Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1A775B44DCC411EF95677261762E951A.roa
File: 1A775B44DCC411EF95677261762E951A.roa (raw, json)
Hash identifier: 6jJFFGlXBX+QYb/jt5kCUdJLGlW0ys8UyTZh2tvBSFI=
Subject key identifier: 3A:16:CB:CF:1F:49:9A:64:21:6F:E7:26:85:50:75:10:9C:B7:0B:0F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014C47
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1A775B44DCC411EF95677261762E951A.roa
Signing time: Mon 27 Jan 2025 15:33:49 +0000
ROA not before: Mon 27 Jan 2025 15:33:45 +0000
ROA not after: Thu 13 Feb 2025 15:33:45 +0000
asID: 5065
IP address blocks: 154.207.149.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85063 (0x14c47)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 27 15:33:45 2025 GMT
Not After : Feb 13 15:33:45 2025 GMT
Subject: CN=6797a75d-c63e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:76:26:36:a3:12:2a:d6:40:c7:66:66:78:ef:
1a:3e:49:39:b5:09:f8:81:14:33:7b:fa:e5:00:bf:
fb:ce:6c:c6:cc:8e:f5:02:89:16:58:f2:b7:77:c6:
5a:91:31:b7:d5:64:b5:12:c5:f6:b0:4c:24:85:20:
82:03:67:ef:df:eb:cd:b9:ad:fc:e6:8b:d3:e7:e2:
a9:b5:3e:5d:70:66:21:3b:40:f0:a1:3e:68:e0:5d:
fe:68:86:92:25:65:91:e4:ce:8e:e2:21:3b:1c:db:
36:59:33:0e:12:ca:cd:62:68:ba:ab:ed:aa:32:0b:
3b:0b:ea:65:c1:51:29:70:1d:e3:c6:d3:aa:13:eb:
7c:70:1d:00:95:7c:27:4b:7f:97:45:93:72:ce:6e:
50:79:1d:7a:71:2d:d5:a3:c4:25:c7:e4:c6:c2:02:
32:0e:9a:a5:be:f5:7f:6c:27:c4:a0:4f:87:ec:52:
a6:df:4e:43:7d:b6:d4:0a:04:41:cd:52:73:ae:be:
fb:18:6b:dc:47:b0:87:32:13:0a:90:66:82:30:44:
14:35:1e:6b:09:a3:aa:de:7e:95:d4:3a:3d:ef:43:
cd:2e:a2:0e:08:c3:e1:56:b3:ef:42:ad:6f:eb:fb:
85:1b:e0:fc:93:1f:0d:4a:26:22:46:6b:bc:cc:47:
9e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:16:CB:CF:1F:49:9A:64:21:6F:E7:26:85:50:75:10:9C:B7:0B:0F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1A775B44DCC411EF95677261762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.149.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:52:52:6f:09:5e:9e:15:81:75:5c:9c:ca:e1:b7:95:75:2a:
7a:d0:ff:b0:7f:a0:d1:cb:6c:44:c3:82:ef:b1:28:f4:32:2e:
b2:41:f1:7d:e6:2c:70:76:90:92:57:45:fa:bb:3d:cc:1e:9d:
39:bf:f9:28:bf:f0:1d:48:9c:09:72:4c:59:86:37:28:9a:ba:
ed:18:3d:55:c9:a8:0b:1f:a0:92:dc:a8:62:64:d4:82:9d:17:
97:35:46:3c:59:4e:0f:2c:b6:c1:a9:98:68:de:26:e6:b6:ce:
f1:cf:dd:c2:8d:1e:68:b6:c8:b5:33:aa:e1:dd:5a:bb:36:1d:
dd:66:ac:e0:f6:1f:b7:8f:60:75:cf:1d:17:5c:9f:95:52:ca:
3b:bd:c5:1d:ea:e0:6a:da:21:30:54:16:57:69:e5:3d:43:03:
12:95:2b:d1:71:3b:e9:c1:f7:f7:5d:de:7b:af:bd:47:69:a7:
ac:87:54:28:6b:db:50:08:91:a6:70:31:3f:ce:a0:86:e2:ea:
60:ee:83:c4:61:59:14:b7:46:fa:4c:61:c3:91:c9:78:16:16:
67:d3:2b:6c:80:54:b5:1d:b9:9d:53:d9:27:38:60:04:34:9b:
e0:9d:14:81:7b:1f:83:9d:51:7a:43:fc:26:d7:0a:e0:89:8b:
c5:dd:2f:24
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUxHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI3MTUzMzQ1WhcNMjUwMjEzMTUzMzQ1WjAYMRYw
FAYDVQQDEw02Nzk3YTc1ZC1jNjNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvnYmNqMSKtZAx2ZmeO8aPkk5tQn4gRQze/rlAL/7zmzGzI71AokWWPK3
d8ZakTG31WS1EsX2sEwkhSCCA2fv3+vNua385ovT5+KptT5dcGYhO0DwoT5o4F3+
aIaSJWWR5M6O4iE7HNs2WTMOEsrNYmi6q+2qMgs7C+plwVEpcB3jxtOqE+t8cB0A
lXwnS3+XRZNyzm5QeR16cS3Vo8Qlx+TGwgIyDpqlvvV/bCfEoE+H7FKm305DfbbU
CgRBzVJzrr77GGvcR7CHMhMKkGaCMEQUNR5rCaOq3n6V1Do970PNLqIOCMPhVrPv
Qq1v6/uFG+D8kx8NSiYiRmu8zEeegQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDoW
y88fSZpkIW/nJoVQdRCctwsPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQTc3NUI0NERDQzQxMUVGOTU2NzcyNjE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms+VMA0GCSqGSIb3DQEB
CwUAA4IBAQAuUlJvCV6eFYF1XJzK4beVdSp60P+wf6DRy2xEw4LvsSj0Mi6yQfF9
5ixwdpCSV0X6uz3MHp05v/kov/AdSJwJckxZhjcomrrtGD1VyagLH6CS3KhiZNSC
nReXNUY8WU4PLLbBqZho3ibmts7xz93CjR5otsi1M6rh3Vq7Nh3dZqzg9h+3j2B1
zx0XXJ+VUso7vcUd6uBq2iEwVBZXaeU9QwMSlSvRcTvpwff3Xd57r71Haaesh1Qo
a9tQCJGmcDE/zqCG4upg7oPEYVkUt0b6TGHDkcl4FhZn0ytsgFS1HbmdU9knOGAE
NJvgnRSBex+DnVF6Q/wm1wrgiYvF3S8k
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:48:08 2025 by rpki-client