Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B0C3D138C27811EFA1A66347762E951A.roa
File: B0C3D138C27811EFA1A66347762E951A.roa (raw, json)
Hash identifier: uDF5Wp9xCOK8Ks7RJ1GJ44DyASZcy5cw8CIedONqHEg=
Subject key identifier: B2:EE:2E:9A:06:F9:D0:18:AF:34:65:63:C8:EC:A7:97:4B:62:5E:42
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0124B8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B0C3D138C27811EFA1A66347762E951A.roa
Signing time: Wed 25 Dec 2024 04:28:29 +0000
ROA not before: Wed 25 Dec 2024 04:28:25 +0000
ROA not after: Wed 10 Dec 2025 04:28:25 +0000
asID: 984
IP address blocks: 154.211.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74936 (0x124b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 04:28:25 2024 GMT
Not After : Dec 10 04:28:25 2025 GMT
Subject: CN=676b89ed-68da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:27:87:f4:02:59:28:f7:10:f0:69:94:0d:b1:
84:db:5b:44:65:05:a1:57:9d:2a:53:5c:2f:de:d7:
40:06:3d:0b:dc:75:0f:54:4c:21:eb:6f:8a:e8:31:
b2:f1:3b:05:be:fb:e5:f1:fa:28:d6:e1:ed:e6:b9:
35:bb:8a:9e:1e:3f:2a:94:14:62:75:9c:c0:d3:a9:
ed:1d:70:4f:b1:d6:54:cf:41:65:24:35:86:8e:cc:
be:ab:76:0e:e3:9f:8b:6d:a7:4b:0d:d0:92:ac:4b:
35:2e:7a:f2:d0:f1:f3:f0:04:2e:0c:5a:43:17:88:
f2:e2:56:4b:b7:0f:58:5b:cf:8c:6e:03:00:8b:72:
6b:3c:5e:35:cd:e7:ed:90:45:84:08:00:84:fa:7b:
52:d9:34:ca:63:a1:97:4d:3f:af:9a:fa:4f:60:b9:
6d:d5:15:db:fa:68:ee:f4:dd:7b:d2:02:03:99:aa:
52:ab:e2:c6:75:a6:b0:bc:10:d3:03:be:c7:65:a0:
27:c3:56:96:10:96:98:be:e3:77:d6:3f:f0:f2:a3:
a8:de:bc:d1:df:f8:6e:ee:f1:87:0f:47:00:8b:8e:
f0:ec:9c:b7:f1:5f:2a:e8:de:92:aa:28:0c:4d:54:
b1:fd:cb:22:98:fb:67:10:de:42:eb:a4:7d:32:23:
ec:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:EE:2E:9A:06:F9:D0:18:AF:34:65:63:C8:EC:A7:97:4B:62:5E:42
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B0C3D138C27811EFA1A66347762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.249.0/24
Signature Algorithm: sha256WithRSAEncryption
21:87:be:db:fb:4b:65:b3:bd:7c:0d:3e:d8:df:bb:ab:55:ec:
7e:e0:99:77:95:96:cb:79:9a:8a:98:4c:24:67:a2:ff:27:9f:
79:70:49:f9:11:b4:20:64:10:96:88:bb:d8:f6:d8:81:8e:1f:
97:1e:e9:fb:bb:d4:da:66:2a:e0:7e:f1:0b:79:fc:5f:54:72:
1d:45:de:dd:6c:75:02:1a:fe:53:dc:0a:c8:42:da:3a:df:ff:
3a:a5:82:4a:22:15:55:f0:00:ab:64:c1:e4:f3:69:49:a9:10:
96:cd:a3:1d:a1:4d:26:d3:f1:93:f6:e8:56:a8:0b:3a:41:8a:
ec:18:c6:1e:ba:75:71:5a:1f:d7:7f:12:81:e9:5d:88:69:74:
b7:c4:96:88:0b:83:de:64:78:0e:00:18:56:b5:0d:68:5e:ae:
a8:15:72:fe:dc:dc:c7:ea:f8:7b:a4:7a:0f:29:ee:9d:b0:40:
5c:c2:5e:10:7d:75:0b:41:a9:8f:72:49:ed:97:4b:8d:1d:b1:
cd:b3:40:b0:c5:31:8c:30:9a:f7:14:a4:d0:50:23:77:39:b7:
77:1a:48:7e:7b:91:da:88:ed:a0:e6:10:b9:f8:e2:02:6f:65:
de:84:d2:5c:25:0d:f2:39:e7:e8:10:18:37:f1:72:f0:6e:1e:
fe:fa:bf:c2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASS4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDQyODI1WhcNMjUxMjEwMDQyODI1WjAYMRYw
FAYDVQQDEw02NzZiODllZC02OGRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9ieH9AJZKPcQ8GmUDbGE21tEZQWhV50qU1wv3tdABj0L3HUPVEwh62+K
6DGy8TsFvvvl8foo1uHt5rk1u4qeHj8qlBRidZzA06ntHXBPsdZUz0FlJDWGjsy+
q3YO45+LbadLDdCSrEs1Lnry0PHz8AQuDFpDF4jy4lZLtw9YW8+MbgMAi3JrPF41
zeftkEWECACE+ntS2TTKY6GXTT+vmvpPYLlt1RXb+mju9N170gIDmapSq+LGdaaw
vBDTA77HZaAnw1aWEJaYvuN31j/w8qOo3rzR3/hu7vGHD0cAi47w7Jy38V8q6N6S
qigMTVSx/csimPtnEN5C66R9MiPs9QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLLu
LpoG+dAYrzRlY8jsp5dLYl5CMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMEMzRDEzOEMyNzgxMUVGQTFBNjYzNDc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtP5MA0GCSqGSIb3DQEB
CwUAA4IBAQAhh77b+0tls718DT7Y37urVex+4Jl3lZbLeZqKmEwkZ6L/J595cEn5
EbQgZBCWiLvY9tiBjh+XHun7u9TaZirgfvELefxfVHIdRd7dbHUCGv5T3ArIQto6
3/86pYJKIhVV8ACrZMHk82lJqRCWzaMdoU0m0/GT9uhWqAs6QYrsGMYeunVxWh/X
fxKB6V2IaXS3xJaIC4PeZHgOABhWtQ1oXq6oFXL+3NzH6vh7pHoPKe6dsEBcwl4Q
fXULQamPckntl0uNHbHNs0CwxTGMMJr3FKTQUCN3Obd3Gkh+e5HaiO2g5hC5+OIC
b2XehNJcJQ3yOefoEBg38XLwbh7++r/C
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:46 2025 by rpki-client