Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DED8D2EAC1CD11EFA4A0B875762E951A.roa
File: DED8D2EAC1CD11EFA4A0B875762E951A.roa (raw, json)
Hash identifier: WT1lHH6BKpRplLFqWZH0ZUBxlQYTE0uv/C11cxeiGU0=
Subject key identifier: 2E:33:28:38:97:F3:CA:C5:60:7C:E7:D7:75:19:59:60:DC:5D:44:86
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01227D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DED8D2EAC1CD11EFA4A0B875762E951A.roa
Signing time: Tue 24 Dec 2024 08:05:42 +0000
ROA not before: Tue 24 Dec 2024 08:05:39 +0000
ROA not after: Wed 10 Dec 2025 08:05:39 +0000
asID: 984
IP address blocks: 154.193.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74365 (0x1227d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 08:05:39 2024 GMT
Not After : Dec 10 08:05:39 2025 GMT
Subject: CN=676a6b56-5ed2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c2:5e:5b:e6:4f:4d:03:ea:79:37:d9:4c:ab:
3c:f9:89:af:b8:5e:fc:9e:74:71:46:92:85:13:c3:
97:38:c0:d6:64:76:8d:17:d4:25:c2:ec:bc:40:92:
4a:e4:a3:b0:60:70:43:a2:57:07:44:27:fa:67:45:
8c:41:e6:5d:9c:ff:a5:5b:a5:dc:f8:5e:42:e2:58:
6c:d3:d9:f6:b7:28:db:08:ec:aa:11:76:3d:f5:05:
43:b2:4c:4b:50:84:ed:15:74:d2:9e:1b:6d:87:54:
d5:95:5b:2e:a6:63:69:04:d1:9b:16:14:8e:36:b3:
23:b5:46:00:f8:50:72:86:07:b4:1d:b6:26:e1:4c:
d7:d1:2e:f1:33:6b:a5:39:91:12:e1:dd:9e:11:37:
2a:bd:39:e4:41:b9:31:dd:66:3d:ef:78:c2:3c:04:
4f:56:c5:9f:30:73:97:1e:d4:18:17:ac:d9:17:a4:
27:b9:a1:b6:32:d5:28:38:ee:74:50:c1:c4:88:12:
4f:c5:32:84:88:72:b9:c8:02:06:bc:0e:e0:3d:65:
c0:82:89:e6:48:c8:2b:92:48:4d:c1:c7:b6:89:03:
22:47:f7:e1:a0:b4:10:04:c1:73:f8:f3:2a:da:28:
ff:14:cf:ef:62:a6:e3:61:53:df:c6:63:0a:d9:8c:
4b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:33:28:38:97:F3:CA:C5:60:7C:E7:D7:75:19:59:60:DC:5D:44:86
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DED8D2EAC1CD11EFA4A0B875762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.222.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:84:23:36:55:ac:aa:25:03:be:e5:fc:0a:1c:54:63:7e:1c:
62:d2:1f:f6:41:02:00:18:72:86:11:49:76:24:9d:f6:fd:4f:
8c:07:e3:c0:8c:66:2d:f2:87:19:e0:c4:e9:2c:44:39:e2:64:
9c:59:d8:9e:48:94:67:2d:ad:5d:54:da:74:e1:ad:8c:c4:31:
6b:d9:fb:7b:f0:87:3e:db:c4:ad:bb:77:cf:08:1e:4c:5a:39:
2f:06:be:36:e2:a5:6b:28:d8:30:e7:ad:44:6d:64:7f:3c:21:
db:df:bb:ba:ae:80:38:06:68:aa:d6:23:e5:ec:95:0f:d5:1e:
6e:de:f3:c4:ca:dc:63:b8:90:bf:b4:08:86:dc:66:79:7f:10:
b1:e4:a7:71:1c:0b:b7:91:3b:73:0f:a6:e3:34:29:06:10:82:
9d:49:40:75:3d:b0:33:37:4d:f8:6f:42:f9:41:38:5a:95:1b:
1c:6a:4e:91:6a:d2:7b:50:78:29:51:0d:ba:0b:82:77:a5:f4:
58:b6:dc:6c:46:9b:1e:f6:f5:34:4d:3a:e6:5d:e2:1f:ed:1d:
c9:d8:11:97:6f:3b:b6:44:58:77:14:99:f4:76:aa:06:02:48:
80:41:cb:df:bb:27:84:a3:7a:20:8e:bf:0f:ba:b3:ed:e5:87:
41:71:81:a0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASJ9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDgwNTM5WhcNMjUxMjEwMDgwNTM5WjAYMRYw
FAYDVQQDEw02NzZhNmI1Ni01ZWQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAssJeW+ZPTQPqeTfZTKs8+YmvuF78nnRxRpKFE8OXOMDWZHaNF9Qlwuy8
QJJK5KOwYHBDolcHRCf6Z0WMQeZdnP+lW6Xc+F5C4lhs09n2tyjbCOyqEXY99QVD
skxLUITtFXTSnhtth1TVlVsupmNpBNGbFhSONrMjtUYA+FByhge0HbYm4UzX0S7x
M2ulOZES4d2eETcqvTnkQbkx3WY973jCPARPVsWfMHOXHtQYF6zZF6QnuaG2MtUo
OO50UMHEiBJPxTKEiHK5yAIGvA7gPWXAgonmSMgrkkhNwce2iQMiR/fhoLQQBMFz
+PMq2ij/FM/vYqbjYVPfxmMK2YxLGwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFC4z
KDiX88rFYHzn13UZWWDcXUSGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERUQ4RDJFQUMxQ0QxMUVGQTRBMEI4NzU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsHeMA0GCSqGSIb3DQEB
CwUAA4IBAQCPhCM2VayqJQO+5fwKHFRjfhxi0h/2QQIAGHKGEUl2JJ32/U+MB+PA
jGYt8ocZ4MTpLEQ54mScWdieSJRnLa1dVNp04a2MxDFr2ft78Ic+28Stu3fPCB5M
WjkvBr424qVrKNgw561EbWR/PCHb37u6roA4Bmiq1iPl7JUP1R5u3vPEytxjuJC/
tAiG3GZ5fxCx5KdxHAu3kTtzD6bjNCkGEIKdSUB1PbAzN034b0L5QThalRscak6R
atJ7UHgpUQ26C4J3pfRYttxsRpse9vU0TTrmXeIf7R3J2BGXbzu2RFh3FJn0dqoG
AkiAQcvfuyeEo3ogjr8PurPt5YdBcYGg
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:30:25 2025 by rpki-client