Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2FF6F0AC52A11EFB4580C60762E951A.roa
File: D2FF6F0AC52A11EFB4580C60762E951A.roa (raw, json)
Hash identifier: xDx0UC9FSyfstt/tQq8zLPQADamvZHvesr7FaUB4F0w=
Subject key identifier: 80:76:DB:45:62:FF:1E:24:F3:1F:A6:18:0A:6E:BA:64:7B:97:D9:77
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012BB3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2FF6F0AC52A11EFB4580C60762E951A.roa
Signing time: Sat 28 Dec 2024 14:48:39 +0000
ROA not before: Sat 28 Dec 2024 14:48:35 +0000
ROA not after: Sun 12 Dec 2027 14:48:35 +0000
asID: 17561
IP address blocks: 154.204.66.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76723 (0x12bb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 14:48:35 2024 GMT
Not After : Dec 12 14:48:35 2027 GMT
Subject: CN=67700fc7-992c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:60:9d:39:ec:63:3d:d3:72:30:e3:38:88:0c:
32:86:cd:eb:ac:26:46:05:4a:19:f3:17:d5:96:8f:
78:18:f5:b1:f0:44:82:fb:2b:5d:55:af:fb:c6:cc:
44:51:27:ff:3a:05:c8:fa:e8:04:a7:52:bd:1a:9c:
56:c7:31:fc:e2:56:99:58:ec:6d:ae:c1:29:de:f1:
db:89:2e:a3:28:8c:f9:f4:83:10:92:39:58:94:c3:
d9:87:51:93:1e:b2:f7:c1:fb:e5:b3:2d:f5:90:72:
b6:8b:69:56:42:6d:d2:55:91:44:08:34:71:04:b2:
a9:5e:22:d4:7e:d9:be:65:68:83:08:b0:ef:3c:d0:
b5:ed:f0:f8:34:b7:74:69:99:66:fd:62:ef:af:e2:
0b:68:74:a9:9e:1e:f5:8d:5c:e1:79:01:18:89:85:
05:15:a4:27:7b:21:8b:67:26:18:c2:25:c6:30:1a:
21:78:0d:b5:74:03:e2:08:81:c9:56:b8:75:3c:c9:
a7:0d:e7:79:fc:bd:b9:73:57:c3:ee:f8:b3:c5:e0:
c7:9d:d1:64:c0:57:3d:b0:32:c2:0f:e4:de:1c:ec:
a5:c0:b7:70:47:65:56:a6:23:c0:3b:8f:e0:e4:89:
4c:8b:96:52:d7:31:db:ec:32:5d:fb:90:63:3d:53:
44:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:76:DB:45:62:FF:1E:24:F3:1F:A6:18:0A:6E:BA:64:7B:97:D9:77
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2FF6F0AC52A11EFB4580C60762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.66.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:99:1e:90:86:8b:36:9c:2c:1b:94:08:80:e6:68:19:7e:84:
99:74:29:2f:ec:5d:01:9f:b0:b6:9c:4b:00:40:32:01:0d:b6:
f7:5d:1b:10:dc:28:28:aa:28:7f:15:99:c8:28:30:cc:0c:df:
70:38:10:8c:8f:92:07:f6:3b:d5:5b:35:6e:5d:c9:2f:46:0a:
0c:81:23:9f:9e:fc:8d:84:c6:c0:e5:d8:e1:f1:d1:12:8b:28:
86:43:64:b5:00:c0:f5:21:b5:02:68:85:21:3b:b9:73:5f:c9:
c5:da:a5:87:a6:bb:a1:bf:80:a0:35:eb:31:bf:b9:7d:39:78:
1c:ed:fe:b1:c6:4e:87:b9:46:39:4e:f2:ec:1e:16:7b:5b:42:
07:27:eb:d6:a8:fe:d7:03:94:ce:db:f0:4f:d5:36:bb:6a:46:
d3:76:60:5b:4e:ff:03:32:af:99:c5:86:1a:82:f7:95:71:54:
1f:d2:7a:50:34:6e:5e:19:e8:6a:f7:b1:67:b8:95:cd:f8:da:
64:be:6c:f4:dd:95:51:c6:f4:e3:2a:bf:c9:8a:00:c3:3c:ac:
df:69:f3:e5:89:34:34:26:53:89:09:b2:bc:f2:fc:8b:5e:e3:
64:1a:8b:94:a4:f6:ec:df:dd:a5:3a:67:ac:f5:c0:4a:67:39:
b0:c7:27:f1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASuzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTQ0ODM1WhcNMjcxMjEyMTQ0ODM1WjAYMRYw
FAYDVQQDEw02NzcwMGZjNy05OTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoWCdOexjPdNyMOM4iAwyhs3rrCZGBUoZ8xfVlo94GPWx8ESC+ytdVa/7
xsxEUSf/OgXI+ugEp1K9GpxWxzH84laZWOxtrsEp3vHbiS6jKIz59IMQkjlYlMPZ
h1GTHrL3wfvlsy31kHK2i2lWQm3SVZFECDRxBLKpXiLUftm+ZWiDCLDvPNC17fD4
NLd0aZlm/WLvr+ILaHSpnh71jVzheQEYiYUFFaQneyGLZyYYwiXGMBoheA21dAPi
CIHJVrh1PMmnDed5/L25c1fD7vizxeDHndFkwFc9sDLCD+TeHOylwLdwR2VWpiPA
O4/g5IlMi5ZS1zHb7DJd+5BjPVNE2wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIB2
20Vi/x4k8x+mGApuumR7l9l3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMkZGNkYwQUM1MkExMUVGQjQ1ODBDNjA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsxCMA0GCSqGSIb3DQEB
CwUAA4IBAQB7mR6Qhos2nCwblAiA5mgZfoSZdCkv7F0Bn7C2nEsAQDIBDbb3XRsQ
3Cgoqih/FZnIKDDMDN9wOBCMj5IH9jvVWzVuXckvRgoMgSOfnvyNhMbA5djh8dES
iyiGQ2S1AMD1IbUCaIUhO7lzX8nF2qWHpruhv4CgNesxv7l9OXgc7f6xxk6HuUY5
TvLsHhZ7W0IHJ+vWqP7XA5TO2/BP1Ta7akbTdmBbTv8DMq+ZxYYagveVcVQf0npQ
NG5eGehq97FnuJXN+Npkvmz03ZVRxvTjKr/JigDDPKzfafPliTQ0JlOJCbK88vyL
XuNkGouUpPbs392lOmes9cBKZzmwxyfx
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:56:52 2025 by rpki-client