Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1CB35122DAF011EFAD4CCE93762E951A.roa
File: 1CB35122DAF011EFAD4CCE93762E951A.roa (raw, json)
Hash identifier: +np+hk4RNP+WZ5/khDZhdna74XTPV8nvaORQ/ch5/Xg=
Subject key identifier: F1:73:ED:FF:2B:E9:05:E6:F7:A0:48:9C:48:B2:A3:C6:B8:04:02:EE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0148EF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1CB35122DAF011EFAD4CCE93762E951A.roa
Signing time: Sat 25 Jan 2025 07:43:48 +0000
ROA not before: Sat 25 Jan 2025 07:43:44 +0000
ROA not after: Fri 07 Feb 2025 07:43:44 +0000
asID: 5065
IP address blocks: 154.86.10.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84207 (0x148ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 25 07:43:44 2025 GMT
Not After : Feb 7 07:43:44 2025 GMT
Subject: CN=67949634-936d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:54:bb:fa:2c:b1:7a:12:54:a4:c9:d0:1f:da:
32:0e:33:c2:99:5b:72:04:4d:fb:e4:bf:81:47:9a:
f1:6f:3d:00:a5:e5:22:21:03:f3:39:d3:ae:cc:ac:
a1:68:c4:18:38:32:f7:28:b7:95:14:df:5f:24:c3:
9c:72:ba:b2:23:4f:67:a1:4c:6a:39:da:4d:8b:66:
18:e3:89:d4:01:63:81:4d:bf:a6:50:59:bb:49:09:
e9:53:f8:e1:53:e6:17:d7:c3:6c:1d:a6:67:48:e9:
4a:7e:86:34:ca:3f:65:c9:f9:de:57:cd:1b:64:45:
01:19:19:57:b9:f9:ec:57:a6:d3:1c:d9:7a:fb:02:
c9:b5:4a:c9:01:53:07:70:4f:be:6f:34:d7:b9:d1:
1f:04:35:aa:f6:39:2f:2a:2d:19:be:35:47:c8:63:
77:b0:49:19:5f:be:b1:fd:be:24:a0:fa:3e:98:fb:
b1:5f:12:20:66:e6:e9:d4:8b:04:5e:2b:69:b9:54:
29:18:b5:73:47:4e:6e:8b:1f:45:95:9a:ac:cd:36:
56:cb:6f:6b:58:ff:e2:46:f1:e7:d5:a5:18:33:b0:
90:ac:b2:f1:bf:c8:c1:75:4b:aa:71:d3:85:a4:98:
be:da:54:e8:bb:c7:09:d8:2c:27:05:93:4a:50:1f:
ca:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:73:ED:FF:2B:E9:05:E6:F7:A0:48:9C:48:B2:A3:C6:B8:04:02:EE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1CB35122DAF011EFAD4CCE93762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.10.0/24
Signature Algorithm: sha256WithRSAEncryption
45:e7:58:6c:ba:00:6d:ec:e6:15:b5:8f:03:9d:0a:6c:b2:d5:
90:57:dd:5f:a4:b7:e0:e6:d9:3b:1f:8e:b3:b7:d2:9f:81:c6:
bf:27:4e:0a:76:1a:ca:10:59:d5:bd:c6:48:d1:d0:eb:da:03:
46:2b:db:e0:4c:2e:21:e2:f4:bd:93:bd:b0:99:eb:6e:9b:15:
bd:6a:4e:45:ca:fa:e2:9b:89:d5:d0:9b:08:02:4b:00:2c:fb:
a4:a1:85:dd:5f:12:7c:ad:59:2d:05:bc:fc:26:4d:b5:53:22:
db:d1:2e:0d:1f:11:7f:e8:c1:b6:76:23:ad:b5:bd:d7:2f:cc:
1f:03:82:47:7d:97:25:e3:6a:27:e9:c6:c4:27:f7:6a:7d:df:
be:a0:b3:7f:59:d0:01:b7:84:71:e4:8b:fa:6a:de:d6:92:b9:
f4:9e:ed:2b:69:14:b7:2f:fb:76:31:65:e1:23:b9:5b:33:84:
c9:bb:3d:71:4e:42:e0:96:04:46:ad:e3:09:2d:7b:86:82:de:
81:7d:46:97:96:32:cf:91:03:7e:cc:77:b2:3a:fa:fe:69:a7:
31:32:72:63:93:21:ca:42:b4:40:68:2b:59:ad:dd:ed:7f:66:
3f:aa:03:d6:e4:93:47:87:fe:36:dd:96:2c:63:33:b8:96:e7:
53:c8:8c:94
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUjvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI1MDc0MzQ0WhcNMjUwMjA3MDc0MzQ0WjAYMRYw
FAYDVQQDEw02Nzk0OTYzNC05MzZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtlS7+iyxehJUpMnQH9oyDjPCmVtyBE375L+BR5rxbz0ApeUiIQPzOdOu
zKyhaMQYODL3KLeVFN9fJMOccrqyI09noUxqOdpNi2YY44nUAWOBTb+mUFm7SQnp
U/jhU+YX18NsHaZnSOlKfoY0yj9lyfneV80bZEUBGRlXufnsV6bTHNl6+wLJtUrJ
AVMHcE++bzTXudEfBDWq9jkvKi0ZvjVHyGN3sEkZX76x/b4koPo+mPuxXxIgZubp
1IsEXitpuVQpGLVzR05uix9FlZqszTZWy29rWP/iRvHn1aUYM7CQrLLxv8jBdUuq
cdOFpJi+2lTou8cJ2CwnBZNKUB/KiQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPFz
7f8r6QXm96BInEiyo8a4BALuMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQ0IzNTEyMkRBRjAxMUVGQUQ0Q0NFOTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlYKMA0GCSqGSIb3DQEB
CwUAA4IBAQBF51hsugBt7OYVtY8DnQpsstWQV91fpLfg5tk7H46zt9Kfgca/J04K
dhrKEFnVvcZI0dDr2gNGK9vgTC4h4vS9k72wmetumxW9ak5Fyvrim4nV0JsIAksA
LPukoYXdXxJ8rVktBbz8Jk21UyLb0S4NHxF/6MG2diOttb3XL8wfA4JHfZcl42on
6cbEJ/dqfd++oLN/WdABt4Rx5Iv6at7Wkrn0nu0raRS3L/t2MWXhI7lbM4TJuz1x
TkLglgRGreMJLXuGgt6BfUaXljLPkQN+zHeyOvr+aacxMnJjkyHKQrRAaCtZrd3t
f2Y/qgPW5JNHh/423ZYsYzO4ludTyIyU
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:18:57 2025 by rpki-client