Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AC024696C5E511EF9B406180762E951A.roa
File: AC024696C5E511EF9B406180762E951A.roa (raw, json)
Hash identifier: EdffH0IcI46t2CPhpjWTop+g1DlAPSfdOfO85Q+qumI=
Subject key identifier: 9B:7D:E6:24:40:87:B8:49:DF:79:2D:1C:6D:AE:9B:5C:20:5D:35:95
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012D76
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AC024696C5E511EF9B406180762E951A.roa
Signing time: Sun 29 Dec 2024 13:06:10 +0000
ROA not before: Sun 29 Dec 2024 13:06:06 +0000
ROA not after: Fri 12 Dec 2025 13:06:06 +0000
asID: 984
IP address blocks: 154.210.125.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77174 (0x12d76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 13:06:06 2024 GMT
Not After : Dec 12 13:06:06 2025 GMT
Subject: CN=67714941-5be9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:2d:86:59:ee:1f:e0:96:1d:25:44:e4:e6:2a:
e5:2a:61:7b:0a:92:80:2f:0d:61:75:32:9b:7a:7a:
9e:3c:3c:10:81:50:a5:88:7e:af:67:93:16:fa:d5:
f9:38:95:c6:1e:fb:c0:ff:71:24:65:cd:03:04:4a:
76:54:49:f0:f2:b1:af:48:bf:4c:b1:57:92:b4:d3:
7b:38:b4:05:b6:07:41:21:82:fa:a7:6f:2b:23:74:
57:2f:19:0b:2e:c7:dd:36:98:3b:01:71:a9:66:11:
14:1c:c2:70:bc:dc:73:e5:5e:84:e2:fb:03:0f:d6:
8f:a0:a8:a9:34:48:83:75:4f:5f:c6:a2:0e:80:b5:
77:d9:28:9c:bc:25:ed:88:34:b7:5c:88:c0:87:ba:
f6:c7:70:72:55:f2:15:a5:2e:6b:75:bc:50:80:3b:
dc:ae:88:c9:44:c7:af:af:a6:a6:01:d7:a6:4f:81:
a7:13:8d:5f:8e:33:90:3d:7c:35:d1:25:f7:e7:c1:
ee:2c:b5:d7:a5:85:ca:0f:97:90:92:5e:b3:67:ab:
7c:b9:bd:02:4a:fc:ea:dd:d5:25:7a:40:f3:2a:72:
fc:73:61:76:92:b0:ac:f9:77:1d:74:32:c9:f3:27:
78:a0:b9:8d:3c:20:79:41:96:0e:60:05:f0:be:f2:
28:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:7D:E6:24:40:87:B8:49:DF:79:2D:1C:6D:AE:9B:5C:20:5D:35:95
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AC024696C5E511EF9B406180762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.125.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:73:c4:da:a6:1e:32:5f:3c:34:9a:76:34:47:1e:64:a7:ad:
00:16:07:a5:f6:6c:a4:02:36:82:a2:dd:55:b8:6b:34:66:25:
e2:a1:44:6a:78:33:e4:65:2b:05:e0:06:16:f3:ff:0a:f2:90:
e6:de:20:dc:6a:69:86:66:56:31:f4:2b:15:84:75:c4:c7:e5:
12:ee:4a:6d:d1:02:5e:64:98:59:47:6c:48:23:ce:90:15:33:
c3:f8:0c:fd:45:4a:ba:2a:74:ec:54:85:ee:59:b5:73:8c:7c:
d2:85:48:42:fd:50:54:9e:a6:61:f8:41:28:44:c7:c2:d7:1e:
de:d1:70:07:80:0e:6e:56:15:33:20:da:81:40:c2:71:3c:d4:
6f:2c:b7:fa:04:9f:8a:0f:37:6e:9e:db:44:08:51:f8:68:8a:
a2:6c:43:5d:ea:05:43:0e:cb:c9:c6:dc:65:9c:d4:7c:c8:4a:
71:01:c3:62:0c:1a:58:50:cd:f9:55:55:ed:55:96:53:fb:8e:
3a:5f:d7:1b:6d:59:b2:70:74:66:95:56:e4:06:34:9c:a9:bf:
a8:70:43:f9:ac:e5:4e:bf:df:ed:01:d6:34:5e:d9:fc:cc:41:
50:bb:76:3a:a1:8e:81:09:39:2a:95:0f:93:7a:45:d0:55:49:
54:42:0c:f7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS12MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTMwNjA2WhcNMjUxMjEyMTMwNjA2WjAYMRYw
FAYDVQQDEw02NzcxNDk0MS01YmU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoC2GWe4f4JYdJUTk5irlKmF7CpKALw1hdTKbenqePDwQgVCliH6vZ5MW
+tX5OJXGHvvA/3EkZc0DBEp2VEnw8rGvSL9MsVeStNN7OLQFtgdBIYL6p28rI3RX
LxkLLsfdNpg7AXGpZhEUHMJwvNxz5V6E4vsDD9aPoKipNEiDdU9fxqIOgLV32Sic
vCXtiDS3XIjAh7r2x3ByVfIVpS5rdbxQgDvcrojJRMevr6amAdemT4GnE41fjjOQ
PXw10SX358HuLLXXpYXKD5eQkl6zZ6t8ub0CSvzq3dUlekDzKnL8c2F2krCs+Xcd
dDLJ8yd4oLmNPCB5QZYOYAXwvvIoowIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJt9
5iRAh7hJ33ktHG2um1wgXTWVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQzAyNDY5NkM1RTUxMUVGOUI0MDYxODA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtJ9MA0GCSqGSIb3DQEB
CwUAA4IBAQArc8Taph4yXzw0mnY0Rx5kp60AFgel9mykAjaCot1VuGs0ZiXioURq
eDPkZSsF4AYW8/8K8pDm3iDcammGZlYx9CsVhHXEx+US7kpt0QJeZJhZR2xII86Q
FTPD+Az9RUq6KnTsVIXuWbVzjHzShUhC/VBUnqZh+EEoRMfC1x7e0XAHgA5uVhUz
INqBQMJxPNRvLLf6BJ+KDzdunttECFH4aIqibENd6gVDDsvJxtxlnNR8yEpxAcNi
DBpYUM35VVXtVZZT+446X9cbbVmycHRmlVbkBjScqb+ocEP5rOVOv9/tAdY0Xtn8
zEFQu3Y6oY6BCTkqlQ+TekXQVUlUQgz3
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:04:59 2025 by rpki-client