Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB2448B2F43011EFAE56125A762E951A.roa
File: BB2448B2F43011EFAE56125A762E951A.roa (raw, json)
Hash identifier: b2b91SPRyEofv1RyVO6sJXPrwCdk51rPovkGmyZWZso=
Subject key identifier: C0:AD:C0:80:35:DF:43:DF:5B:12:FC:68:94:E1:0B:BB:46:DD:7B:AB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016269
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB2448B2F43011EFAE56125A762E951A.roa
Signing time: Wed 26 Feb 2025 10:59:21 +0000
ROA not before: Wed 26 Feb 2025 10:59:17 +0000
ROA not after: Fri 20 Feb 2026 10:59:17 +0000
asID: 984
IP address blocks: 154.199.14.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90729 (0x16269)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 10:59:17 2025 GMT
Not After : Feb 20 10:59:17 2026 GMT
Subject: CN=67bef409-8777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:52:b3:11:ce:0e:93:2b:3c:13:10:cb:62:31:
f7:e7:1a:4a:d9:3d:cd:b6:4c:0a:98:c8:31:77:20:
f3:17:18:b7:a6:65:d8:76:b4:b3:91:8e:e9:9f:fc:
69:cd:f2:08:d9:6c:a6:8f:45:a1:ee:50:ce:d0:63:
24:3c:e5:ba:76:30:1f:25:97:a7:4d:2f:3f:51:f1:
4e:55:bb:0f:42:05:5d:75:89:64:dc:f8:3b:1f:2c:
a7:da:26:dc:80:6f:e6:6e:49:6a:49:67:92:37:d7:
cc:b6:b1:ec:f0:eb:be:4d:80:46:1f:a4:14:3e:cf:
4f:7f:d4:3c:c9:95:1f:52:5f:53:66:01:6f:8d:b6:
e3:a4:3d:5e:eb:fd:c2:d2:42:60:82:6f:49:90:f1:
41:38:bf:4d:04:95:ec:22:5e:29:5c:fd:ae:ae:0f:
b2:dd:64:ea:20:65:0d:d0:97:60:df:96:de:ad:6a:
96:22:b1:eb:f2:97:69:3a:1a:8d:50:69:ba:14:2c:
b4:d9:66:74:3c:3e:bf:5e:40:21:28:84:fb:38:d7:
a2:a8:5a:8b:62:3f:a3:69:30:79:62:e6:db:95:ec:
34:8b:3b:27:87:68:32:b5:7d:9f:20:a4:7f:ea:61:
46:0c:c8:33:ff:fe:e1:d7:76:ed:20:54:8b:40:4c:
cb:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:AD:C0:80:35:DF:43:DF:5B:12:FC:68:94:E1:0B:BB:46:DD:7B:AB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB2448B2F43011EFAE56125A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.14.0/24
Signature Algorithm: sha256WithRSAEncryption
be:26:3e:79:d5:3b:65:10:04:dc:09:39:ea:4d:42:eb:8f:ad:
64:aa:fc:23:82:d2:46:1e:70:b9:34:0a:9f:04:ba:20:61:87:
e3:73:0a:6b:bf:1f:fe:fd:fa:0f:f0:f9:e9:ef:0d:96:b9:ab:
fb:ad:f0:b8:4d:8d:ed:9a:a8:c7:d2:a0:30:a2:a7:be:18:82:
a0:21:a1:f9:4c:b7:c7:28:3f:7c:b7:b1:ce:a8:66:b6:30:f5:
5c:e6:73:2b:22:29:79:d1:ae:b6:1a:72:bc:62:fe:88:7e:b2:
89:05:f5:50:b7:d6:f5:c2:9e:19:8c:ff:7f:5d:97:b6:b5:25:
f9:6b:4c:a8:54:d8:d8:af:ae:ed:2d:b1:e8:48:bb:bf:2b:f6:
d8:b4:65:db:51:5b:e0:5f:89:ff:7f:34:bf:d2:48:38:20:18:
9e:b2:2a:1a:7f:3d:a0:87:1a:92:62:a5:cb:5c:2a:1a:00:41:
4f:15:40:9c:0b:78:e7:a6:90:07:0b:f2:b9:2c:0e:34:70:f6:
8e:cc:c5:6f:01:56:5c:34:eb:59:ee:11:7b:89:24:b0:e8:78:
fd:e1:70:ef:1b:af:f7:7e:e6:a8:34:11:db:bd:d0:50:93:83:
e1:f2:92:7b:10:ef:71:d2:e4:85:bd:44:24:c5:48:b9:58:6d:
da:9a:61:92
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWJpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTA1OTE3WhcNMjYwMjIwMTA1OTE3WjAYMRYw
FAYDVQQDEw02N2JlZjQwOS04Nzc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwFKzEc4Okys8ExDLYjH35xpK2T3NtkwKmMgxdyDzFxi3pmXYdrSzkY7p
n/xpzfII2Wymj0Wh7lDO0GMkPOW6djAfJZenTS8/UfFOVbsPQgVddYlk3Pg7Hyyn
2ibcgG/mbklqSWeSN9fMtrHs8Ou+TYBGH6QUPs9Pf9Q8yZUfUl9TZgFvjbbjpD1e
6/3C0kJggm9JkPFBOL9NBJXsIl4pXP2urg+y3WTqIGUN0Jdg35berWqWIrHr8pdp
OhqNUGm6FCy02WZ0PD6/XkAhKIT7ONeiqFqLYj+jaTB5Yubblew0izsnh2gytX2f
IKR/6mFGDMgz//7h13btIFSLQEzLBQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMCt
wIA130PfWxL8aJThC7tG3XurMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQjI0NDhCMkY0MzAxMUVGQUU1NjEyNUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmscOMA0GCSqGSIb3DQEB
CwUAA4IBAQC+Jj551TtlEATcCTnqTULrj61kqvwjgtJGHnC5NAqfBLogYYfjcwpr
vx/+/foP8Pnp7w2Wuav7rfC4TY3tmqjH0qAwoqe+GIKgIaH5TLfHKD98t7HOqGa2
MPVc5nMrIil50a62GnK8Yv6IfrKJBfVQt9b1wp4ZjP9/XZe2tSX5a0yoVNjYr67t
LbHoSLu/K/bYtGXbUVvgX4n/fzS/0kg4IBiesioafz2ghxqSYqXLXCoaAEFPFUCc
C3jnppAHC/K5LA40cPaOzMVvAVZcNOtZ7hF7iSSw6Hj94XDvG6/3fuaoNBHbvdBQ
k4Ph8pJ7EO9x0uSFvUQkxUi5WG3ammGS
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:09 2025 by rpki-client