Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D69330E2C0E411EFAA9733B7762E951A.roa
File: D69330E2C0E411EFAA9733B7762E951A.roa (raw, json)
Hash identifier: 2eRfhJzVmnFeQ2E/oZdtuHY2nlS/seA/i8edkb2LTm4=
Subject key identifier: B4:8B:C3:3F:33:71:28:5C:3A:FD:90:4B:84:F2:7F:53:C9:B0:D4:34
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011F1C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D69330E2C0E411EFAA9733B7762E951A.roa
Signing time: Mon 23 Dec 2024 04:17:36 +0000
ROA not before: Mon 23 Dec 2024 04:17:32 +0000
ROA not after: Wed 10 Dec 2025 04:17:32 +0000
asID: 984
IP address blocks: 154.89.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73500 (0x11f1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 04:17:32 2024 GMT
Not After : Dec 10 04:17:32 2025 GMT
Subject: CN=6768e460-f86e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:1d:2f:52:c6:c0:42:91:ce:bd:50:18:dc:cd:
5b:d4:24:e2:66:3f:3e:54:93:94:82:82:8e:11:7c:
52:a5:1f:13:6e:15:84:b9:8e:c0:86:52:31:08:16:
53:3c:3b:76:0d:09:e7:f9:68:7f:f6:d1:34:4f:53:
42:a5:e8:f0:da:87:9e:2d:04:65:da:06:d1:da:fe:
82:c9:24:c6:08:3b:cd:85:8b:5d:8a:ef:4f:77:94:
96:53:8a:b4:e7:0e:f0:c5:95:ed:12:f2:9e:d5:6a:
6b:1b:7b:2b:4a:b7:68:4e:e1:f3:e0:7e:ae:bd:57:
61:d6:1f:39:c1:85:d1:79:dd:cb:76:44:93:db:d1:
db:81:58:6f:5a:5c:fa:2e:a0:53:9b:a5:37:a1:b6:
3c:76:3f:94:b1:e3:93:73:a8:3f:03:cd:d4:8d:5f:
87:dc:d6:d4:ab:09:d4:a5:6f:90:28:62:fe:94:df:
7c:13:40:d5:3f:3a:b1:35:2f:e2:ad:b7:49:02:86:
37:22:fd:5f:8f:74:43:92:ee:e8:1b:29:a0:fd:ab:
e2:0f:84:1e:a2:ab:e4:1d:c3:24:d2:63:d3:d0:1e:
2c:8a:89:e6:f1:7f:9b:9b:9a:0a:32:d3:4e:81:d0:
86:89:7c:bb:fe:b4:1f:87:84:66:73:97:d6:00:76:
6d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:8B:C3:3F:33:71:28:5C:3A:FD:90:4B:84:F2:7F:53:C9:B0:D4:34
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D69330E2C0E411EFAA9733B7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.253.0/24
Signature Algorithm: sha256WithRSAEncryption
09:87:97:65:ee:dd:33:6a:aa:01:66:09:c4:f8:b9:21:28:cf:
50:37:36:55:20:21:43:3b:5d:5d:0f:d7:a7:9d:7a:4b:79:f2:
61:7c:35:5d:54:98:72:f3:2d:91:3c:b8:ac:c6:db:2e:17:4c:
f2:9a:59:22:25:6f:06:2e:b1:33:e5:22:e2:77:7a:82:0f:4e:
9b:fd:95:c2:a9:13:5f:3b:d2:74:5c:1e:30:26:51:8a:b4:27:
3a:e3:b6:f0:31:3d:18:37:4e:45:27:f2:26:6b:7a:0f:ec:58:
98:48:b4:27:97:4b:88:78:fb:d2:c9:6e:e0:59:c5:7b:a8:97:
35:a5:87:af:01:ee:7c:2b:40:02:22:d5:6c:24:24:7e:84:f3:
a4:81:f0:a0:40:be:86:55:eb:e5:87:bd:bd:e7:0b:ab:13:b1:
95:f8:c2:52:c3:19:22:8a:68:4d:a0:bb:7c:e3:65:5e:cd:dd:
2b:32:5f:91:45:35:92:00:e3:7c:b8:e3:a8:e5:9a:11:b7:2e:
31:b4:ce:6d:f4:23:78:82:68:e1:00:10:b9:3e:da:c3:6e:d2:
73:ba:b8:57:4e:d3:dd:29:af:a3:ca:31:a0:81:22:51:b9:44:
87:90:63:43:23:3c:6b:d5:64:4b:07:ed:77:81:90:df:a2:21:
49:b5:b5:44
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR8cMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDQxNzMyWhcNMjUxMjEwMDQxNzMyWjAYMRYw
FAYDVQQDEw02NzY4ZTQ2MC1mODZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9h0vUsbAQpHOvVAY3M1b1CTiZj8+VJOUgoKOEXxSpR8TbhWEuY7AhlIx
CBZTPDt2DQnn+Wh/9tE0T1NCpejw2oeeLQRl2gbR2v6CySTGCDvNhYtdiu9Pd5SW
U4q05w7wxZXtEvKe1WprG3srSrdoTuHz4H6uvVdh1h85wYXRed3LdkST29HbgVhv
Wlz6LqBTm6U3obY8dj+UseOTc6g/A83UjV+H3NbUqwnUpW+QKGL+lN98E0DVPzqx
NS/irbdJAoY3Iv1fj3RDku7oGymg/aviD4QeoqvkHcMk0mPT0B4sionm8X+bm5oK
MtNOgdCGiXy7/rQfh4Rmc5fWAHZtlQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLSL
wz8zcShcOv2QS4Tyf1PJsNQ0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENjkzMzBFMkMwRTQxMUVGQUE5NzMzQjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmln9MA0GCSqGSIb3DQEB
CwUAA4IBAQAJh5dl7t0zaqoBZgnE+LkhKM9QNzZVICFDO11dD9ennXpLefJhfDVd
VJhy8y2RPLisxtsuF0zymlkiJW8GLrEz5SLid3qCD06b/ZXCqRNfO9J0XB4wJlGK
tCc647bwMT0YN05FJ/Ima3oP7FiYSLQnl0uIePvSyW7gWcV7qJc1pYevAe58K0AC
ItVsJCR+hPOkgfCgQL6GVevlh7295wurE7GV+MJSwxkiimhNoLt842Vezd0rMl+R
RTWSAON8uOOo5ZoRty4xtM5t9CN4gmjhABC5PtrDbtJzurhXTtPdKa+jyjGggSJR
uUSHkGNDIzxr1WRLB+13gZDfoiFJtbVE
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:44 2025 by rpki-client