Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/847A76B6DC8D11EFB7876276762E951A.roa
File: 847A76B6DC8D11EFB7876276762E951A.roa (raw, json)
Hash identifier: C83wjJwaMFoUGbI0Sg9Vy7dlJbyuQ4dYV2IkrbOGpdU=
Subject key identifier: EE:17:BC:84:84:AA:CF:52:C4:D0:70:89:7B:C9:31:53:FC:3E:5A:16
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014B71
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/847A76B6DC8D11EFB7876276762E951A.roa
Signing time: Mon 27 Jan 2025 09:03:04 +0000
ROA not before: Mon 27 Jan 2025 09:03:01 +0000
ROA not after: Sat 08 Feb 2025 09:03:01 +0000
asID: 5065
IP address blocks: 154.85.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84849 (0x14b71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 27 09:03:01 2025 GMT
Not After : Feb 8 09:03:01 2025 GMT
Subject: CN=67974bc8-4448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:db:c5:b9:29:b3:28:d9:e0:e0:04:b2:fa:74:
bf:67:33:c4:17:e4:2f:e7:f1:e1:46:69:cf:ea:56:
fa:5a:c8:b1:e6:3a:e4:dc:22:89:8d:bc:f4:a5:c6:
41:7c:ae:39:30:e3:68:88:81:de:d6:9d:e6:29:8f:
35:1c:4a:42:b2:8f:67:f9:20:48:14:1d:9a:e2:b2:
c9:65:7f:23:43:e6:c2:7d:29:33:ff:18:de:df:c3:
c0:50:b2:7f:d4:6d:1c:d6:e2:7c:a6:30:9c:18:d6:
6c:41:e1:f8:ec:f6:12:c4:e9:32:2a:c9:90:cd:7a:
51:65:c6:50:83:fc:7f:74:a8:9a:b1:84:f5:55:40:
3f:7e:3b:3b:d2:3d:d5:74:31:61:10:aa:04:d9:fe:
0c:e0:dc:d1:2c:c0:8a:05:a3:43:a2:e3:21:8e:bf:
72:b3:02:87:7e:4d:a6:ba:a7:90:3c:56:82:9e:9a:
d0:b4:fc:b6:04:18:56:2f:da:6c:7b:dd:91:e3:95:
32:e0:65:98:ba:28:59:36:a3:d7:cf:b3:22:88:3e:
7f:c2:d6:8e:d8:c6:b4:a4:cc:10:89:39:8a:02:17:
ef:79:fc:90:af:67:03:df:7c:8a:01:70:79:29:8c:
5b:8d:2c:88:c7:46:f9:ad:cb:99:65:5c:c2:9f:78:
76:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:17:BC:84:84:AA:CF:52:C4:D0:70:89:7B:C9:31:53:FC:3E:5A:16
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/847A76B6DC8D11EFB7876276762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.108.0/24
Signature Algorithm: sha256WithRSAEncryption
76:c0:c5:32:cc:9d:d0:cc:4e:63:c7:c2:99:7e:25:7f:a8:1f:
2c:c6:91:9f:7d:32:53:31:51:20:30:92:34:ba:3f:2b:38:80:
dc:2a:b4:2f:f1:c3:3a:79:37:be:52:8c:aa:24:0b:b2:5a:88:
be:32:7a:38:a6:9f:38:ef:a4:6b:f6:26:d0:86:9a:84:ca:a4:
05:4e:df:97:16:10:22:22:b9:cb:66:8e:c5:4f:e6:37:18:fd:
38:c7:1b:4f:8f:61:be:28:1b:7e:22:8d:d3:3f:14:61:3f:c2:
43:07:e3:d7:c1:fa:e0:00:17:cb:32:21:49:78:ac:10:5f:a5:
b5:9b:7e:b0:a7:53:08:3e:21:f0:18:ca:12:22:ba:7e:ac:7d:
77:01:05:5a:00:61:ad:1c:e1:cc:a9:a4:71:ae:7f:e8:8a:3a:
1d:c7:1c:66:da:26:ca:d7:a1:6e:47:c9:d1:31:73:fd:3f:a8:
46:30:ba:df:b5:fe:3f:82:e8:35:4f:d9:46:45:65:50:ec:23:
07:12:e4:6d:80:73:19:d7:99:27:fc:a7:9d:c3:f0:8c:97:0a:
24:16:cd:dc:2f:12:24:75:d6:90:e0:ba:bb:0a:b7:38:d6:3d:
0b:4a:3e:8b:eb:e2:ee:cc:a0:d0:37:64:0b:ac:df:fe:97:f1:
86:3d:31:a0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUtxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI3MDkwMzAxWhcNMjUwMjA4MDkwMzAxWjAYMRYw
FAYDVQQDEw02Nzk3NGJjOC00NDQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtdvFuSmzKNng4ASy+nS/ZzPEF+Qv5/HhRmnP6lb6Wsix5jrk3CKJjbz0
pcZBfK45MONoiIHe1p3mKY81HEpCso9n+SBIFB2a4rLJZX8jQ+bCfSkz/xje38PA
ULJ/1G0c1uJ8pjCcGNZsQeH47PYSxOkyKsmQzXpRZcZQg/x/dKiasYT1VUA/fjs7
0j3VdDFhEKoE2f4M4NzRLMCKBaNDouMhjr9yswKHfk2muqeQPFaCnprQtPy2BBhW
L9pse92R45Uy4GWYuihZNqPXz7MiiD5/wtaO2Ma0pMwQiTmKAhfvefyQr2cD33yK
AXB5KYxbjSyIx0b5rcuZZVzCn3h2lwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFO4X
vISEqs9SxNBwiXvJMVP8PloWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NDdBNzZCNkRDOEQxMUVGQjc4NzYyNzY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlVsMA0GCSqGSIb3DQEB
CwUAA4IBAQB2wMUyzJ3QzE5jx8KZfiV/qB8sxpGffTJTMVEgMJI0uj8rOIDcKrQv
8cM6eTe+UoyqJAuyWoi+Mno4pp8476Rr9ibQhpqEyqQFTt+XFhAiIrnLZo7FT+Y3
GP04xxtPj2G+KBt+Io3TPxRhP8JDB+PXwfrgABfLMiFJeKwQX6W1m36wp1MIPiHw
GMoSIrp+rH13AQVaAGGtHOHMqaRxrn/oijodxxxm2ibK16FuR8nRMXP9P6hGMLrf
tf4/gug1T9lGRWVQ7CMHEuRtgHMZ15kn/Kedw/CMlwokFs3cLxIkddaQ4Lq7Crc4
1j0LSj6L6+LuzKDQN2QLrN/+l/GGPTGg
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:53:33 2025 by rpki-client