 27 Dec 2024 04:40:17 +0000
ROA not before: Fri 27 Dec 2024 04:40:13 +0000
ROA not after: Fri 12 Dec 2025 04:40:13 +0000
asID: 984
IP address blocks: 154.196.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76069 (0x12925)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 27 04:40:13 2024 GMT
Not After : Dec 12 04:40:13 2025 GMT
Subject: CN=676e2fb1-0328
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d7:f4:e8:51:3c:a0:c8:f4:15:1a:6c:41:e2:
ac:09:07:2b:74:aa:37:b7:ac:91:0b:bd:c5:29:f8:
82:cf:aa:70:f9:29:99:d5:c8:e7:5d:62:ef:2c:52:
db:06:2b:12:96:5d:0c:42:21:e0:02:85:60:25:d9:
46:32:f1:43:2b:76:52:cc:c0:60:7b:1c:49:df:d5:
ad:96:63:75:c8:29:6d:8b:da:7d:d9:56:a8:24:70:
f5:74:8c:72:7d:95:43:55:5f:57:a5:97:a8:e8:9d:
bf:cf:b2:e4:45:6e:a4:f6:78:34:64:6f:e2:0c:98:
26:f6:27:89:9d:af:b1:ea:8d:a9:a9:dc:f3:4c:07:
be:9e:d5:b1:17:29:ad:86:d2:46:42:33:3f:47:ff:
59:94:fd:56:bc:c2:85:93:9e:8b:f8:13:c6:0f:cc:
d5:1f:01:7e:ab:17:6e:22:6a:7a:2f:e6:21:e7:a8:
f2:53:53:ec:2a:06:c9:d9:72:df:7a:e5:dd:26:d1:
fe:74:40:49:26:a1:c0:c6:f2:5d:a9:a9:89:37:f9:
fb:10:8f:e7:14:97:63:03:22:18:d3:65:47:bc:dc:
89:24:fe:1a:1f:79:70:b1:a8:ed:4d:2b:75:57:17:
e0:20:1e:26:ce:f7:96:e6:ee:73:d4:0c:28:f7:6d:
06:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:AB:3A:C5:B4:8C:DA:EE:DB:87:D9:3E:0B:21:05:45:49:5D:1C:B5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB8D79F4C40C11EFA0187054762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.220.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:79:37:fc:de:97:62:37:a3:35:13:7e:6f:2a:20:66:96:86:
12:73:7d:7f:9e:4b:ed:ac:fd:57:38:85:a3:cf:b9:e9:5f:a5:
9b:cb:e7:ea:76:fc:36:e6:db:ab:20:44:c8:dd:46:53:cb:77:
24:8e:b7:02:02:40:19:c7:65:fd:e8:b0:56:d4:51:4e:19:6d:
85:1d:89:95:e9:47:b5:c6:7b:7d:10:ce:cf:9e:bc:50:0f:08:
b2:49:30:25:fa:3f:67:ac:cb:9f:e1:62:dd:1e:0d:27:39:7c:
5a:3d:21:bb:4e:b8:66:b6:9d:19:92:36:7b:51:f0:57:01:62:
69:f0:0b:be:c7:ac:52:b7:38:f9:21:ef:1c:9c:13:46:33:2e:
04:55:84:97:a5:93:15:ee:fe:b1:31:b7:b2:63:87:8a:16:7c:
42:f9:65:58:ae:51:c7:78:ae:21:25:33:ed:c0:f8:bc:2f:26:
f9:fd:88:37:6e:68:d1:3d:a7:20:b1:0d:1d:f0:dc:09:97:4a:
7f:4e:e9:a3:79:33:28:64:2e:c6:2a:2c:6e:a9:99:85:5a:fd:
45:78:09:44:d1:a5:3d:df:4c:b2:b3:e9:ed:2b:b5:c4:60:1a:
18:03:26:5a:9e:ac:1b:5f:e1:c5:e5:57:e6:89:02:d3:d2:f5:
c8:14:07:50
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASklMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI3MDQ0MDEzWhcNMjUxMjEyMDQ0MDEzWjAYMRYw
FAYDVQQDEw02NzZlMmZiMS0wMzI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqtf06FE8oMj0FRpsQeKsCQcrdKo3t6yRC73FKfiCz6pw+SmZ1cjnXWLv
LFLbBisSll0MQiHgAoVgJdlGMvFDK3ZSzMBgexxJ39WtlmN1yClti9p92VaoJHD1
dIxyfZVDVV9XpZeo6J2/z7LkRW6k9ng0ZG/iDJgm9ieJna+x6o2pqdzzTAe+ntWx
FymthtJGQjM/R/9ZlP1WvMKFk56L+BPGD8zVHwF+qxduImp6L+Yh56jyU1PsKgbJ
2XLfeuXdJtH+dEBJJqHAxvJdqamJN/n7EI/nFJdjAyIY02VHvNyJJP4aH3lwsajt
TSt1VxfgIB4mzveW5u5z1Awo920GJwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJmr
OsW0jNru24fZPgshBUVJXRy1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQjhENzlGNEM0MEMxMUVGQTAxODcwNTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsTcMA0GCSqGSIb3DQEB
CwUAA4IBAQCweTf83pdiN6M1E35vKiBmloYSc31/nkvtrP1XOIWjz7npX6Wby+fq
dvw25turIETI3UZTy3ckjrcCAkAZx2X96LBW1FFOGW2FHYmV6Ue1xnt9EM7PnrxQ
DwiySTAl+j9nrMuf4WLdHg0nOXxaPSG7Trhmtp0ZkjZ7UfBXAWJp8Au+x6xStzj5
Ie8cnBNGMy4EVYSXpZMV7v6xMbeyY4eKFnxC+WVYrlHHeK4hJTPtwPi8Lyb5/Yg3
bmjRPacgsQ0d8NwJl0p/TumjeTMoZC7GKixuqZmFWv1FeAlE0aU930yys+ntK7XE
YBoYAyZanqwbX+HF5VfmiQLT0vXIFAdQ
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:38 2025 by rpki-client