Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EF48AD60CDBE11EFB71FE871762E951A.roa
File: EF48AD60CDBE11EFB71FE871762E951A.roa (raw, json)
Hash identifier: pu2fmoLruNZAyweT6D3TwQp+hS8WhZ58GuCBAH3VRlw=
Subject key identifier: 16:CC:7A:F8:0F:F9:8E:93:8D:C6:9A:EA:85:53:C3:65:9B:F7:8D:FF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013700
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EF48AD60CDBE11EFB71FE871762E951A.roa
Signing time: Wed 08 Jan 2025 12:49:01 +0000
ROA not before: Wed 08 Jan 2025 12:48:58 +0000
ROA not after: Tue 16 Dec 2025 12:48:58 +0000
asID: 984
IP address blocks: 154.200.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79616 (0x13700)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 12:48:58 2025 GMT
Not After : Dec 16 12:48:58 2025 GMT
Subject: CN=677e743d-e1c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6c:f2:ef:39:22:36:c7:91:88:3f:1e:53:6d:
64:71:c5:54:d0:f3:95:20:07:fc:a0:c1:02:fc:83:
9b:db:a1:b5:93:05:61:24:f5:31:ea:1d:e1:14:0e:
92:59:90:c5:96:f8:d3:e4:bb:00:f7:9a:b1:3e:3f:
60:c7:cd:78:b4:1a:80:b5:fc:7f:5c:d8:cc:13:d0:
2c:5d:8b:b1:b0:45:84:dd:2d:40:31:2c:27:81:09:
88:db:48:28:16:95:52:af:a7:ac:e5:d7:3f:a9:26:
b5:ad:03:a3:7a:4a:b6:7f:ba:e4:03:92:09:8b:96:
d7:ed:13:95:c7:76:97:71:8e:3b:a3:0f:d3:f6:d8:
a0:e6:79:67:19:03:56:72:64:3c:62:8f:28:2e:23:
c7:72:0b:ff:8b:67:67:5a:ba:cd:3f:02:1a:e7:ca:
bc:8f:72:d2:18:67:87:47:1d:40:60:5d:30:cf:b5:
6a:ff:a2:29:b0:01:1d:39:3d:86:09:2b:9d:64:fd:
4b:12:4f:91:cd:74:ae:d3:04:dd:4b:1f:37:03:88:
06:62:48:29:09:8c:9c:27:32:ef:2d:22:44:a2:b6:
67:e6:71:29:0c:e7:4a:90:98:7c:2a:21:bb:04:1f:
66:88:80:9a:36:e1:63:25:63:50:10:6b:c8:6b:8a:
1f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:CC:7A:F8:0F:F9:8E:93:8D:C6:9A:EA:85:53:C3:65:9B:F7:8D:FF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EF48AD60CDBE11EFB71FE871762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.221.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:48:6e:05:65:ee:d7:6b:3d:7f:58:b1:c3:78:74:50:48:1c:
c4:d9:c8:d5:f4:af:09:c9:fe:dc:1b:c7:5d:5b:75:54:64:9b:
c9:ad:0c:f5:ca:bb:b1:5f:a3:f0:c5:29:ac:ef:06:06:e8:49:
2b:57:5a:78:43:c0:06:7a:31:32:d6:8e:14:66:5f:72:05:af:
ac:fa:cd:05:ce:3e:84:80:79:9a:06:ae:8d:49:01:63:d3:4f:
0d:2c:19:ae:5b:e6:f0:1a:9d:b0:58:ab:7b:b1:e5:37:4c:51:
39:22:22:46:61:b5:2a:5c:f1:eb:de:b0:a4:00:c6:74:7f:fc:
ae:27:18:e9:21:5d:ed:56:48:1e:fa:d5:c1:c2:6e:41:ee:d4:
83:10:b5:b0:66:15:89:99:7c:07:81:ca:57:e2:16:34:29:86:
ef:38:11:c0:38:67:db:b4:be:e2:a4:b2:ba:35:fa:96:59:ff:
45:cd:dc:d9:bb:df:6c:a3:0c:98:34:75:7a:24:02:26:54:38:
6e:c4:c0:a1:8a:da:b5:01:e2:b9:5b:44:6f:c2:bc:e3:ab:8d:
22:a9:bf:b5:f0:d6:b2:f5:b2:e8:85:90:3c:b0:fe:fc:04:39:
f1:fe:ac:a3:2a:6b:7c:ab:c5:f3:6f:2e:76:2e:c8:da:7d:03:
e9:ff:a6:a2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATcAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTI0ODU4WhcNMjUxMjE2MTI0ODU4WjAYMRYw
FAYDVQQDEw02NzdlNzQzZC1lMWMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0Wzy7zkiNseRiD8eU21kccVU0POVIAf8oMEC/IOb26G1kwVhJPUx6h3h
FA6SWZDFlvjT5LsA95qxPj9gx814tBqAtfx/XNjME9AsXYuxsEWE3S1AMSwngQmI
20goFpVSr6es5dc/qSa1rQOjekq2f7rkA5IJi5bX7ROVx3aXcY47ow/T9tig5nln
GQNWcmQ8Yo8oLiPHcgv/i2dnWrrNPwIa58q8j3LSGGeHRx1AYF0wz7Vq/6IpsAEd
OT2GCSudZP1LEk+RzXSu0wTdSx83A4gGYkgpCYycJzLvLSJEorZn5nEpDOdKkJh8
KiG7BB9miICaNuFjJWNQEGvIa4ofpQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBbM
evgP+Y6Tjcaa6oVTw2Wb943/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRjQ4QUQ2MENEQkUxMUVGQjcxRkU4NzE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsjdMA0GCSqGSIb3DQEB
CwUAA4IBAQDJSG4FZe7Xaz1/WLHDeHRQSBzE2cjV9K8Jyf7cG8ddW3VUZJvJrQz1
yruxX6PwxSms7wYG6EkrV1p4Q8AGejEy1o4UZl9yBa+s+s0Fzj6EgHmaBq6NSQFj
008NLBmuW+bwGp2wWKt7seU3TFE5IiJGYbUqXPHr3rCkAMZ0f/yuJxjpIV3tVkge
+tXBwm5B7tSDELWwZhWJmXwHgcpX4hY0KYbvOBHAOGfbtL7ipLK6NfqWWf9FzdzZ
u99sowyYNHV6JAImVDhuxMChitq1AeK5W0Rvwrzjq40iqb+18Nay9bLohZA8sP78
BDnx/qyjKmt8q8Xzby52LsjafQPp/6ai
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:23:34 2025 by rpki-client