Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DEFA3440CC2B11EFA0A2C162762E951A.roa
File: DEFA3440CC2B11EFA0A2C162762E951A.roa (raw, json)
Hash identifier: /kDuDCFHslA85Tny0LPtLoN97s8oLLNiyapO5xoD7SM=
Subject key identifier: AD:AF:F7:EA:D1:2D:E9:1C:22:4B:78:B0:9C:BB:56:AF:0B:1C:98:F2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013620
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DEFA3440CC2B11EFA0A2C162762E951A.roa
Signing time: Mon 06 Jan 2025 12:43:47 +0000
ROA not before: Mon 06 Jan 2025 12:43:43 +0000
ROA not after: Thu 06 Feb 2025 12:43:43 +0000
asID: 151800
IP address blocks: 154.197.66.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79392 (0x13620)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 6 12:43:43 2025 GMT
Not After : Feb 6 12:43:43 2025 GMT
Subject: CN=677bd003-fe08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6c:cf:77:d5:0f:98:76:58:1d:6c:91:e2:cc:
4e:b1:81:96:bf:0a:4d:44:fb:35:0e:33:85:1e:8c:
22:1c:48:23:70:98:de:cc:f5:8e:c1:ea:7f:e3:80:
a1:47:56:0e:3d:49:7e:dd:74:dc:56:00:ad:e5:03:
4f:8b:fc:f2:f3:ee:fe:1a:2b:50:9f:04:a8:d9:9d:
46:bb:a0:1e:36:73:77:9e:a7:0e:20:44:27:5e:16:
d6:95:4f:a3:f5:7f:3b:71:1f:f3:d1:69:cd:4f:5a:
4e:3b:90:05:7b:f7:c1:4f:8c:05:a8:b9:cc:f7:bf:
88:dc:35:3d:80:d3:65:08:0e:26:2b:a8:ae:11:41:
1d:f2:78:5c:7b:36:f1:84:69:42:a5:5b:38:52:9a:
b1:d6:bc:9c:cf:5a:4d:d2:ef:54:6d:22:33:1f:c5:
6e:7e:d0:4e:65:5b:f5:e4:0e:a9:e3:60:bb:49:e0:
4c:d9:aa:0b:cf:ba:6d:43:55:42:ce:3b:62:61:cd:
06:6f:14:9c:2a:9f:8f:f0:67:f8:b3:6d:48:67:81:
12:6e:97:37:76:24:46:7c:db:0c:f6:3f:1a:3a:a3:
b0:a3:36:fb:0e:c6:bc:35:21:00:69:d5:0d:05:a9:
f2:31:ad:f7:46:0a:a9:3e:fc:70:10:f2:71:66:b8:
70:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:AF:F7:EA:D1:2D:E9:1C:22:4B:78:B0:9C:BB:56:AF:0B:1C:98:F2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DEFA3440CC2B11EFA0A2C162762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.66.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:3b:22:a1:f6:bb:ae:7f:b1:8e:a5:0b:3f:ae:14:e6:2c:c4:
f1:45:9a:ea:10:fb:d0:1d:0a:49:70:91:77:0c:02:97:e1:50:
a9:c8:cc:99:aa:a4:69:60:2d:5e:e2:9b:a1:8f:b4:24:99:e7:
25:90:fb:21:03:96:2c:85:a9:01:46:e8:db:54:90:70:84:e5:
86:b1:41:80:7b:8d:b4:3c:4d:c9:27:5e:1b:61:8b:23:90:38:
18:e5:db:0c:fd:e1:2d:c4:96:51:17:60:dd:8d:c4:71:b9:93:
14:c3:8b:2f:95:27:26:90:f7:eb:2f:5d:a8:ed:0f:0d:76:f6:
4c:43:94:8d:a5:03:e8:a3:72:f3:c3:99:ac:b8:ea:4b:e2:7c:
ba:5e:cd:6c:be:e4:5b:2a:6b:e7:14:4f:3b:55:a5:69:31:36:
6a:1a:77:37:33:07:2d:35:a9:33:cf:f3:a4:98:18:7d:15:e5:
14:df:75:65:b3:7f:42:65:11:bf:bc:f9:68:d4:d7:ef:4e:42:
3b:73:7f:75:e0:a5:ac:f8:9d:57:c6:73:d4:e1:65:d9:ae:51:
cb:38:9b:7d:fd:8f:71:52:cf:84:49:3a:e8:f4:bc:34:4a:5a:
bd:15:98:a4:3b:e4:3b:bd:ed:64:9e:56:68:36:0e:2e:b5:8c:
0a:31:e1:08
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATYgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA2MTI0MzQzWhcNMjUwMjA2MTI0MzQzWjAYMRYw
FAYDVQQDEw02NzdiZDAwMy1mZTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn2zPd9UPmHZYHWyR4sxOsYGWvwpNRPs1DjOFHowiHEgjcJjezPWOwep/
44ChR1YOPUl+3XTcVgCt5QNPi/zy8+7+GitQnwSo2Z1Gu6AeNnN3nqcOIEQnXhbW
lU+j9X87cR/z0WnNT1pOO5AFe/fBT4wFqLnM97+I3DU9gNNlCA4mK6iuEUEd8nhc
ezbxhGlCpVs4Upqx1rycz1pN0u9UbSIzH8VuftBOZVv15A6p42C7SeBM2aoLz7pt
Q1VCzjtiYc0GbxScKp+P8Gf4s21IZ4ESbpc3diRGfNsM9j8aOqOwozb7Dsa8NSEA
adUNBanyMa33RgqpPvxwEPJxZrhwdwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFK2v
9+rRLekcIkt4sJy7Vq8LHJjyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERUZBMzQ0MENDMkIxMUVGQTBBMkMxNjI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsVCMA0GCSqGSIb3DQEB
CwUAA4IBAQANOyKh9ruuf7GOpQs/rhTmLMTxRZrqEPvQHQpJcJF3DAKX4VCpyMyZ
qqRpYC1e4puhj7QkmeclkPshA5YshakBRujbVJBwhOWGsUGAe420PE3JJ14bYYsj
kDgY5dsM/eEtxJZRF2DdjcRxuZMUw4svlScmkPfrL12o7Q8NdvZMQ5SNpQPoo3Lz
w5msuOpL4ny6Xs1svuRbKmvnFE87VaVpMTZqGnc3MwctNakzz/OkmBh9FeUU33Vl
s39CZRG/vPlo1NfvTkI7c3914KWs+J1XxnPU4WXZrlHLOJt9/Y9xUs+ESTro9Lw0
Slq9FZikO+Q7ve1knlZoNg4utYwKMeEI
-----END CERTIFICATE-----
Generated at Mon May 5 21:38:24 2025 by rpki-client