Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0C3771A0CF3011EF807581A6762E951A.roa
File: 0C3771A0CF3011EF807581A6762E951A.roa (raw, json)
Hash identifier: p38O3GjTFurL3NZlyLo3odKbY/93j4QSoeKLtnR9/N0=
Subject key identifier: 8D:5C:EE:44:7B:9A:61:B2:CA:23:6C:B4:C6:BB:DC:1A:04:F8:DB:84
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0139C1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0C3771A0CF3011EF807581A6762E951A.roa
Signing time: Fri 10 Jan 2025 08:51:14 +0000
ROA not before: Fri 10 Jan 2025 08:51:10 +0000
ROA not after: Fri 07 Feb 2025 08:51:10 +0000
asID: 5065
IP address blocks: 154.94.60.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80321 (0x139c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 10 08:51:10 2025 GMT
Not After : Feb 7 08:51:10 2025 GMT
Subject: CN=6780df82-1f10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5a:e7:6a:ee:55:9e:53:db:a8:de:d6:bc:bd:
9d:f6:71:1b:33:85:69:ea:7c:ce:f3:7f:b6:5c:fd:
d3:ba:6b:74:3b:50:84:43:38:ed:83:fd:e6:e8:34:
3d:33:f5:db:1c:c5:9d:bd:f2:06:8c:3a:cf:1b:25:
69:a8:72:b3:78:8c:1e:49:2c:a8:e2:9e:63:25:4c:
31:85:21:b8:f8:56:b0:15:d0:04:8b:cc:41:cf:e6:
2d:a0:c2:7b:a9:12:8b:c7:04:9a:eb:1a:3d:db:51:
be:76:cd:6e:8d:96:ea:80:ec:57:dc:e2:7c:86:fa:
a7:24:47:4e:fd:51:17:98:9e:02:81:03:b0:c9:ee:
dc:db:86:a5:c9:e0:ca:62:bf:49:90:97:79:bb:48:
c0:ba:53:00:c5:12:7c:0e:00:91:0e:04:06:e7:c4:
2e:35:bc:32:47:90:fb:bd:d6:22:b7:32:84:74:cc:
6d:9e:9b:ea:f9:31:2a:d4:eb:3a:87:f9:18:7d:fa:
04:ba:46:ac:7d:44:ab:96:9f:67:8e:dc:b0:d7:79:
17:f9:ab:b3:3c:4f:4a:c5:85:77:d8:7c:7c:31:cb:
87:ff:a7:ca:c6:df:a9:dc:64:91:03:86:61:7c:06:
ab:ee:f7:86:2d:50:a9:de:35:1f:b6:f7:38:83:eb:
35:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:5C:EE:44:7B:9A:61:B2:CA:23:6C:B4:C6:BB:DC:1A:04:F8:DB:84
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0C3771A0CF3011EF807581A6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.60.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:af:90:7d:75:18:e9:8b:4e:02:7f:82:74:c8:60:37:b0:b2:
b6:5d:46:fc:9c:68:df:71:1e:7c:bc:07:8f:d3:a2:0d:3b:81:
80:7a:ee:56:74:56:e6:1a:d7:a9:fe:95:ba:0b:62:d5:cb:98:
6b:71:43:f0:5e:14:62:df:77:08:ad:c8:c0:e1:70:d2:8f:87:
77:ba:3e:85:04:c6:5d:f8:3a:7c:70:ec:92:0e:0c:80:fb:90:
12:6c:45:c7:f2:6a:d8:a9:ab:92:7c:39:b8:b8:51:39:85:41:
8e:57:a7:aa:f2:dd:f6:55:46:07:e0:91:a4:4a:5c:bd:90:d5:
74:84:51:9e:84:f9:21:b5:4c:14:ee:14:cb:41:1a:e0:98:28:
58:a7:e9:1b:64:60:37:af:e7:80:f0:ee:7d:0a:81:b1:62:39:
17:4f:aa:5e:44:1e:71:52:71:8e:05:5c:7b:fe:cf:60:14:ee:
86:0e:58:84:13:3b:19:2e:a5:c1:fe:46:f9:a9:46:32:db:c6:
85:64:74:42:d9:2c:01:71:97:5d:5a:3e:dd:1a:0c:7b:4d:07:
e2:93:81:90:3e:2f:97:80:f5:b0:22:37:c1:c1:9e:3b:68:be:
5f:9d:d3:49:cd:14:b3:45:42:1e:82:84:9e:bd:6c:7f:b1:68:
1e:e7:0c:cf
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATnBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTEwMDg1MTEwWhcNMjUwMjA3MDg1MTEwWjAYMRYw
FAYDVQQDEw02NzgwZGY4Mi0xZjEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmlrnau5VnlPbqN7WvL2d9nEbM4Vp6nzO83+2XP3Tumt0O1CEQzjtg/3m
6DQ9M/XbHMWdvfIGjDrPGyVpqHKzeIweSSyo4p5jJUwxhSG4+FawFdAEi8xBz+Yt
oMJ7qRKLxwSa6xo921G+ds1ujZbqgOxX3OJ8hvqnJEdO/VEXmJ4CgQOwye7c24al
yeDKYr9JkJd5u0jAulMAxRJ8DgCRDgQG58QuNbwyR5D7vdYitzKEdMxtnpvq+TEq
1Os6h/kYffoEukasfUSrlp9njtyw13kX+auzPE9KxYV32Hx8McuH/6fKxt+p3GSR
A4ZhfAar7veGLVCp3jUftvc4g+s12wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI1c
7kR7mmGyyiNstMa73BoE+NuEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQzM3NzFBMENGMzAxMUVGODA3NTgxQTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml48MA0GCSqGSIb3DQEB
CwUAA4IBAQB8r5B9dRjpi04Cf4J0yGA3sLK2XUb8nGjfcR58vAeP06INO4GAeu5W
dFbmGtep/pW6C2LVy5hrcUPwXhRi33cIrcjA4XDSj4d3uj6FBMZd+Dp8cOySDgyA
+5ASbEXH8mrYqauSfDm4uFE5hUGOV6eq8t32VUYH4JGkSly9kNV0hFGehPkhtUwU
7hTLQRrgmChYp+kbZGA3r+eA8O59CoGxYjkXT6peRB5xUnGOBVx7/s9gFO6GDliE
EzsZLqXB/kb5qUYy28aFZHRC2SwBcZddWj7dGgx7TQfik4GQPi+XgPWwIjfBwZ47
aL5fndNJzRSzRUIegoSevWx/sWge5wzP
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:04:20 2025 by rpki-client