Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E8B5962AC93B11EF8DFE0CB5762E951A.roa
File: E8B5962AC93B11EF8DFE0CB5762E951A.roa (raw, json)
Hash identifier: FX6SbSPCm8xly7wIVC4v0u5xrkj7wjFuHMIOoG6PHMw=
Subject key identifier: 29:07:7D:F2:D7:12:46:C4:93:21:E9:70:77:E4:16:01:31:DC:7F:83
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013401
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E8B5962AC93B11EF8DFE0CB5762E951A.roa
Signing time: Thu 02 Jan 2025 19:01:02 +0000
ROA not before: Thu 02 Jan 2025 19:00:58 +0000
ROA not after: Sat 13 Dec 2025 19:00:58 +0000
asID: 984
IP address blocks: 154.223.228.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78849 (0x13401)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 19:00:58 2025 GMT
Not After : Dec 13 19:00:58 2025 GMT
Subject: CN=6776e26d-a989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:df:1c:19:88:f7:23:a9:ed:32:fb:2f:bb:44:
1c:64:f1:d4:e5:48:a4:d9:d8:9c:ab:07:c7:59:26:
27:d5:44:b8:d3:46:bf:23:44:23:a1:2e:c4:fe:82:
a9:72:8b:d3:23:0b:69:5f:cb:b1:a3:36:9f:37:19:
46:04:28:0f:ea:32:6d:08:c7:75:25:ab:10:dc:4e:
93:64:cd:d1:f4:df:a0:ab:f8:f0:16:2c:2c:d5:b9:
a4:77:92:a3:51:ac:5c:0b:fe:52:05:6d:95:8a:3a:
fd:3d:6c:bb:e9:57:7a:6a:61:66:76:aa:d6:17:02:
43:15:fb:7f:cf:f9:54:03:45:e8:58:8d:0a:91:3d:
0e:08:bf:06:99:c8:ff:44:92:4a:66:96:23:1a:28:
61:c9:7c:f9:63:ae:1a:f6:f8:99:dc:e8:10:98:8f:
e6:26:69:22:ce:08:f8:24:f0:45:d7:c4:2a:06:55:
0e:46:c8:a4:9c:37:66:56:fe:45:0c:ae:fc:29:95:
c6:46:97:15:9d:f1:23:30:fc:31:ba:40:3a:f8:cc:
1d:33:c2:80:d5:4e:a3:80:69:d4:73:d1:77:7f:44:
2c:d0:82:3c:e6:e2:c8:51:ae:9f:5c:60:75:6d:a9:
69:0f:15:58:78:d7:f7:8e:2e:18:05:11:41:5c:c9:
65:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:07:7D:F2:D7:12:46:C4:93:21:E9:70:77:E4:16:01:31:DC:7F:83
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E8B5962AC93B11EF8DFE0CB5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.228.0/24
Signature Algorithm: sha256WithRSAEncryption
22:f1:fd:3d:d2:8e:d5:da:d8:ad:69:30:10:07:a4:03:60:a5:
27:1d:bd:2d:d1:cd:58:28:1d:92:09:b0:0c:97:cc:fc:5c:17:
5c:1e:18:7f:94:ce:1d:ee:2e:b3:aa:0e:6a:49:c5:5b:f2:53:
04:4e:73:f5:c1:ca:ed:d1:5e:4c:e4:58:ba:8d:77:63:bb:cf:
a4:e9:5e:8c:3c:ab:88:bc:18:77:bd:3e:b8:c8:2f:7b:ec:26:
c3:1d:24:d5:89:63:ee:02:60:8b:29:9b:4e:dd:a5:64:2c:dd:
80:40:84:b1:23:90:35:12:28:2f:0c:a5:a0:d4:64:1a:1c:61:
d1:08:14:59:6f:37:b0:bc:e3:63:2b:ab:ab:4c:71:e9:c4:1e:
5f:24:ac:b4:97:ca:d3:dd:66:4b:8b:de:09:6a:c9:38:15:ad:
3a:ec:b4:46:10:e5:4b:bb:c7:a4:97:74:04:a7:c6:89:1c:97:
75:41:47:d9:df:e2:75:b4:f2:e6:37:50:1c:d1:ca:e2:67:85:
fe:f9:bc:7a:e7:43:00:73:b3:6e:b3:02:57:f3:63:5a:29:14:
ef:26:bd:af:87:aa:77:6b:c8:a6:ec:a5:62:c6:aa:47:d5:97:
ff:73:b0:7a:7f:c9:24:cb:ab:de:19:d5:f9:f9:30:bc:3e:cc:
b3:91:41:26
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATQBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTkwMDU4WhcNMjUxMjEzMTkwMDU4WjAYMRYw
FAYDVQQDEw02Nzc2ZTI2ZC1hOTg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwN8cGYj3I6ntMvsvu0QcZPHU5Uik2dicqwfHWSYn1US400a/I0QjoS7E
/oKpcovTIwtpX8uxozafNxlGBCgP6jJtCMd1JasQ3E6TZM3R9N+gq/jwFiws1bmk
d5KjUaxcC/5SBW2Vijr9PWy76Vd6amFmdqrWFwJDFft/z/lUA0XoWI0KkT0OCL8G
mcj/RJJKZpYjGihhyXz5Y64a9viZ3OgQmI/mJmkizgj4JPBF18QqBlUORsiknDdm
Vv5FDK78KZXGRpcVnfEjMPwxukA6+MwdM8KA1U6jgGnUc9F3f0Qs0II85uLIUa6f
XGB1balpDxVYeNf3ji4YBRFBXMllZQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCkH
ffLXEkbEkyHpcHfkFgEx3H+DMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FOEI1OTYyQUM5M0IxMUVGOERGRTBDQjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt/kMA0GCSqGSIb3DQEB
CwUAA4IBAQAi8f090o7V2titaTAQB6QDYKUnHb0t0c1YKB2SCbAMl8z8XBdcHhh/
lM4d7i6zqg5qScVb8lMETnP1wcrt0V5M5Fi6jXdju8+k6V6MPKuIvBh3vT64yC97
7CbDHSTViWPuAmCLKZtO3aVkLN2AQISxI5A1EigvDKWg1GQaHGHRCBRZbzewvONj
K6urTHHpxB5fJKy0l8rT3WZLi94Jask4Fa067LRGEOVLu8ekl3QEp8aJHJd1QUfZ
3+J1tPLmN1Ac0criZ4X++bx650MAc7NuswJX82NaKRTvJr2vh6p3a8im7KVixqpH
1Zf/c7B6f8kky6veGdX5+TC8PsyzkUEm
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:17 2025 by rpki-client