Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1D65BCB6C29C11EFABA713A3762E951A.roa
File: 1D65BCB6C29C11EFABA713A3762E951A.roa (raw, json)
Hash identifier: njM/tVGto5AscuGXJ3WChL2hK2rh3d6dQbpOkk6EMDg=
Subject key identifier: A5:FD:2E:3E:09:98:83:25:DC:BF:B1:8B:13:09:A6:FD:0F:54:89:DB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012506
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1D65BCB6C29C11EFABA713A3762E951A.roa
Signing time: Wed 25 Dec 2024 08:42:04 +0000
ROA not before: Wed 25 Dec 2024 08:42:00 +0000
ROA not after: Sun 09 Feb 2025 08:42:00 +0000
asID: 63139
IP address blocks: 154.223.27.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75014 (0x12506)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Dec 25 08:42:00 2024 GMT
Not After : Feb 9 08:42:00 2025 GMT
Subject: CN=676bc55b-4270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:38:f9:6c:59:81:72:1c:f5:7f:e1:7f:93:0c:
f6:58:f1:d4:78:de:52:56:b9:3b:cc:1c:a4:cc:3b:
4c:b2:d9:ae:cb:e8:b6:1c:6e:6c:9e:e4:ca:05:eb:
c7:b9:ca:ac:e0:a3:ae:e9:9b:47:34:fa:e8:9f:8f:
3b:bb:bb:a3:3c:1e:f2:c3:91:f5:9d:a8:b5:90:18:
6e:9d:b8:1e:cf:7e:40:13:d2:73:64:51:2d:99:47:
73:56:d7:49:c6:97:fa:7f:e3:52:f2:ac:a6:87:25:
bd:b7:49:a4:13:b3:43:81:13:3b:40:65:b8:86:9e:
b5:5d:94:9a:92:7a:cd:e0:c7:d6:d2:bc:fc:4f:38:
78:1b:e3:fe:b6:ab:46:a0:37:37:cf:4c:82:19:47:
4c:3c:13:a2:cb:ab:22:b7:a9:fa:c0:20:e1:d5:18:
f9:42:b1:7b:cd:15:13:ba:79:bb:94:1e:b8:29:3b:
ad:6a:d1:2d:91:60:7f:3e:63:1b:0c:f8:de:7d:03:
c2:24:4e:52:66:73:da:48:16:79:78:c6:f7:d7:a3:
8d:50:79:53:e5:33:ce:d8:82:2e:a4:c5:b1:25:7e:
4a:bc:ca:bb:f6:cd:91:7b:4e:f9:be:2a:ad:9d:53:
cc:8e:52:e7:c5:37:59:1c:f5:a7:6e:96:a8:5d:de:
94:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:FD:2E:3E:09:98:83:25:DC:BF:B1:8B:13:09:A6:FD:0F:54:89:DB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1D65BCB6C29C11EFABA713A3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.27.0/24
Signature Algorithm: sha256WithRSAEncryption
52:8b:02:d4:e4:b8:da:26:ea:74:17:75:3a:a5:f2:70:69:8b:
44:ee:2f:5d:48:be:f6:e4:a0:1c:99:c1:84:8d:71:0d:7b:64:
48:12:d3:24:cb:47:28:da:4c:e5:1e:4f:ac:99:1d:2d:e1:0f:
fd:7f:d3:fa:5d:1e:88:28:19:8c:59:58:3b:e1:d8:9d:0f:e6:
6e:8a:e9:6d:53:86:bb:bc:e4:e5:e4:54:5a:43:42:85:7e:cd:
0f:fc:16:17:f0:93:ca:6a:0a:bf:eb:a9:9d:07:02:57:0c:45:
a2:d2:4d:44:25:78:20:f1:ce:43:9c:ce:e3:94:49:bf:69:bf:
65:bf:54:38:66:26:2e:4f:ff:35:8b:d3:11:af:69:ef:ff:11:
f6:e6:64:b0:e0:0b:68:cf:17:9f:5b:89:2a:fe:fd:bf:11:8c:
8a:78:0e:0e:f2:0c:06:68:f3:81:38:75:43:66:da:ba:c5:fd:
cb:1b:12:fc:ff:c4:35:d4:24:67:32:be:a9:f5:b1:47:17:f8:
36:05:28:27:46:56:13:d8:76:74:f5:4e:db:c8:c8:91:3d:d7:
dc:3f:c0:5e:7e:bb:0e:bd:0e:f1:48:40:ab:d3:88:b0:2a:4f:
28:96:72:9b:24:a4:ca:ba:05:0d:b9:88:35:0c:52:3f:c0:98:
8d:35:41:3e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASUGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDg0MjAwWhcNMjUwMjA5MDg0MjAwWjAYMRYw
FAYDVQQDEw02NzZiYzU1Yi00MjcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyTj5bFmBchz1f+F/kwz2WPHUeN5SVrk7zBykzDtMstmuy+i2HG5snuTK
BevHucqs4KOu6ZtHNPron487u7ujPB7yw5H1nai1kBhunbgez35AE9JzZFEtmUdz
VtdJxpf6f+NS8qymhyW9t0mkE7NDgRM7QGW4hp61XZSaknrN4MfW0rz8Tzh4G+P+
tqtGoDc3z0yCGUdMPBOiy6sit6n6wCDh1Rj5QrF7zRUTunm7lB64KTutatEtkWB/
PmMbDPjefQPCJE5SZnPaSBZ5eMb316ONUHlT5TPO2IIupMWxJX5KvMq79s2Re075
viqtnVPMjlLnxTdZHPWnbpaoXd6UqwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKX9
Lj4JmIMl3L+xixMJpv0PVInbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xRDY1QkNCNkMyOUMxMUVGQUJBNzEzQTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt8bMA0GCSqGSIb3DQEB
CwUAA4IBAQBSiwLU5LjaJup0F3U6pfJwaYtE7i9dSL725KAcmcGEjXENe2RIEtMk
y0co2kzlHk+smR0t4Q/9f9P6XR6IKBmMWVg74didD+ZuiultU4a7vOTl5FRaQ0KF
fs0P/BYX8JPKagq/66mdBwJXDEWi0k1EJXgg8c5DnM7jlEm/ab9lv1Q4ZiYuT/81
i9MRr2nv/xH25mSw4AtozxefW4kq/v2/EYyKeA4O8gwGaPOBOHVDZtq6xf3LGxL8
/8Q11CRnMr6p9bFHF/g2BSgnRlYT2HZ09U7byMiRPdfcP8BefrsOvQ7xSECr04iw
Kk8olnKbJKTKugUNuYg1DFI/wJiNNUE+
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:28:35 2025 by rpki-client