Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DE6FAD42C52E11EFAB1BF277762E951A.roa
File: DE6FAD42C52E11EFAB1BF277762E951A.roa (raw, json)
Hash identifier: q+xCGkdUVm3+In0+eibqIV1gGVD+sPWrVWrmjUAqVGI=
Subject key identifier: 8A:93:31:E2:35:EA:FA:E8:83:2F:5C:FA:36:D2:AC:B8:97:E2:15:BC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012BD9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DE6FAD42C52E11EFAB1BF277762E951A.roa
Signing time: Sat 28 Dec 2024 15:17:36 +0000
ROA not before: Sat 28 Dec 2024 15:17:33 +0000
ROA not after: Fri 12 Dec 2025 15:17:33 +0000
asID: 984
IP address blocks: 154.204.85.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76761 (0x12bd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 15:17:33 2024 GMT
Not After : Dec 12 15:17:33 2025 GMT
Subject: CN=67701690-6a02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d0:75:d4:e2:20:a8:90:3b:da:72:b8:ed:c8:
70:cf:f3:11:66:42:44:5d:f1:9b:1e:70:2f:6e:5b:
74:85:04:b6:b8:2b:f3:fb:c2:21:11:97:63:f4:74:
94:d1:b4:74:1a:01:65:64:39:fd:ac:06:0b:c9:36:
89:38:48:72:84:c7:24:fb:9d:dc:06:7b:97:41:bb:
3c:26:37:d7:55:a5:6b:4a:9b:a5:98:b0:4e:40:89:
43:34:87:5b:16:3f:37:83:e8:60:c9:f4:ed:4b:5f:
17:7e:be:1e:61:cc:74:0f:8b:a9:a8:c0:02:df:32:
93:2c:2a:3d:a9:4e:0e:24:17:6c:00:c7:03:8b:37:
52:8d:b5:00:94:3b:6b:cd:02:f1:76:68:5a:21:d1:
06:2e:2d:86:1e:b5:80:9c:51:ca:00:eb:b0:7e:fd:
7a:a6:83:43:3c:f3:a3:8b:1d:f7:2d:2d:3f:43:59:
91:04:d9:69:a6:d5:ba:ce:33:0c:f5:43:70:c4:88:
81:b2:64:d3:3e:1e:90:5b:d0:d0:63:82:75:1f:6f:
49:4d:f2:1a:6d:1a:5c:11:ee:c4:09:c4:5e:8f:ee:
6f:7e:37:a6:d8:2e:83:b6:64:b0:6f:7d:37:cf:fe:
24:f6:97:c4:90:28:2e:0a:ce:c5:ea:46:5e:7f:16:
25:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:93:31:E2:35:EA:FA:E8:83:2F:5C:FA:36:D2:AC:B8:97:E2:15:BC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DE6FAD42C52E11EFAB1BF277762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.85.0/24
Signature Algorithm: sha256WithRSAEncryption
32:d2:55:df:a4:94:ff:9a:c7:59:ea:78:0b:de:35:f1:f7:c2:
43:d9:73:3a:7b:0b:4c:b5:8c:39:be:97:55:8e:47:8d:4a:e1:
c5:dd:aa:fc:d0:91:f6:c6:af:79:ed:c5:3d:ba:a4:f6:fc:8d:
76:06:4a:9e:34:52:c5:d2:0e:96:4c:15:f3:63:b0:be:96:1b:
d5:fe:24:46:2b:4b:19:6b:bc:89:2c:87:ca:d4:35:10:28:96:
85:34:5f:5e:a7:82:5d:b3:a2:d9:25:45:83:61:ae:43:f3:52:
e7:ef:d4:18:c0:08:c4:52:6d:61:51:1c:13:e1:58:13:35:41:
86:9e:e6:67:b1:53:5b:d2:4d:6d:b4:f5:3c:2f:88:74:34:7a:
ca:40:4a:89:e0:b6:6a:74:a9:97:28:15:86:a1:dc:7a:9d:48:
63:26:48:d3:29:62:87:5a:ab:ac:ee:07:fd:15:77:b5:b8:cc:
81:4f:f9:43:50:d4:a6:de:56:4f:94:20:5e:dc:f3:86:08:76:
e7:e9:be:96:2b:e2:80:48:59:78:6b:e9:0e:9d:18:7e:6d:7b:
59:a6:5c:d1:d6:37:e3:c5:ac:57:5e:85:1e:0e:4d:f3:04:58:
be:d5:25:32:08:ea:1c:59:00:8f:3f:df:0d:0e:f0:83:64:83:
e5:cd:39:94
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASvZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTUxNzMzWhcNMjUxMjEyMTUxNzMzWjAYMRYw
FAYDVQQDEw02NzcwMTY5MC02YTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz9B11OIgqJA72nK47chwz/MRZkJEXfGbHnAvblt0hQS2uCvz+8IhEZdj
9HSU0bR0GgFlZDn9rAYLyTaJOEhyhMck+53cBnuXQbs8JjfXVaVrSpulmLBOQIlD
NIdbFj83g+hgyfTtS18Xfr4eYcx0D4upqMAC3zKTLCo9qU4OJBdsAMcDizdSjbUA
lDtrzQLxdmhaIdEGLi2GHrWAnFHKAOuwfv16poNDPPOjix33LS0/Q1mRBNlpptW6
zjMM9UNwxIiBsmTTPh6QW9DQY4J1H29JTfIabRpcEe7ECcRej+5vfjem2C6DtmSw
b303z/4k9pfEkCguCs7F6kZefxYlqQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIqT
MeI16vrogy9c+jbSrLiX4hW8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERTZGQUQ0MkM1MkUxMUVGQUIxQkYyNzc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsxVMA0GCSqGSIb3DQEB
CwUAA4IBAQAy0lXfpJT/msdZ6ngL3jXx98JD2XM6ewtMtYw5vpdVjkeNSuHF3ar8
0JH2xq957cU9uqT2/I12BkqeNFLF0g6WTBXzY7C+lhvV/iRGK0sZa7yJLIfK1DUQ
KJaFNF9ep4Jds6LZJUWDYa5D81Ln79QYwAjEUm1hURwT4VgTNUGGnuZnsVNb0k1t
tPU8L4h0NHrKQEqJ4LZqdKmXKBWGodx6nUhjJkjTKWKHWqus7gf9FXe1uMyBT/lD
UNSm3lZPlCBe3POGCHbn6b6WK+KASFl4a+kOnRh+bXtZplzR1jfjxaxXXoUeDk3z
BFi+1SUyCOocWQCPP98NDvCDZIPlzTmU
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:09 2025 by rpki-client