Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DE7FEEB8C90811EF9D6B8A75762E951A.roa
File: DE7FEEB8C90811EF9D6B8A75762E951A.roa (raw, json)
Hash identifier: T4192O6e2UTlpHSPsw5/4MXHIgrQdC25NsEXFs2dtVM=
Subject key identifier: 66:3E:81:60:A2:D5:E3:15:0D:C5:15:36:D0:60:89:2F:A8:98:9C:8D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013281
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DE7FEEB8C90811EF9D6B8A75762E951A.roa
Signing time: Thu 02 Jan 2025 12:55:40 +0000
ROA not before: Thu 02 Jan 2025 12:55:37 +0000
ROA not after: Sat 13 Dec 2025 12:55:37 +0000
asID: 984
IP address blocks: 154.221.205.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78465 (0x13281)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 12:55:37 2025 GMT
Not After : Dec 13 12:55:37 2025 GMT
Subject: CN=67768ccc-59e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:77:dd:ed:00:82:99:82:8d:09:ff:08:7f:16:
4a:03:b7:95:b3:42:79:09:19:62:47:cd:80:4b:23:
75:43:e9:19:92:b2:c6:1f:a9:02:9e:22:43:39:21:
8d:cc:ab:8a:8d:ae:7f:21:c8:96:92:dc:0d:39:37:
a2:9d:84:37:03:c4:cf:27:a5:93:37:75:a4:aa:a7:
07:6c:8a:b5:b5:dd:33:89:2f:6c:25:b2:7f:70:c6:
1c:73:45:94:1a:2e:1f:dd:72:79:69:fd:7f:5c:b3:
c4:c8:57:ac:12:ef:f4:29:38:4c:64:0f:d2:dd:f1:
9c:29:1a:ec:33:0f:4f:e7:ae:12:16:3c:fe:33:9c:
8f:67:d5:9f:87:d6:6d:25:d2:bd:7b:83:4c:4e:ce:
ec:ee:26:d9:f8:9c:4e:7c:45:ba:5f:3d:3f:eb:c6:
f3:29:f1:f3:f7:85:77:ff:bd:4e:b7:ff:99:84:58:
a2:21:b2:57:b1:d3:92:d8:85:61:bd:ed:78:9f:5d:
08:0d:71:2c:f1:dc:d5:9d:85:fd:32:c2:5a:0f:d8:
24:e4:e2:e1:53:a4:18:b7:71:c2:ba:ff:55:fc:a2:
dc:90:53:45:f1:e8:cf:17:c5:19:14:64:dc:90:a3:
a2:8e:10:1f:37:f9:60:6c:fd:f4:99:a8:b2:70:6f:
27:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:3E:81:60:A2:D5:E3:15:0D:C5:15:36:D0:60:89:2F:A8:98:9C:8D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DE7FEEB8C90811EF9D6B8A75762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.205.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:08:ec:16:29:be:92:df:16:88:33:f0:cf:e8:7c:a4:4d:5c:
0c:5d:dd:b5:44:c2:9a:be:89:15:2c:74:ee:03:57:c6:3e:a0:
d8:ab:7c:35:eb:d5:9f:a6:21:b8:6b:a4:3c:11:19:af:82:84:
05:9f:17:21:8c:f0:80:73:fb:b7:b4:3e:ba:c4:4d:78:4c:a7:
55:a1:b3:7c:29:27:4f:1c:38:dd:1c:8e:e6:25:c3:81:95:7f:
bb:a6:b4:02:d0:0c:d1:2b:32:d7:0b:53:27:9f:67:49:ff:55:
de:cd:1d:7d:8c:9d:42:89:f0:85:63:a1:88:79:c4:d0:15:77:
22:cd:22:da:58:33:73:67:d6:c3:d4:e1:1c:7d:ee:2e:d5:19:
56:15:a2:c0:6e:82:7a:7d:54:4f:98:87:dc:80:ec:41:21:8e:
0f:dd:a8:88:5b:3b:2d:a3:10:ce:ad:0b:7e:11:7e:a8:2c:00:
1a:6b:cd:23:5c:a9:37:c5:08:6c:71:5e:f3:aa:d4:41:00:43:
17:81:a3:87:4d:cf:f1:12:49:08:e9:5a:09:e7:4d:96:68:c6:
5a:85:9e:cb:59:98:94:92:b4:a5:43:fd:79:c1:20:4f:85:6c:
ea:bd:75:29:f6:51:da:98:98:cd:55:0b:89:c9:f3:60:f6:ed:
5c:8f:ac:45
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATKBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTI1NTM3WhcNMjUxMjEzMTI1NTM3WjAYMRYw
FAYDVQQDEw02Nzc2OGNjYy01OWUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx3fd7QCCmYKNCf8IfxZKA7eVs0J5CRliR82ASyN1Q+kZkrLGH6kCniJD
OSGNzKuKja5/IciWktwNOTeinYQ3A8TPJ6WTN3WkqqcHbIq1td0ziS9sJbJ/cMYc
c0WUGi4f3XJ5af1/XLPEyFesEu/0KThMZA/S3fGcKRrsMw9P564SFjz+M5yPZ9Wf
h9ZtJdK9e4NMTs7s7ibZ+JxOfEW6Xz0/68bzKfHz94V3/71Ot/+ZhFiiIbJXsdOS
2IVhve14n10IDXEs8dzVnYX9MsJaD9gk5OLhU6QYt3HCuv9V/KLckFNF8ejPF8UZ
FGTckKOijhAfN/lgbP30maiycG8nZQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGY+
gWCi1eMVDcUVNtBgiS+omJyNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERTdGRUVCOEM5MDgxMUVGOUQ2QjhBNzU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt3NMA0GCSqGSIb3DQEB
CwUAA4IBAQAvCOwWKb6S3xaIM/DP6HykTVwMXd21RMKavokVLHTuA1fGPqDYq3w1
69WfpiG4a6Q8ERmvgoQFnxchjPCAc/u3tD66xE14TKdVobN8KSdPHDjdHI7mJcOB
lX+7prQC0AzRKzLXC1Mnn2dJ/1XezR19jJ1CifCFY6GIecTQFXcizSLaWDNzZ9bD
1OEcfe4u1RlWFaLAboJ6fVRPmIfcgOxBIY4P3aiIWzstoxDOrQt+EX6oLAAaa80j
XKk3xQhscV7zqtRBAEMXgaOHTc/xEkkI6VoJ502WaMZahZ7LWZiUkrSlQ/15wSBP
hWzqvXUp9lHamJjNVQuJyfNg9u1cj6xF
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:58:34 2025 by rpki-client