Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D98C9286DFEB11EFAF7826A8762E951A.roa
File: D98C9286DFEB11EFAF7826A8762E951A.roa (raw, json)
Hash identifier: S5+Pkm1J/CmKMQvRX5VSTM05U3ZmULB9GOsdkayScac=
Subject key identifier: 26:44:17:C5:18:BF:CF:68:7E:6F:D9:E6:92:B6:0E:F5:11:64:20:05
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014DFD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D98C9286DFEB11EFAF7826A8762E951A.roa
Signing time: Fri 31 Jan 2025 15:55:53 +0000
ROA not before: Fri 31 Jan 2025 15:55:50 +0000
ROA not after: Sat 03 Jan 2026 15:55:50 +0000
asID: 40065
IP address blocks: 154.208.8.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85501 (0x14dfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 31 15:55:50 2025 GMT
Not After : Jan 3 15:55:50 2026 GMT
Subject: CN=679cf289-490f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:74:d4:3b:00:ed:4b:b9:89:71:91:ce:88:b8:
ec:1e:f2:85:a4:2a:8e:f1:d6:d9:e2:81:8f:f6:c9:
fa:93:ff:5f:4c:d9:7a:be:23:23:26:a7:88:39:db:
01:b1:d9:51:99:06:8d:39:34:0b:cc:a1:67:2e:2b:
f7:93:df:0e:85:76:a4:ce:c0:89:0d:f7:4b:66:37:
32:59:d5:7e:81:86:46:91:e4:1e:76:3a:31:b9:7b:
3d:e9:e7:53:c5:93:9f:9c:ea:15:5a:70:7f:31:2f:
48:c9:0b:5f:0f:11:76:82:be:ba:5e:86:db:5a:11:
9e:e8:ea:6a:25:72:19:e1:d5:43:35:7a:bf:7d:cb:
30:9b:1f:53:d2:32:57:3d:40:b1:14:ff:ff:23:25:
84:3d:e8:5a:4a:01:f4:6e:67:7c:03:09:67:14:a8:
6b:95:6a:5a:66:dd:0f:63:6d:d1:98:c5:95:a4:94:
65:c8:93:bb:06:5b:cc:6d:d5:58:39:26:91:dd:51:
db:ee:30:be:16:82:e6:26:8d:d8:70:33:00:46:0e:
c0:1d:08:cd:69:db:c9:53:3e:6b:4a:92:dd:9a:8c:
97:98:c5:15:8c:47:18:e2:32:00:b3:2d:cf:81:d9:
17:39:2f:e6:6c:22:09:b4:93:b7:36:94:f4:bf:4f:
8f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:44:17:C5:18:BF:CF:68:7E:6F:D9:E6:92:B6:0E:F5:11:64:20:05
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D98C9286DFEB11EFAF7826A8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.8.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:9a:02:66:17:17:59:ef:c9:8f:84:35:7e:1d:f8:2d:cd:ab:
19:4a:4f:29:91:f5:ca:79:93:dc:23:b0:45:b9:2b:c7:58:90:
99:b3:98:10:55:fc:0b:3b:78:8f:60:65:ec:bb:87:e2:4d:ab:
57:d1:c7:86:b6:c6:c7:9b:9b:e1:4e:9b:44:c8:72:aa:ce:4a:
c5:f2:74:ed:ec:8a:24:34:ad:f6:c3:29:ad:de:b4:92:ef:a5:
4e:78:2a:4f:b4:e4:9a:19:3d:b7:9e:8e:0e:37:99:97:e9:da:
63:fe:0e:cf:5e:40:c4:e4:a7:01:61:59:14:0e:66:02:16:01:
21:a8:f4:cf:d6:61:65:78:7b:ff:52:a5:6c:21:5c:2d:50:a4:
c4:f1:9c:c6:26:a5:4c:58:a9:1b:96:e5:4a:a7:40:99:83:7f:
f6:04:b8:04:b3:df:e2:0d:49:49:d3:9a:9a:9e:7c:f1:3a:af:
13:a4:b7:f4:e6:7c:39:e9:42:2d:71:d6:be:ad:7c:09:ed:62:
c8:36:37:cd:83:5f:8f:3d:97:18:ce:7a:79:46:e5:85:1b:70:
42:21:35:e8:39:52:54:91:d0:72:e7:b2:51:f4:a2:2d:b7:8c:
99:a9:7c:fb:53:88:01:fb:e6:b6:74:b1:df:82:87:80:93:a3:
2f:f0:53:7f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAU39MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTMxMTU1NTUwWhcNMjYwMTAzMTU1NTUwWjAYMRYw
FAYDVQQDEw02NzljZjI4OS00OTBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApnTUOwDtS7mJcZHOiLjsHvKFpCqO8dbZ4oGP9sn6k/9fTNl6viMjJqeI
OdsBsdlRmQaNOTQLzKFnLiv3k98OhXakzsCJDfdLZjcyWdV+gYZGkeQedjoxuXs9
6edTxZOfnOoVWnB/MS9IyQtfDxF2gr66XobbWhGe6OpqJXIZ4dVDNXq/fcswmx9T
0jJXPUCxFP//IyWEPehaSgH0bmd8AwlnFKhrlWpaZt0PY23RmMWVpJRlyJO7BlvM
bdVYOSaR3VHb7jC+FoLmJo3YcDMARg7AHQjNadvJUz5rSpLdmoyXmMUVjEcY4jIA
sy3PgdkXOS/mbCIJtJO3NpT0v0+PAwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCZE
F8UYv89ofm/Z5pK2DvURZCAFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOThDOTI4NkRGRUIxMUVGQUY3ODI2QTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtAIMA0GCSqGSIb3DQEB
CwUAA4IBAQBumgJmFxdZ78mPhDV+HfgtzasZSk8pkfXKeZPcI7BFuSvHWJCZs5gQ
VfwLO3iPYGXsu4fiTatX0ceGtsbHm5vhTptEyHKqzkrF8nTt7IokNK32wymt3rSS
76VOeCpPtOSaGT23no4ON5mX6dpj/g7PXkDE5KcBYVkUDmYCFgEhqPTP1mFleHv/
UqVsIVwtUKTE8ZzGJqVMWKkbluVKp0CZg3/2BLgEs9/iDUlJ05qannzxOq8TpLf0
5nw56UItcda+rXwJ7WLINjfNg1+PPZcYznp5RuWFG3BCITXoOVJUkdBy57JR9KIt
t4yZqXz7U4gB++a2dLHfgoeAk6Mv8FN/
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:01:30 2025 by rpki-client