Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10BC4ED4D3FA11EF857FAE7C762E951A.roa
File: 10BC4ED4D3FA11EF857FAE7C762E951A.roa (raw, json)
Hash identifier: 6QtUiOwPMqCWLCNMaZ4/58aw0E7qEHN0PuduQKT2xbM=
Subject key identifier: 35:DD:7B:29:7B:24:CA:B3:C4:25:6B:35:7E:C3:8C:C2:A8:E7:07:C9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013BDE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10BC4ED4D3FA11EF857FAE7C762E951A.roa
Signing time: Thu 16 Jan 2025 11:07:25 +0000
ROA not before: Thu 16 Jan 2025 11:07:21 +0000
ROA not after: Sun 16 Mar 2025 11:07:21 +0000
asID: 17561
IP address blocks: 154.213.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80862 (0x13bde)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 16 11:07:21 2025 GMT
Not After : Mar 16 11:07:21 2025 GMT
Subject: CN=6788e86d-db33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:30:3b:61:39:17:70:2a:43:7e:29:58:99:86:
c7:e1:49:31:82:3d:cb:91:cc:82:b2:17:db:2d:d5:
48:d7:4a:70:3b:52:68:af:c7:23:da:48:e1:28:d8:
91:a7:cc:44:29:74:ce:65:1f:c7:8c:f6:6c:a0:cd:
ea:90:7f:9a:2e:c9:e9:7d:ce:b7:b8:10:f6:cf:ed:
15:1a:2d:39:0e:62:38:09:d9:6f:5c:51:8b:2d:28:
72:15:7a:02:59:47:21:54:92:3c:f4:2b:c6:4a:b3:
74:38:8e:dd:d4:01:47:22:1c:62:57:6c:05:d9:36:
41:65:8d:eb:a1:78:ba:df:d1:2d:9b:90:6e:63:83:
b3:c1:ff:e4:a2:00:df:08:84:39:79:91:61:0c:6a:
d0:7b:78:2c:72:ac:8a:b5:21:d2:fa:ab:6f:1e:c4:
92:ff:04:10:06:46:e2:8b:dd:24:b9:9b:38:4e:a9:
2c:ad:57:dc:e2:80:81:71:04:12:46:8f:63:dd:f6:
f7:4d:91:41:a0:09:9a:d3:35:d3:97:25:34:37:07:
54:80:36:03:3d:6b:e2:88:39:bd:a2:2c:a8:4f:fd:
53:94:1b:d1:a6:5c:03:15:27:45:47:e7:02:5a:40:
a2:20:cf:f0:f3:69:12:b7:b5:64:70:74:42:0c:fa:
5e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:DD:7B:29:7B:24:CA:B3:C4:25:6B:35:7E:C3:8C:C2:A8:E7:07:C9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10BC4ED4D3FA11EF857FAE7C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.21.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:d0:32:3f:ce:35:ac:df:d2:bb:93:47:a1:db:e4:29:0c:c1:
e1:6f:c6:f7:46:81:82:27:48:32:fa:27:55:82:f3:d8:e8:9f:
f4:74:a9:df:a9:5a:59:f9:ba:b8:0d:8d:b0:0f:56:77:b4:cf:
69:0c:60:d6:f5:0d:15:23:d8:30:39:5c:d2:fa:2a:79:31:93:
55:8b:16:24:bf:a2:c4:94:06:68:a4:26:80:c2:60:5c:05:22:
f0:b6:e4:a0:97:3d:61:f4:92:bd:d2:ae:23:04:5b:23:cc:62:
d7:53:a7:ea:fc:14:08:0a:0c:31:ad:40:51:ad:b1:05:6d:29:
23:53:bd:d2:d6:d8:43:67:be:8d:55:cf:75:56:81:b1:e1:27:
8d:23:59:df:6c:31:b5:1d:bb:06:65:c3:04:ab:f2:76:af:e4:
20:f3:54:1f:e5:eb:46:2a:89:f2:0a:99:c4:d8:f6:2c:de:e0:
11:2b:63:93:1c:04:00:ac:6d:6a:e9:ac:42:5e:89:c5:6a:d1:
7f:87:4d:5e:34:9b:73:db:0e:1a:44:52:f0:02:a1:b2:ca:c1:
ca:b1:83:f3:a2:4b:89:d7:20:2e:e8:85:31:4d:1b:b9:9b:5e:
26:0d:a5:80:7e:88:72:19:09:41:dc:68:b0:dd:58:e3:54:62:
c0:89:f1:77
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATveMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE2MTEwNzIxWhcNMjUwMzE2MTEwNzIxWjAYMRYw
FAYDVQQDEw02Nzg4ZTg2ZC1kYjMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlzA7YTkXcCpDfilYmYbH4Ukxgj3LkcyCshfbLdVI10pwO1Jor8cj2kjh
KNiRp8xEKXTOZR/HjPZsoM3qkH+aLsnpfc63uBD2z+0VGi05DmI4CdlvXFGLLShy
FXoCWUchVJI89CvGSrN0OI7d1AFHIhxiV2wF2TZBZY3roXi639Etm5BuY4Ozwf/k
ogDfCIQ5eZFhDGrQe3gscqyKtSHS+qtvHsSS/wQQBkbii90kuZs4TqksrVfc4oCB
cQQSRo9j3fb3TZFBoAma0zXTlyU0NwdUgDYDPWviiDm9oiyoT/1TlBvRplwDFSdF
R+cCWkCiIM/w82kSt7VkcHRCDPpegQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDXd
eyl7JMqzxCVrNX7DjMKo5wfJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMEJDNEVENEQzRkExMUVGODU3RkFFN0M3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtUVMA0GCSqGSIb3DQEB
CwUAA4IBAQAd0DI/zjWs39K7k0eh2+QpDMHhb8b3RoGCJ0gy+idVgvPY6J/0dKnf
qVpZ+bq4DY2wD1Z3tM9pDGDW9Q0VI9gwOVzS+ip5MZNVixYkv6LElAZopCaAwmBc
BSLwtuSglz1h9JK90q4jBFsjzGLXU6fq/BQICgwxrUBRrbEFbSkjU73S1thDZ76N
Vc91VoGx4SeNI1nfbDG1HbsGZcMEq/J2r+Qg81Qf5etGKonyCpnE2PYs3uARK2OT
HAQArG1q6axCXonFatF/h01eNJtz2w4aRFLwAqGyysHKsYPzokuJ1yAu6IUxTRu5
m14mDaWAfohyGQlB3Giw3VjjVGLAifF3
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:45:18 2025 by rpki-client