Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0607FFA2DC9B11EF9495E14F762E951A.roa
File: 0607FFA2DC9B11EF9495E14F762E951A.roa (raw, json)
Hash identifier: 5lbmbzWDvzD+x9XOVP+7VTUvEXv8w0OjHLCah/58t0s=
Subject key identifier: FF:A2:B3:9A:35:2C:2F:9B:5D:D0:37:25:B1:5D:A9:11:8B:51:DE:A4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014BAF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0607FFA2DC9B11EF9495E14F762E951A.roa
Signing time: Mon 27 Jan 2025 10:39:45 +0000
ROA not before: Mon 27 Jan 2025 10:39:41 +0000
ROA not after: Sat 08 Feb 2025 10:39:41 +0000
asID: 22773
IP address blocks: 154.84.168.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84911 (0x14baf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 27 10:39:41 2025 GMT
Not After : Feb 8 10:39:41 2025 GMT
Subject: CN=67976271-e21a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:46:cd:27:0d:a4:80:a6:6c:f0:35:f3:8d:82:
9e:38:2d:91:28:e3:d6:dc:7e:fe:8a:96:16:58:d0:
4a:8f:2d:d2:0b:aa:06:70:1c:e2:63:b5:d4:fa:c6:
c1:cc:6e:b2:64:98:0c:e1:e7:1b:9c:9b:d4:1b:6c:
02:4e:66:92:2e:3f:bc:eb:d6:f6:4e:2d:4c:6e:1d:
e1:a9:4f:6e:6b:51:55:86:c4:30:8e:1a:4e:a6:b9:
fd:5e:88:97:29:a9:6f:05:97:58:58:5e:39:50:33:
15:de:aa:df:c9:c7:d3:43:82:34:dd:53:8b:30:17:
24:ea:4b:09:b7:df:dd:db:b7:14:9f:10:c3:46:95:
f0:74:e5:4a:0e:48:c4:5f:32:55:1b:78:55:0c:6b:
8e:69:7d:f5:b4:8e:7a:b0:11:50:9c:4d:3c:f3:da:
27:ab:f2:38:47:de:2b:b0:f6:89:7b:c5:f8:4c:0d:
7d:d5:50:ea:60:ad:0a:6c:79:a7:b9:20:a2:b5:65:
8a:3c:0f:7f:2f:57:0b:01:f2:0c:7c:39:c7:d1:29:
fd:02:f0:4e:3f:5b:06:e5:bb:66:ec:8c:43:62:c3:
fa:98:f8:d3:6a:15:a3:21:94:9c:27:4d:b5:f4:43:
ca:84:f0:79:a5:40:6f:be:05:71:ec:2c:be:13:29:
27:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:A2:B3:9A:35:2C:2F:9B:5D:D0:37:25:B1:5D:A9:11:8B:51:DE:A4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0607FFA2DC9B11EF9495E14F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.168.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:f6:34:e6:ae:b7:31:0c:94:48:e7:19:97:b7:fc:ac:80:91:
b5:5e:83:c1:1d:dc:6c:a9:51:6e:67:7d:26:33:0a:d8:48:a1:
de:d7:33:6d:73:b0:1a:93:0d:c9:6d:52:7e:f2:a6:1a:fe:86:
3b:c9:ec:1a:b9:c8:80:e3:53:f8:b1:dd:68:70:76:18:c5:f6:
14:30:f1:4c:e8:39:79:19:24:24:90:01:48:d8:e5:8a:61:b0:
bc:75:ac:8f:83:d1:c1:04:7b:df:80:95:46:fe:96:c2:b5:09:
32:c2:b8:2e:02:ba:9a:ba:cb:46:7f:23:7c:5a:75:a1:02:79:
a4:bc:3a:b7:ef:14:c0:58:02:41:97:ef:d1:d2:68:30:a8:df:
d0:c7:d5:c5:26:1d:b4:4c:a7:9c:25:b0:37:14:7c:17:7e:c9:
21:67:1c:0e:d1:62:73:ad:bb:e9:4b:f5:0a:30:85:e7:73:6a:
1c:db:2d:93:60:6f:ea:5d:c4:36:c3:1f:7a:d5:c6:fd:b0:8b:
8d:9e:06:ae:17:5c:b7:df:99:0a:0b:6b:98:ab:4d:c2:bf:59:
3c:00:5b:a2:32:90:b1:88:b7:ea:04:32:9e:28:a0:e3:a8:68:
83:98:a8:47:bf:46:75:fb:9b:8c:ea:ff:7d:f0:03:73:c0:ce:
03:2b:2a:de
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUuvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI3MTAzOTQxWhcNMjUwMjA4MTAzOTQxWjAYMRYw
FAYDVQQDEw02Nzk3NjI3MS1lMjFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7kbNJw2kgKZs8DXzjYKeOC2RKOPW3H7+ipYWWNBKjy3SC6oGcBziY7XU
+sbBzG6yZJgM4ecbnJvUG2wCTmaSLj+869b2Ti1Mbh3hqU9ua1FVhsQwjhpOprn9
XoiXKalvBZdYWF45UDMV3qrfycfTQ4I03VOLMBck6ksJt9/d27cUnxDDRpXwdOVK
DkjEXzJVG3hVDGuOaX31tI56sBFQnE0889onq/I4R94rsPaJe8X4TA191VDqYK0K
bHmnuSCitWWKPA9/L1cLAfIMfDnH0Sn9AvBOP1sG5btm7IxDYsP6mPjTahWjIZSc
J0219EPKhPB5pUBvvgVx7Cy+EyknqwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP+i
s5o1LC+bXdA3JbFdqRGLUd6kMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wNjA3RkZBMkRDOUIxMUVGOTQ5NUUxNEY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlSoMA0GCSqGSIb3DQEB
CwUAA4IBAQAa9jTmrrcxDJRI5xmXt/ysgJG1XoPBHdxsqVFuZ30mMwrYSKHe1zNt
c7Aakw3JbVJ+8qYa/oY7yewauciA41P4sd1ocHYYxfYUMPFM6Dl5GSQkkAFI2OWK
YbC8dayPg9HBBHvfgJVG/pbCtQkywrguArqaustGfyN8WnWhAnmkvDq37xTAWAJB
l+/R0mgwqN/Qx9XFJh20TKecJbA3FHwXfskhZxwO0WJzrbvpS/UKMIXnc2oc2y2T
YG/qXcQ2wx961cb9sIuNngauF1y335kKC2uYq03Cv1k8AFuiMpCxiLfqBDKeKKDj
qGiDmKhHv0Z1+5uM6v998ANzwM4DKyre
-----END CERTIFICATE-----
Generated at Sat Apr 26 11:45:19 2025 by rpki-client