Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB7B0DACF43811EF82C7C691762E951A.roa
File: BB7B0DACF43811EF82C7C691762E951A.roa (raw, json)
Hash identifier: SFFOeOLOlLM3nWkZdAjcPIsgpFcQaeWAbwIesb9mEuA=
Subject key identifier: 6B:AD:3F:76:C5:E6:C4:A4:A4:C1:16:FA:9B:AE:48:0B:F0:B8:A6:9F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0162D6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB7B0DACF43811EF82C7C691762E951A.roa
Signing time: Wed 26 Feb 2025 11:56:37 +0000
ROA not before: Wed 26 Feb 2025 11:56:34 +0000
ROA not after: Thu 19 Feb 2026 11:56:34 +0000
asID: 984
IP address blocks: 154.208.106.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90838 (0x162d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 11:56:34 2025 GMT
Not After : Feb 19 11:56:34 2026 GMT
Subject: CN=67bf0175-811f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a6:17:6f:d4:da:3f:97:a1:f6:ad:ac:1f:1b:
d4:80:d7:ec:30:a8:e5:83:26:6e:65:89:79:46:06:
aa:bb:54:82:c4:b1:84:09:dc:72:15:b3:74:1e:24:
66:56:2a:44:f8:b5:4b:28:4f:e1:0e:7d:90:5e:2c:
fc:41:2b:74:b0:30:f7:8f:86:5d:58:ae:05:65:36:
2a:f2:89:89:52:39:9f:98:31:ca:f6:92:d5:00:fe:
61:26:c5:53:41:9f:b7:0b:36:8b:0a:2b:78:9e:55:
23:21:d7:ed:52:a0:24:6c:b1:17:f8:85:cb:d1:ae:
03:4b:0f:ed:fb:eb:c3:9b:fb:ec:0c:59:16:ae:74:
fe:84:59:09:b2:c5:1d:e1:4a:c3:c4:f7:e1:a4:7f:
b3:27:58:a7:10:22:7e:2e:8e:d4:c4:5d:ca:0c:71:
bb:4f:e7:1b:9a:93:2a:aa:c8:8e:91:29:52:ba:1f:
85:17:88:13:3d:04:7a:4b:60:5e:ce:42:79:63:e6:
aa:b4:39:9b:32:8c:96:21:2b:8e:00:5d:d1:47:3b:
c0:ae:c9:4b:77:d8:1b:de:3c:2c:ce:55:b6:42:4e:
70:21:d6:c9:b1:d9:71:d6:64:97:d6:7b:e8:1b:45:
9c:de:f4:db:a0:b4:fa:83:1f:c2:be:c0:5f:a2:04:
ce:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:AD:3F:76:C5:E6:C4:A4:A4:C1:16:FA:9B:AE:48:0B:F0:B8:A6:9F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB7B0DACF43811EF82C7C691762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.106.0/24
Signature Algorithm: sha256WithRSAEncryption
35:e4:64:4d:33:28:31:80:a7:cc:9c:b2:6e:96:a5:33:20:c0:
cc:f3:a6:1a:1a:39:e7:1f:88:de:12:b5:5d:9b:7e:fb:e8:32:
6f:23:2e:c0:c0:c2:56:44:94:e4:48:04:01:26:8b:5c:c3:31:
8e:42:e2:74:bb:d6:fc:5c:4f:7b:24:a0:2d:ba:cc:f5:f3:f6:
1f:d6:10:52:8e:5e:9b:23:61:e3:f9:6d:b5:3a:f7:34:c1:47:
c7:f8:fd:0c:d0:8a:db:8b:15:79:18:53:78:0a:a1:88:0f:ee:
45:ed:d2:ae:8f:a1:c2:e6:c5:6e:87:9d:84:de:70:7c:bc:09:
c7:07:2f:01:f9:13:fb:ae:f1:89:5d:63:63:62:a4:2a:75:94:
26:f7:27:81:f1:65:7b:51:75:a4:d3:3e:21:5d:de:72:ee:51:
76:98:18:6d:b2:77:70:29:b1:53:38:21:0e:44:e4:87:95:97:
2b:56:41:da:34:b1:5c:93:69:9e:f9:0b:ef:d3:12:88:82:7f:
42:2b:02:e8:2b:b0:54:3f:38:df:96:6d:ae:8c:88:97:2f:b5:
b9:d3:ed:21:1d:fe:8d:c9:58:aa:6e:f6:b1:d5:f5:27:37:88:
27:12:14:97:51:c1:f6:18:8f:ce:3b:b2:e9:9f:62:94:cb:ad:
b7:66:51:ad
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWLWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTE1NjM0WhcNMjYwMjE5MTE1NjM0WjAYMRYw
FAYDVQQDEw02N2JmMDE3NS04MTFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuqYXb9TaP5eh9q2sHxvUgNfsMKjlgyZuZYl5Rgaqu1SCxLGECdxyFbN0
HiRmVipE+LVLKE/hDn2QXiz8QSt0sDD3j4ZdWK4FZTYq8omJUjmfmDHK9pLVAP5h
JsVTQZ+3CzaLCit4nlUjIdftUqAkbLEX+IXL0a4DSw/t++vDm/vsDFkWrnT+hFkJ
ssUd4UrDxPfhpH+zJ1inECJ+Lo7UxF3KDHG7T+cbmpMqqsiOkSlSuh+FF4gTPQR6
S2BezkJ5Y+aqtDmbMoyWISuOAF3RRzvArslLd9gb3jwszlW2Qk5wIdbJsdlx1mSX
1nvoG0Wc3vTboLT6gx/CvsBfogTOaQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGut
P3bF5sSkpMEW+puuSAvwuKafMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQjdCMERBQ0Y0MzgxMUVGODJDN0M2OTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtBqMA0GCSqGSIb3DQEB
CwUAA4IBAQA15GRNMygxgKfMnLJulqUzIMDM86YaGjnnH4jeErVdm3776DJvIy7A
wMJWRJTkSAQBJotcwzGOQuJ0u9b8XE97JKAtusz18/Yf1hBSjl6bI2Hj+W21Ovc0
wUfH+P0M0IrbixV5GFN4CqGID+5F7dKuj6HC5sVuh52E3nB8vAnHBy8B+RP7rvGJ
XWNjYqQqdZQm9yeB8WV7UXWk0z4hXd5y7lF2mBhtsndwKbFTOCEOROSHlZcrVkHa
NLFck2me+Qvv0xKIgn9CKwLoK7BUPzjflm2ujIiXL7W50+0hHf6NyViqbvax1fUn
N4gnEhSXUcH2GI/OO7Lpn2KUy623ZlGt
-----END CERTIFICATE-----
Generated at Fri Apr 11 02:48:57 2025 by rpki-client