Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1E442EACD0BA11EF91FB4757762E951A.roa
File: 1E442EACD0BA11EF91FB4757762E951A.roa (raw, json)
Hash identifier: nM7aBqYkiwrMI3AiwqlCAoXcHtthlMT4aPIECw+1BpE=
Subject key identifier: 32:DE:89:DB:BC:D8:A0:02:E5:0D:D0:50:F5:E1:98:9C:D5:29:BE:D8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013AA0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1E442EACD0BA11EF91FB4757762E951A.roa
Signing time: Sun 12 Jan 2025 07:52:06 +0000
ROA not before: Sun 12 Jan 2025 07:52:03 +0000
ROA not after: Fri 14 Feb 2025 07:52:03 +0000
asID: 137899
IP address blocks: 154.222.16.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80544 (0x13aa0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 12 07:52:03 2025 GMT
Not After : Feb 14 07:52:03 2025 GMT
Subject: CN=678374a6-cc6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:96:31:ca:3c:95:c4:07:bd:4f:bc:76:6e:6f:
af:a3:2d:21:ea:76:df:57:46:92:0d:47:91:1e:fb:
38:47:8b:f2:87:30:fd:08:d9:86:3e:7f:75:9f:65:
1d:31:bb:6a:1a:06:43:fb:3f:c6:d6:74:22:c6:63:
38:95:00:bf:4a:a7:96:22:06:79:a2:0b:7a:bf:c3:
27:37:7f:b4:c8:66:e5:4e:37:dd:c2:47:e5:0c:8d:
df:c3:92:00:e1:c9:1e:27:13:15:7d:ee:58:f7:15:
de:c0:cd:8f:5b:13:d7:d7:32:f1:b1:c8:a4:a7:bf:
64:c2:25:51:82:25:d5:54:be:88:db:47:c8:93:5b:
49:81:ef:45:af:9b:d8:ab:7c:49:20:be:79:8b:c3:
a1:db:e5:82:0d:e6:c0:31:37:a0:66:fa:b3:1f:4c:
17:d4:77:34:8b:82:b1:9a:bf:2a:93:e4:66:50:e8:
d9:65:53:ab:a4:c3:4e:4a:ea:20:c2:6a:40:7d:e4:
d0:2d:ae:a9:83:fc:2a:1d:8e:b9:e9:98:16:d2:f3:
77:35:5e:3f:b2:ed:c0:cc:32:ea:37:b8:19:39:9a:
01:91:a7:eb:c7:7a:40:5c:d2:6d:0a:01:4b:66:87:
b6:5f:8d:77:d9:0b:2c:02:d4:8c:16:73:eb:0c:6d:
cb:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:DE:89:DB:BC:D8:A0:02:E5:0D:D0:50:F5:E1:98:9C:D5:29:BE:D8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1E442EACD0BA11EF91FB4757762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.16.0/21
Signature Algorithm: sha256WithRSAEncryption
5f:a2:38:94:02:bf:42:9c:c0:ce:ba:05:1f:1f:77:99:94:b7:
57:63:3d:26:9c:15:3d:aa:30:d8:17:5b:65:5e:fb:1b:a5:28:
d0:cb:b9:ab:99:de:21:96:f4:91:57:b9:56:79:c2:71:81:4d:
42:d8:cc:72:62:c7:89:11:c3:74:9e:cd:77:29:40:2d:58:01:
bf:e8:7e:7d:d4:4f:ba:d0:a8:8e:b6:84:b9:9b:94:6b:e0:38:
a7:50:0c:b8:45:83:db:f7:cf:d6:d1:87:7b:cb:cc:35:39:1e:
ed:26:4b:6d:b1:10:d1:48:ec:73:d3:93:36:f3:62:d6:b5:e0:
14:4b:ba:31:e4:03:19:ff:d7:74:d1:84:ee:27:d4:43:45:82:
9f:57:24:ed:c3:14:4d:43:1a:eb:eb:fb:32:01:e6:4e:03:e7:
b3:3a:bc:f9:f7:5d:b8:b8:53:d2:b7:5a:6d:ac:48:16:a4:93:
37:40:17:80:61:02:d2:81:21:20:d7:dc:de:90:06:bc:90:84:
fd:8d:9a:4a:f3:4c:3f:a6:72:90:01:c1:f2:25:fe:66:34:af:
12:ab:35:cf:58:c6:63:f4:ef:aa:64:f2:bd:4f:4d:0a:5b:0c:
19:b9:4b:98:fd:87:ae:39:8d:3e:f4:ec:8a:c0:ff:b6:bc:7e:
2c:7c:cc:d3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATqgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTEyMDc1MjAzWhcNMjUwMjE0MDc1MjAzWjAYMRYw
FAYDVQQDEw02NzgzNzRhNi1jYzZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA15YxyjyVxAe9T7x2bm+voy0h6nbfV0aSDUeRHvs4R4vyhzD9CNmGPn91
n2UdMbtqGgZD+z/G1nQixmM4lQC/SqeWIgZ5ogt6v8MnN3+0yGblTjfdwkflDI3f
w5IA4ckeJxMVfe5Y9xXewM2PWxPX1zLxscikp79kwiVRgiXVVL6I20fIk1tJge9F
r5vYq3xJIL55i8Oh2+WCDebAMTegZvqzH0wX1Hc0i4Kxmr8qk+RmUOjZZVOrpMNO
SuogwmpAfeTQLa6pg/wqHY656ZgW0vN3NV4/su3AzDLqN7gZOZoBkafrx3pAXNJt
CgFLZoe2X4132QssAtSMFnPrDG3LSQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDLe
idu82KAC5Q3QUPXhmJzVKb7YMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xRTQ0MkVBQ0QwQkExMUVGOTFGQjQ3NTc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmt4QMA0GCSqGSIb3DQEB
CwUAA4IBAQBfojiUAr9CnMDOugUfH3eZlLdXYz0mnBU9qjDYF1tlXvsbpSjQy7mr
md4hlvSRV7lWecJxgU1C2MxyYseJEcN0ns13KUAtWAG/6H591E+60KiOtoS5m5Rr
4DinUAy4RYPb98/W0Yd7y8w1OR7tJkttsRDRSOxz05M282LWteAUS7ox5AMZ/9d0
0YTuJ9RDRYKfVyTtwxRNQxrr6/syAeZOA+ezOrz59124uFPSt1ptrEgWpJM3QBeA
YQLSgSEg19zekAa8kIT9jZpK80w/pnKQAcHyJf5mNK8SqzXPWMZj9O+qZPK9T00K
WwwZuUuY/YeuOY0+9OyKwP+2vH4sfMzT
-----END CERTIFICATE-----
Generated at Sat Apr 26 20:35:55 2025 by rpki-client