Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF229ACAF4A511EFAC42A984762E951A.roa
File: BF229ACAF4A511EFAC42A984762E951A.roa (raw, json)
Hash identifier: 7w9CD12R0vn0fm654ir4HMSjJYUnnOF/YdKTfqfB15U=
Subject key identifier: EC:B9:3E:C2:DB:B5:18:34:0A:91:28:48:BD:48:88:4D:28:CB:4E:30
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016619
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF229ACAF4A511EFAC42A984762E951A.roa
Signing time: Thu 27 Feb 2025 00:56:59 +0000
ROA not before: Thu 27 Feb 2025 00:00:54 +0000
ROA not after: Thu 19 Feb 2026 00:00:54 +0000
asID: 984
IP address blocks: 154.200.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91673 (0x16619)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 27 00:00:54 2025 GMT
Not After : Feb 19 00:00:54 2026 GMT
Subject: CN=67bfb85a-825d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:36:4c:f2:29:b9:18:b1:b8:94:a2:89:f7:af:
be:9b:cc:6a:62:76:19:cc:ad:ab:7b:72:93:85:ff:
30:2d:b2:1f:91:9c:e6:b8:56:5c:05:b4:b5:e0:23:
1b:f9:dc:a3:64:cb:53:34:99:7f:08:bb:d4:b0:2e:
98:5f:1b:97:9c:5d:72:d8:d8:ac:b6:81:08:2a:92:
d7:e3:c8:b5:11:2e:b6:b1:ba:f1:f3:50:db:ca:da:
66:b8:94:a1:40:34:7a:a3:0a:20:1a:1c:64:4c:29:
32:59:c9:9e:98:70:fb:37:a5:ab:26:6e:a3:3d:64:
a1:8c:69:42:54:e0:51:c2:b8:b0:a7:2a:4a:69:55:
03:0e:50:4c:b7:a5:7f:4c:0b:65:8f:86:1d:0f:7b:
a8:6b:c5:09:4a:5a:a7:95:f3:8b:16:57:9a:5e:bc:
67:4f:b6:a9:ff:db:c1:84:1d:e6:0b:c3:fe:f4:4a:
14:2e:27:e8:72:5e:c9:ea:19:ec:8c:e9:0f:60:2c:
a9:dc:af:65:7d:12:c7:4b:d1:99:99:6d:ad:b8:b1:
2f:60:3b:29:7e:53:71:0a:c7:ce:a5:ad:31:64:93:
a9:fe:d2:d8:ce:1e:c9:44:0b:99:ec:e4:70:68:4f:
4f:e1:1d:70:2f:ab:72:df:12:3a:c5:90:6f:8a:06:
ca:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B9:3E:C2:DB:B5:18:34:0A:91:28:48:BD:48:88:4D:28:CB:4E:30
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF229ACAF4A511EFAC42A984762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.67.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:3f:18:a9:9a:48:4f:c9:21:a6:ce:55:47:44:6f:f3:d2:ae:
d0:ff:e3:30:98:54:aa:a9:5d:3c:4e:eb:ff:90:4a:ec:0e:0c:
0f:69:d7:6c:fa:70:e2:c3:17:53:45:ac:39:0b:a0:4f:db:ae:
b8:0a:4e:5f:1e:78:4c:54:cf:cb:66:a8:21:2a:77:d7:70:3a:
c3:79:64:6c:35:48:d6:5b:ff:a6:f3:24:79:66:47:72:17:f5:
6d:e4:f2:5d:69:8d:5c:60:44:cf:3e:5b:8e:f1:ef:20:89:f8:
20:db:32:2d:18:92:01:f5:17:03:70:9e:49:d2:66:46:14:0c:
ed:7c:ac:0f:72:00:b5:c0:e1:aa:4a:d6:b7:4c:76:2e:58:da:
e0:a1:0e:db:1e:ad:40:a0:dd:a5:bc:ba:81:e5:25:d5:a1:c6:
88:70:91:fc:d3:83:23:bb:0e:60:ad:d9:21:d7:ae:f6:94:e5:
62:db:fe:bd:8f:c6:96:c5:4a:9d:c1:50:31:a2:98:66:f7:40:
77:aa:5e:70:4e:de:50:34:d9:95:0d:22:7b:b9:cc:91:e2:01:
35:2e:ac:48:f8:cf:52:f6:ea:25:5f:95:68:71:d8:b9:f0:ae:
ba:7a:07:d6:15:91:30:3e:ab:ff:de:5c:68:88:17:52:8c:60:
1f:3e:62:39
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWYZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDAwMDU0WhcNMjYwMjE5MDAwMDU0WjAYMRYw
FAYDVQQDEw02N2JmYjg1YS04MjVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtjZM8im5GLG4lKKJ96++m8xqYnYZzK2re3KThf8wLbIfkZzmuFZcBbS1
4CMb+dyjZMtTNJl/CLvUsC6YXxuXnF1y2NistoEIKpLX48i1ES62sbrx81Dbytpm
uJShQDR6owogGhxkTCkyWcmemHD7N6WrJm6jPWShjGlCVOBRwriwpypKaVUDDlBM
t6V/TAtlj4YdD3uoa8UJSlqnlfOLFleaXrxnT7ap/9vBhB3mC8P+9EoULifocl7J
6hnsjOkPYCyp3K9lfRLHS9GZmW2tuLEvYDspflNxCsfOpa0xZJOp/tLYzh7JRAuZ
7ORwaE9P4R1wL6ty3xI6xZBvigbKuQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOy5
PsLbtRg0CpEoSL1IiE0oy04wMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRjIyOUFDQUY0QTUxMUVGQUM0MkE5ODQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmshDMA0GCSqGSIb3DQEB
CwUAA4IBAQDRPxipmkhPySGmzlVHRG/z0q7Q/+MwmFSqqV08Tuv/kErsDgwPadds
+nDiwxdTRaw5C6BP2664Ck5fHnhMVM/LZqghKnfXcDrDeWRsNUjWW/+m8yR5Zkdy
F/Vt5PJdaY1cYETPPluO8e8gifgg2zItGJIB9RcDcJ5J0mZGFAztfKwPcgC1wOGq
Sta3THYuWNrgoQ7bHq1AoN2lvLqB5SXVocaIcJH804Mjuw5grdkh1672lOVi2/69
j8aWxUqdwVAxophm90B3ql5wTt5QNNmVDSJ7ucyR4gE1LqxI+M9S9uolX5Vocdi5
8K66egfWFZEwPqv/3lxoiBdSjGAfPmI5
-----END CERTIFICATE-----
Generated at Fri Apr 4 01:41:01 2025 by rpki-client