Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D6ACC764C90911EFA303007C762E951A.roa
File: D6ACC764C90911EFA303007C762E951A.roa (raw, json)
Hash identifier: wZu1j9bvhEttZb6sV8dprgl3UOrGKSyUn/qmkSm9rHQ=
Subject key identifier: A8:35:F2:15:E9:2A:96:66:5A:42:F9:43:59:AE:07:13:8D:26:34:EF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013289
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D6ACC764C90911EFA303007C762E951A.roa
Signing time: Thu 02 Jan 2025 13:02:36 +0000
ROA not before: Thu 02 Jan 2025 13:02:33 +0000
ROA not after: Sat 13 Dec 2025 13:02:33 +0000
asID: 984
IP address blocks: 154.221.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78473 (0x13289)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 13:02:33 2025 GMT
Not After : Dec 13 13:02:33 2025 GMT
Subject: CN=67768e6c-2c60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:44:3e:03:92:9e:73:bc:fa:68:10:b2:25:cb:
25:c1:9e:69:12:1b:cb:6f:c7:dc:22:1e:ad:c1:f6:
90:a6:b2:ce:0b:4b:21:17:00:ff:c5:30:cb:09:05:
30:94:6b:91:ef:a3:5b:39:0c:e9:ab:af:9f:1e:7b:
36:83:2a:bb:72:9d:a8:49:68:1e:ce:51:ef:1f:5a:
3d:61:f2:a7:69:59:41:84:ea:b2:19:fe:9e:f5:93:
71:68:e5:c1:0c:57:d6:1e:40:ec:0f:2f:0f:bf:0f:
21:27:3b:da:da:0b:7e:52:a9:db:7d:fd:ba:3a:47:
cd:cb:a6:51:eb:ab:c7:c2:25:0d:16:7a:77:f3:cc:
6d:11:ed:66:98:49:a3:57:ee:54:a0:21:63:6b:29:
22:3b:39:9b:39:26:5f:99:be:6c:2e:34:52:e2:51:
18:9e:8f:05:6a:bd:14:3c:5b:f7:3e:b3:89:ff:75:
0d:a9:e7:52:fc:ae:30:91:ce:d5:54:15:88:6c:aa:
2b:d6:b4:e4:6b:48:e8:b7:c5:e1:a4:c8:8e:b3:e7:
99:75:ff:a8:8c:58:7d:3b:bc:b8:cf:27:91:a4:63:
55:11:3e:a0:84:3b:38:c2:d0:de:54:f0:fe:12:5e:
06:88:bc:bf:29:c0:e2:67:2f:08:bb:7e:ec:de:3d:
d3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:35:F2:15:E9:2A:96:66:5A:42:F9:43:59:AE:07:13:8D:26:34:EF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D6ACC764C90911EFA303007C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.209.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:c4:0c:4e:62:25:b4:4b:dc:83:6b:ff:6a:a8:11:41:09:93:
59:f1:dc:df:c4:9d:2e:7c:d5:1e:b9:60:fd:5c:a4:ed:47:84:
12:e8:10:1b:24:e5:9e:03:e9:a3:51:8f:b8:1e:da:8f:63:4a:
4a:4c:bd:66:1a:95:06:ba:b9:2d:f8:b6:6b:c6:36:f0:36:4f:
8c:19:36:17:dc:fb:98:c3:ca:7d:fd:55:df:b2:a0:6b:79:9d:
b3:ad:b0:4e:5e:09:f9:7f:08:c4:32:6e:b7:68:a9:23:0d:d7:
e9:53:d1:b9:6f:ac:57:28:9d:f1:69:21:95:2f:d8:87:80:32:
4f:c9:4c:ad:cc:04:10:a5:31:2b:da:fa:53:99:ac:81:a4:1a:
a2:1b:e7:2a:69:70:17:61:e6:d1:2a:2b:4a:d4:68:d3:b9:38:
79:00:c5:c7:67:17:9e:6e:de:40:46:8b:14:24:4f:44:55:81:
f8:e2:2c:b8:43:2c:0b:17:7c:d8:48:2e:e3:43:87:32:bb:e5:
d8:10:0a:50:c3:56:ba:f5:cb:9a:00:7f:96:b3:f6:31:9a:88:
db:2a:e2:85:5d:f9:44:81:16:f9:8c:87:c8:c5:d3:ad:b8:6e:
92:17:8f:af:5a:4d:55:86:97:9d:b6:a0:0d:7d:5c:a3:28:02:
59:fb:5e:e1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATKJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTMwMjMzWhcNMjUxMjEzMTMwMjMzWjAYMRYw
FAYDVQQDEw02Nzc2OGU2Yy0yYzYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAskQ+A5Kec7z6aBCyJcslwZ5pEhvLb8fcIh6twfaQprLOC0shFwD/xTDL
CQUwlGuR76NbOQzpq6+fHns2gyq7cp2oSWgezlHvH1o9YfKnaVlBhOqyGf6e9ZNx
aOXBDFfWHkDsDy8Pvw8hJzva2gt+Uqnbff26OkfNy6ZR66vHwiUNFnp388xtEe1m
mEmjV+5UoCFjaykiOzmbOSZfmb5sLjRS4lEYno8Far0UPFv3PrOJ/3UNqedS/K4w
kc7VVBWIbKor1rTka0jot8XhpMiOs+eZdf+ojFh9O7y4zyeRpGNVET6ghDs4wtDe
VPD+El4GiLy/KcDiZy8Iu37s3j3ThQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKg1
8hXpKpZmWkL5Q1muBxONJjTvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENkFDQzc2NEM5MDkxMUVGQTMwMzAwN0M3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt3RMA0GCSqGSIb3DQEB
CwUAA4IBAQCnxAxOYiW0S9yDa/9qqBFBCZNZ8dzfxJ0ufNUeuWD9XKTtR4QS6BAb
JOWeA+mjUY+4HtqPY0pKTL1mGpUGurkt+LZrxjbwNk+MGTYX3PuYw8p9/VXfsqBr
eZ2zrbBOXgn5fwjEMm63aKkjDdfpU9G5b6xXKJ3xaSGVL9iHgDJPyUytzAQQpTEr
2vpTmayBpBqiG+cqaXAXYebRKitK1GjTuTh5AMXHZxeebt5ARosUJE9EVYH44iy4
QywLF3zYSC7jQ4cyu+XYEApQw1a69cuaAH+Ws/YxmojbKuKFXflEgRb5jIfIxdOt
uG6SF4+vWk1VhpedtqANfVyjKAJZ+17h
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:32 2025 by rpki-client