Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EBF35C68CDA611EF9FDADB5A762E951A.roa
File: EBF35C68CDA611EF9FDADB5A762E951A.roa (raw, json)
Hash identifier: TiZD/oSSMYId6uFFbCx+Ou7VMcS1maT17hTApgLlWkI=
Subject key identifier: C6:F9:A6:98:3A:3F:98:70:44:C6:CD:0B:E8:72:86:1E:28:6D:D5:E4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0136A0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EBF35C68CDA611EF9FDADB5A762E951A.roa
Signing time: Wed 08 Jan 2025 09:57:08 +0000
ROA not before: Wed 08 Jan 2025 09:57:04 +0000
ROA not after: Tue 23 Dec 2025 09:57:04 +0000
asID: 984
IP address blocks: 154.89.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79520 (0x136a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 09:57:04 2025 GMT
Not After : Dec 23 09:57:04 2025 GMT
Subject: CN=677e4bf4-9375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ea:29:f5:37:b5:ea:11:a0:aa:fe:38:ea:49:
a8:e6:da:da:d4:9f:d6:13:b6:ed:f3:f6:50:e1:ef:
c7:c9:f9:b7:bd:90:4b:2f:c1:c3:cc:35:d8:d2:ff:
75:64:af:71:59:e1:05:d7:07:67:68:53:bd:fb:74:
d2:60:15:5f:1e:71:95:2c:63:1b:bc:da:19:0f:02:
df:ca:e1:fd:f3:fc:b7:ac:8f:b0:86:8e:76:a0:cd:
3c:e0:5d:ac:23:59:60:53:fc:29:b8:a8:9a:3f:b1:
57:07:88:4b:a3:e4:cc:46:3b:f3:56:8b:fb:5e:df:
3d:fb:98:9e:c0:b3:fe:d4:d2:e2:4c:36:eb:2b:46:
c1:31:65:5b:6e:f3:f2:1d:e9:a8:09:9c:ac:c0:6f:
06:69:18:f5:31:aa:40:d4:84:4c:e5:6f:79:78:11:
23:56:bb:63:de:18:cb:91:4d:af:84:bb:75:27:7a:
29:26:c9:00:4f:02:75:fa:fe:b2:ea:e8:30:bf:2f:
87:4f:c3:d3:6c:65:22:8a:28:53:6b:4e:f6:dc:24:
d9:69:43:ad:cb:6a:43:03:f8:d2:93:7a:50:cc:f4:
40:6b:f8:e7:c1:6c:d5:b8:93:a9:13:25:69:ef:9d:
2e:b2:ca:f3:6a:45:b6:a9:ed:a9:fa:80:53:06:7f:
db:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:F9:A6:98:3A:3F:98:70:44:C6:CD:0B:E8:72:86:1E:28:6D:D5:E4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EBF35C68CDA611EF9FDADB5A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.20.0/24
Signature Algorithm: sha256WithRSAEncryption
06:b5:34:3b:d2:a7:49:00:a4:e6:fe:d8:bf:88:41:60:c0:ff:
15:e0:2e:b1:37:46:b9:be:23:aa:1e:d1:7f:2d:96:ca:a2:e9:
ae:7b:70:e1:48:4b:1f:99:8d:7c:e7:2c:06:05:b5:d0:6d:29:
d0:4c:97:94:39:9f:a7:d0:5f:77:de:55:e7:71:a1:1b:d3:ba:
5f:8a:a7:6f:7a:ce:52:07:53:cf:f3:6a:69:11:46:f3:8c:45:
b3:a8:ee:1f:80:bf:8d:8d:ce:a4:20:27:93:1e:20:76:d1:f5:
42:94:fc:a0:b3:63:0d:33:da:b8:87:4b:bc:28:4b:85:76:db:
79:c3:ed:7b:44:b4:89:3c:51:c1:2f:3e:9a:01:72:83:11:41:
80:9a:2c:f9:91:49:42:f5:16:7d:7b:a2:37:36:e0:f1:08:d8:
cd:2e:8b:df:fb:21:36:c0:28:db:8d:a9:e8:72:26:26:81:7c:
9a:32:ba:67:ae:ce:02:e5:59:15:21:35:dc:9b:8a:27:a9:18:
20:bf:90:19:cf:14:4a:6d:d2:53:f0:f2:d0:21:1a:ee:a9:71:
cc:d0:e4:3c:72:bb:91:85:2d:55:93:80:8d:78:16:06:c1:73:
05:d3:08:fd:65:9e:d4:28:cb:d1:61:3e:59:98:6f:48:40:1c:
be:c8:0e:79
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATagMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MDk1NzA0WhcNMjUxMjIzMDk1NzA0WjAYMRYw
FAYDVQQDEw02NzdlNGJmNC05Mzc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyOop9Te16hGgqv446kmo5tra1J/WE7bt8/ZQ4e/Hyfm3vZBLL8HDzDXY
0v91ZK9xWeEF1wdnaFO9+3TSYBVfHnGVLGMbvNoZDwLfyuH98/y3rI+who52oM08
4F2sI1lgU/wpuKiaP7FXB4hLo+TMRjvzVov7Xt89+5iewLP+1NLiTDbrK0bBMWVb
bvPyHemoCZyswG8GaRj1MapA1IRM5W95eBEjVrtj3hjLkU2vhLt1J3opJskATwJ1
+v6y6ugwvy+HT8PTbGUiiihTa0723CTZaUOty2pDA/jSk3pQzPRAa/jnwWzVuJOp
EyVp750ussrzakW2qe2p+oBTBn/bWwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMb5
ppg6P5hwRMbNC+hyhh4obdXkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FQkYzNUM2OENEQTYxMUVGOUZEQURCNUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlkUMA0GCSqGSIb3DQEB
CwUAA4IBAQAGtTQ70qdJAKTm/ti/iEFgwP8V4C6xN0a5viOqHtF/LZbKoumue3Dh
SEsfmY185ywGBbXQbSnQTJeUOZ+n0F933lXncaEb07pfiqdves5SB1PP82ppEUbz
jEWzqO4fgL+Njc6kICeTHiB20fVClPygs2MNM9q4h0u8KEuFdtt5w+17RLSJPFHB
Lz6aAXKDEUGAmiz5kUlC9RZ9e6I3NuDxCNjNLovf+yE2wCjbjanociYmgXyaMrpn
rs4C5VkVITXcm4onqRggv5AZzxRKbdJT8PLQIRruqXHM0OQ8cruRhS1Vk4CNeBYG
wXMF0wj9ZZ7UKMvRYT5ZmG9IQBy+yA55
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:33:22 2025 by rpki-client