Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D541732DCBE11EF9C733CB7762E951A.roa
File: 0D541732DCBE11EF9C733CB7762E951A.roa (raw, json)
Hash identifier: dZTAYpOc2pV3ZDrYVIP7vO4OWjwk9hk8FAGOSuo2E4c=
Subject key identifier: D7:96:E3:1F:ED:9D:74:6A:72:7A:95:39:9D:CD:C8:9C:BB:D5:05:EC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014C21
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D541732DCBE11EF9C733CB7762E951A.roa
Signing time: Mon 27 Jan 2025 14:50:30 +0000
ROA not before: Mon 27 Jan 2025 14:50:26 +0000
ROA not after: Sun 09 Feb 2025 14:50:26 +0000
asID: 5065
IP address blocks: 154.86.96.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85025 (0x14c21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 27 14:50:26 2025 GMT
Not After : Feb 9 14:50:26 2025 GMT
Subject: CN=67979d36-4e50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:1e:bc:9e:9b:9b:79:83:eb:ed:64:ce:2e:e6:
3f:0c:85:1e:30:dd:9c:f7:9a:db:f7:f4:a3:33:ca:
1b:83:15:b6:c6:f5:21:2a:67:58:8d:98:da:aa:a7:
07:5b:9a:5f:fa:c2:8d:a7:a4:45:89:bc:87:91:a9:
95:2c:b8:ea:18:b1:8f:57:57:10:97:84:7d:9e:78:
9d:f6:9f:af:7a:ba:51:b8:81:9a:99:ea:16:a7:af:
65:55:31:e3:de:45:fe:1b:78:c5:5c:15:4b:7a:d5:
e8:ab:40:4c:79:15:c0:f6:93:c6:c6:d7:ea:22:3f:
d3:7f:b3:9a:9b:70:00:d7:e5:62:6d:17:44:ea:06:
b8:5d:9f:ec:db:d6:dc:01:ee:a1:bd:11:44:6c:8b:
a4:6e:41:97:d2:f9:0c:81:9b:85:e5:37:b1:b5:4b:
00:8b:92:38:e2:98:d7:14:de:49:48:07:d4:fb:42:
43:0c:5f:2f:1e:4d:48:f2:4c:c3:ce:9b:89:82:9f:
7c:39:af:c5:dd:0a:ca:fe:3b:f6:b7:29:1f:f4:e7:
d1:99:e1:55:91:bd:b0:94:fa:53:a6:5c:86:b2:e2:
89:08:36:1a:26:be:33:62:b9:74:9c:26:ae:cf:70:
6c:b2:b8:27:12:df:a7:6a:24:7d:91:a4:b8:24:b6:
96:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:96:E3:1F:ED:9D:74:6A:72:7A:95:39:9D:CD:C8:9C:BB:D5:05:EC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D541732DCBE11EF9C733CB7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.96.0/24
Signature Algorithm: sha256WithRSAEncryption
87:04:1e:f1:34:ce:28:4c:68:77:16:55:6e:9d:54:8f:40:a1:
87:95:d5:67:29:10:58:db:c5:85:56:c6:f2:06:1a:c6:9d:62:
ee:94:42:8f:f5:28:e7:e6:ef:8b:f1:ca:06:15:91:9d:c5:3c:
66:e0:af:df:d8:80:dc:eb:03:c3:b6:58:64:da:46:da:d7:26:
7c:fc:04:d0:2f:1f:56:7e:cb:38:06:ca:ec:6c:c6:03:80:3f:
16:66:89:9f:06:bd:c7:49:5c:0a:eb:07:3a:cc:d8:61:ac:5f:
d4:e2:99:b8:e4:5d:97:c8:b5:d7:26:c6:d5:ff:e7:30:e5:e2:
27:fa:1c:21:b5:66:d4:aa:66:0a:3d:47:dd:55:cd:38:8c:1a:
40:c1:3e:f1:58:d0:0d:94:18:da:68:74:1f:59:c4:92:7e:ed:
77:c1:6e:3a:9e:6e:29:68:87:03:80:29:54:4c:66:e1:01:94:
51:a6:0e:7f:8d:3d:cf:54:33:09:4a:23:ce:ab:6b:64:9f:9e:
4b:08:ee:31:1b:2c:6d:a7:c8:52:f5:49:e8:59:40:f7:04:71:
18:26:d6:ed:db:99:1c:8e:e8:10:85:91:7b:5f:8d:8d:6f:82:
f5:f8:7a:68:7e:77:28:5c:bf:c1:7b:c0:93:40:5e:28:2c:c2:
a2:68:d9:00
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUwhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI3MTQ1MDI2WhcNMjUwMjA5MTQ1MDI2WjAYMRYw
FAYDVQQDEw02Nzk3OWQzNi00ZTUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7B68npubeYPr7WTOLuY/DIUeMN2c95rb9/SjM8obgxW2xvUhKmdYjZja
qqcHW5pf+sKNp6RFibyHkamVLLjqGLGPV1cQl4R9nnid9p+verpRuIGameoWp69l
VTHj3kX+G3jFXBVLetXoq0BMeRXA9pPGxtfqIj/Tf7Oam3AA1+VibRdE6ga4XZ/s
29bcAe6hvRFEbIukbkGX0vkMgZuF5TextUsAi5I44pjXFN5JSAfU+0JDDF8vHk1I
8kzDzpuJgp98Oa/F3QrK/jv2tykf9OfRmeFVkb2wlPpTplyGsuKJCDYaJr4zYrl0
nCauz3BssrgnEt+naiR9kaS4JLaWhQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNeW
4x/tnXRqcnqVOZ3NyJy71QXsMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRDU0MTczMkRDQkUxMUVGOUM3MzNDQjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlZgMA0GCSqGSIb3DQEB
CwUAA4IBAQCHBB7xNM4oTGh3FlVunVSPQKGHldVnKRBY28WFVsbyBhrGnWLulEKP
9Sjn5u+L8coGFZGdxTxm4K/f2IDc6wPDtlhk2kba1yZ8/ATQLx9Wfss4BsrsbMYD
gD8WZomfBr3HSVwK6wc6zNhhrF/U4pm45F2XyLXXJsbV/+cw5eIn+hwhtWbUqmYK
PUfdVc04jBpAwT7xWNANlBjaaHQfWcSSfu13wW46nm4paIcDgClUTGbhAZRRpg5/
jT3PVDMJSiPOq2tkn55LCO4xGyxtp8hS9UnoWUD3BHEYJtbt25kcjugQhZF7X42N
b4L1+HpofncoXL/Be8CTQF4oLMKiaNkA
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:23:51 2025 by rpki-client