Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9EF5952C3DC11EF9C822D8D762E951A.roa
File: B9EF5952C3DC11EF9C822D8D762E951A.roa (raw, json)
Hash identifier: gSWVwBwwOZj7jUSMZNTsr67qIk2NlYqBieXXmrxvN0E=
Subject key identifier: 0C:F7:54:1D:C3:9D:7E:58:E7:A6:58:2F:6A:94:BD:C0:46:CD:7E:40
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0128B6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9EF5952C3DC11EF9C822D8D762E951A.roa
Signing time: Thu 26 Dec 2024 22:57:05 +0000
ROA not before: Thu 26 Dec 2024 22:57:01 +0000
ROA not after: Fri 12 Dec 2025 22:57:01 +0000
asID: 984
IP address blocks: 154.86.12.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75958 (0x128b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 22:57:01 2024 GMT
Not After : Dec 12 22:57:01 2025 GMT
Subject: CN=676ddf41-afab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4d:6e:fd:c6:8f:67:76:80:ea:75:33:1b:8f:
d7:ca:78:29:e0:bb:39:05:2a:0a:3d:82:2e:2f:e0:
b1:17:5c:d9:5a:12:67:b6:9a:70:8f:85:79:ff:d2:
27:d4:da:69:31:fe:2b:7e:5a:d2:19:8f:f0:6d:64:
d3:56:84:fb:df:5e:3f:19:fd:eb:7e:b7:7b:48:b2:
18:cd:2c:12:d1:5e:27:40:9e:ef:a5:30:8f:11:31:
05:cf:86:fa:32:09:be:65:1c:6f:11:09:e3:c1:12:
d1:eb:37:7e:fe:0c:1b:61:8a:b5:63:6e:73:16:a7:
8f:1c:54:ac:1a:7f:56:91:c3:ce:8e:a6:6e:43:8d:
5f:26:b3:1b:f7:69:9c:aa:56:63:2e:74:86:ae:46:
e8:b5:46:61:b4:2d:9d:be:42:ab:17:21:01:fc:87:
ca:8e:8e:41:ea:47:49:35:cc:44:42:51:38:0b:5e:
28:40:4c:15:5d:aa:c8:b7:79:fc:b9:70:24:11:35:
cd:ba:fc:a8:bd:a6:86:15:f2:3f:cc:25:34:ab:09:
3b:cc:5f:06:37:5c:8f:fe:34:64:4b:97:f1:2c:44:
51:d6:7b:67:a5:fd:f1:a9:68:92:81:ff:ae:76:55:
c1:6b:cf:75:76:01:af:cc:d6:67:e3:e3:48:65:40:
99:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:F7:54:1D:C3:9D:7E:58:E7:A6:58:2F:6A:94:BD:C0:46:CD:7E:40
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9EF5952C3DC11EF9C822D8D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.12.0/24
Signature Algorithm: sha256WithRSAEncryption
02:75:27:9c:a3:87:eb:9e:c2:c8:0f:af:67:39:df:5a:9e:c3:
f2:60:5d:91:32:a0:56:4e:65:3c:7b:eb:24:b4:5b:9a:6e:e3:
7e:f1:6d:9b:91:6b:ec:65:30:b4:90:37:06:7e:c2:68:0b:f2:
f3:32:c5:39:30:52:b7:8c:00:93:20:ad:4c:1c:3c:a3:f5:f0:
2e:e6:ee:e1:a4:8c:2f:a3:54:8e:71:a9:07:1c:47:50:3d:1d:
16:0b:11:f7:66:e1:21:a2:52:6c:cf:7a:61:56:68:6d:0f:5d:
9f:0f:26:1d:bc:99:0c:09:be:26:5c:2c:4f:4d:4f:35:3c:79:
42:06:80:8c:e1:b4:16:15:f7:69:8c:1a:36:18:a0:cd:e1:ce:
cf:d9:e0:9e:76:07:96:ee:ae:81:71:07:75:8a:c4:1f:c2:80:
f1:c8:5c:e6:bc:ad:c8:e5:8b:14:b4:c1:3c:c9:1e:a4:22:57:
e4:75:9d:2d:56:e5:84:69:02:1d:d7:1b:0c:c9:3a:af:08:b1:
ce:77:b4:38:97:7d:a4:90:6b:18:b5:f3:d8:54:9b:06:4b:f4:
44:4e:f0:36:20:05:68:23:52:11:f4:aa:4f:0f:b1:1d:e4:74:
a5:ab:4c:a9:bb:2e:1f:84:c9:d6:45:83:bf:3e:69:52:a7:93:
1c:84:7c:0b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASi2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MjI1NzAxWhcNMjUxMjEyMjI1NzAxWjAYMRYw
FAYDVQQDEw02NzZkZGY0MS1hZmFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuk1u/caPZ3aA6nUzG4/Xyngp4Ls5BSoKPYIuL+CxF1zZWhJntppwj4V5
/9In1NppMf4rflrSGY/wbWTTVoT7314/Gf3rfrd7SLIYzSwS0V4nQJ7vpTCPETEF
z4b6Mgm+ZRxvEQnjwRLR6zd+/gwbYYq1Y25zFqePHFSsGn9WkcPOjqZuQ41fJrMb
92mcqlZjLnSGrkbotUZhtC2dvkKrFyEB/IfKjo5B6kdJNcxEQlE4C14oQEwVXarI
t3n8uXAkETXNuvyovaaGFfI/zCU0qwk7zF8GN1yP/jRkS5fxLERR1ntnpf3xqWiS
gf+udlXBa891dgGvzNZn4+NIZUCZGQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAz3
VB3DnX5Y56ZYL2qUvcBGzX5AMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9COUVGNTk1MkMzREMxMUVGOUM4MjJEOEQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlYMMA0GCSqGSIb3DQEB
CwUAA4IBAQACdSeco4frnsLID69nOd9ansPyYF2RMqBWTmU8e+sktFuabuN+8W2b
kWvsZTC0kDcGfsJoC/LzMsU5MFK3jACTIK1MHDyj9fAu5u7hpIwvo1SOcakHHEdQ
PR0WCxH3ZuEholJsz3phVmhtD12fDyYdvJkMCb4mXCxPTU81PHlCBoCM4bQWFfdp
jBo2GKDN4c7P2eCedgeW7q6BcQd1isQfwoDxyFzmvK3I5YsUtME8yR6kIlfkdZ0t
VuWEaQId1xsMyTqvCLHOd7Q4l32kkGsYtfPYVJsGS/RETvA2IAVoI1IR9KpPD7Ed
5HSlq0ypuy4fhMnWRYO/PmlSp5MchHwL
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:19:23 2025 by rpki-client