Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE4722A2C92011EFB000108A762E951A.roa
File: BE4722A2C92011EFB000108A762E951A.roa (raw, json)
Hash identifier: g15qbzw0Y6PxjoC/AjDh/Iua4xfEHXpgw5+nmRX0jkk=
Subject key identifier: D4:A7:A3:80:6D:BF:00:38:D5:2B:D5:AB:7A:D4:3A:C6:6E:C8:47:D1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013329
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE4722A2C92011EFB000108A762E951A.roa
Signing time: Thu 02 Jan 2025 15:46:34 +0000
ROA not before: Thu 02 Jan 2025 15:46:30 +0000
ROA not after: Sat 13 Dec 2025 15:46:30 +0000
asID: 984
IP address blocks: 154.222.89.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78633 (0x13329)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 15:46:30 2025 GMT
Not After : Dec 13 15:46:30 2025 GMT
Subject: CN=6776b4da-75a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:74:5b:3b:69:09:45:f2:8b:6d:d2:7f:44:ed:
43:53:7e:c3:1c:06:51:61:c8:9f:43:5e:61:62:e2:
61:b6:54:7d:50:42:47:0d:ad:4d:a6:97:1a:91:50:
6b:35:a8:f0:63:cb:2a:87:d7:3a:a7:67:e2:9f:7c:
68:06:06:1b:fc:2d:81:05:a0:10:c8:b2:a0:23:78:
48:55:61:b2:49:87:de:b4:16:01:fb:14:4b:f2:b4:
fb:74:40:a2:f1:da:dc:bf:62:17:c0:07:a7:51:06:
1a:90:da:ed:b1:5c:3a:1d:1f:d6:ca:90:4c:c9:ff:
d4:a3:2d:1b:df:1f:50:2d:7a:24:9a:24:02:8b:b5:
74:d6:8a:8d:2f:6f:04:5a:bd:a7:fa:bb:96:25:d5:
a2:aa:fd:4c:d7:ba:cf:1e:d3:27:30:5b:20:1e:0b:
b2:40:0b:45:c1:63:e0:ab:8b:b4:08:8c:5f:d8:4c:
2a:50:d8:49:e9:e6:7c:80:6c:6c:ef:3f:6e:60:4c:
7d:c4:cc:ac:f8:32:f6:f1:99:68:08:80:d1:53:f7:
cd:de:be:03:21:1f:cd:07:51:f3:ce:a3:ce:62:62:
2f:f5:e9:67:d3:67:f0:bb:26:97:29:c3:47:fd:02:
d4:1c:ae:5d:92:38:b7:ed:2d:e0:e5:6a:6c:d4:1b:
49:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:A7:A3:80:6D:BF:00:38:D5:2B:D5:AB:7A:D4:3A:C6:6E:C8:47:D1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE4722A2C92011EFB000108A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.89.0/24
Signature Algorithm: sha256WithRSAEncryption
72:e1:cf:ce:6b:99:8f:c0:a7:fb:91:8b:78:07:50:0e:64:95:
27:65:2c:e1:33:73:70:b7:18:3b:32:2d:3b:34:e7:f4:c0:ca:
20:72:44:a3:6b:70:00:1e:d1:ed:5f:b3:d3:48:43:8b:db:08:
2f:39:b4:e8:44:01:48:bc:95:55:0c:68:1b:eb:61:14:ca:55:
41:b2:76:5d:88:d2:e8:2e:37:50:4a:e6:c7:91:d5:4c:80:0d:
89:e7:66:e4:d9:ff:d2:35:31:19:ee:81:90:71:55:22:c4:26:
e5:cc:d6:e6:cf:30:bf:ec:41:46:0f:79:c4:da:87:8b:68:ff:
77:fb:fa:ff:7f:78:a4:79:c4:c4:1a:d1:91:2f:64:50:a0:e5:
8d:bb:74:ae:e7:67:b3:49:2a:51:fb:c4:1d:db:c4:37:a3:10:
7b:8e:89:50:ba:65:f3:1a:c1:c9:44:31:ef:29:0c:42:0c:34:
7a:51:74:c2:62:14:5c:89:1c:07:84:38:e5:75:52:5e:c7:2e:
d9:a2:38:5d:d1:df:d6:6c:a7:4d:cb:d1:92:2d:b7:3e:e5:55:
07:2d:81:5c:5d:a4:99:4c:5e:eb:5b:33:9e:6a:25:a9:8f:fb:
5c:73:86:fa:f6:5b:13:67:73:f0:6d:57:b2:58:5d:37:fa:3c:
bf:66:a3:c2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATMpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTU0NjMwWhcNMjUxMjEzMTU0NjMwWjAYMRYw
FAYDVQQDEw02Nzc2YjRkYS03NWE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0HRbO2kJRfKLbdJ/RO1DU37DHAZRYcifQ15hYuJhtlR9UEJHDa1Nppca
kVBrNajwY8sqh9c6p2fin3xoBgYb/C2BBaAQyLKgI3hIVWGySYfetBYB+xRL8rT7
dECi8drcv2IXwAenUQYakNrtsVw6HR/WypBMyf/Uoy0b3x9QLXokmiQCi7V01oqN
L28EWr2n+ruWJdWiqv1M17rPHtMnMFsgHguyQAtFwWPgq4u0CIxf2EwqUNhJ6eZ8
gGxs7z9uYEx9xMys+DL28ZloCIDRU/fN3r4DIR/NB1HzzqPOYmIv9eln02fwuyaX
KcNH/QLUHK5dkji37S3g5Wps1BtJswIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNSn
o4BtvwA41SvVq3rUOsZuyEfRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRTQ3MjJBMkM5MjAxMUVGQjAwMDEwOEE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt5ZMA0GCSqGSIb3DQEB
CwUAA4IBAQBy4c/Oa5mPwKf7kYt4B1AOZJUnZSzhM3Nwtxg7Mi07NOf0wMogckSj
a3AAHtHtX7PTSEOL2wgvObToRAFIvJVVDGgb62EUylVBsnZdiNLoLjdQSubHkdVM
gA2J52bk2f/SNTEZ7oGQcVUixCblzNbmzzC/7EFGD3nE2oeLaP93+/r/f3ikecTE
GtGRL2RQoOWNu3Su52ezSSpR+8Qd28Q3oxB7jolQumXzGsHJRDHvKQxCDDR6UXTC
YhRciRwHhDjldVJexy7Zojhd0d/WbKdNy9GSLbc+5VUHLYFcXaSZTF7rWzOeaiWp
j/tcc4b69lsTZ3PwbVeyWF03+jy/ZqPC
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:58:00 2025 by rpki-client