Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1FCE414ADE1611EFA73B9554762E951A.roa
File: 1FCE414ADE1611EFA73B9554762E951A.roa (raw, json)
Hash identifier: x/k5SEUBpMqCf8dyvKu8ZDcVZ3DAxrzgAO96ZFf2Qa0=
Subject key identifier: E3:9B:6C:E3:7E:4C:55:EB:13:26:35:F2:98:08:76:60:9A:DC:92:BD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014D38
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1FCE414ADE1611EFA73B9554762E951A.roa
Signing time: Wed 29 Jan 2025 07:53:28 +0000
ROA not before: Wed 29 Jan 2025 07:53:24 +0000
ROA not after: Wed 05 Mar 2025 07:53:24 +0000
asID: 203020
IP address blocks: 154.206.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85304 (0x14d38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 29 07:53:24 2025 GMT
Not After : Mar 5 07:53:24 2025 GMT
Subject: CN=6799de77-b576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:1a:0d:eb:eb:7f:c1:f2:e2:ad:d8:1f:7b:e0:
5b:67:a8:8b:5d:9d:92:4a:a6:a5:e0:9b:aa:69:9c:
0f:88:06:9e:cb:bf:3d:47:52:44:bd:5f:1b:83:37:
a3:b9:06:68:92:0d:e9:8b:90:21:78:c4:b0:41:4a:
2b:3c:b7:ee:48:7a:ec:60:92:42:a8:6b:43:45:c0:
b9:79:08:1a:d1:9d:68:32:95:25:c4:f0:cc:fc:dc:
f5:9f:05:af:47:fd:60:c8:f2:02:84:1d:c9:04:02:
07:60:83:66:82:5b:39:09:03:e9:d4:73:7e:f6:37:
19:9e:c5:ff:75:34:23:75:56:70:77:67:5b:5a:57:
ec:fb:7a:ca:9f:77:79:c4:a8:36:57:25:0b:a1:dd:
5f:30:46:dc:5a:03:6b:9d:33:37:0f:8c:7a:8d:18:
4f:d0:32:dc:df:b9:8c:99:72:5b:f5:b5:74:20:da:
f2:55:7b:75:a7:e3:11:63:53:52:90:e7:0e:a5:21:
f8:4f:e5:24:ee:69:e4:e9:bf:7a:e8:cc:96:54:93:
24:07:47:38:2b:f8:f0:36:02:74:47:90:7b:4d:12:
32:89:1b:13:ac:ff:16:39:35:80:88:64:59:eb:37:
be:1e:fd:35:39:eb:52:17:01:af:7c:3d:c4:b7:41:
e1:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:9B:6C:E3:7E:4C:55:EB:13:26:35:F2:98:08:76:60:9A:DC:92:BD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1FCE414ADE1611EFA73B9554762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.13.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:d3:08:0d:91:5e:14:bb:a3:9f:c4:f8:02:40:3d:15:2c:ae:
2e:30:46:96:07:b1:38:96:84:cb:60:97:74:03:07:34:ca:12:
f1:c9:85:fa:06:fa:7c:6d:7d:46:2d:51:a0:4e:12:0f:56:c4:
1b:b9:b0:db:15:b8:b4:56:9e:e7:61:9f:32:6d:eb:a7:1e:93:
32:aa:0c:aa:a5:6b:c6:67:29:35:bc:8e:0e:d2:82:d5:71:22:
b9:c6:63:a7:a9:1f:41:ec:7a:a3:43:8d:d5:eb:5c:5c:d9:c1:
e9:3d:39:4a:49:c3:f5:72:2d:a1:de:cf:fc:59:60:88:a5:71:
a2:27:7b:f1:b6:e7:56:53:64:17:9b:f2:13:31:67:28:6f:78:
44:33:8d:9a:84:3d:6d:31:14:0f:83:6a:01:2c:f7:67:21:e5:
23:5f:91:98:e9:41:86:a4:b2:2a:16:5a:cd:78:a5:8e:2f:94:
a4:c6:f0:a8:eb:31:9d:0d:03:c5:67:a1:f1:b0:75:d4:f8:97:
82:e5:08:34:66:91:d4:c4:3c:0e:fc:ff:1e:a0:8f:71:65:be:
d9:ae:19:58:1e:ca:66:30:93:ee:85:f5:15:a7:de:87:d6:ac:
cd:36:73:c1:a4:72:fd:9d:f9:0c:65:67:7e:1c:54:b5:c3:a1:
ff:90:23:27
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAU04MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI5MDc1MzI0WhcNMjUwMzA1MDc1MzI0WjAYMRYw
FAYDVQQDEw02Nzk5ZGU3Ny1iNTc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6RoN6+t/wfLirdgfe+BbZ6iLXZ2SSqal4JuqaZwPiAaey789R1JEvV8b
gzejuQZokg3pi5AheMSwQUorPLfuSHrsYJJCqGtDRcC5eQga0Z1oMpUlxPDM/Nz1
nwWvR/1gyPIChB3JBAIHYINmgls5CQPp1HN+9jcZnsX/dTQjdVZwd2dbWlfs+3rK
n3d5xKg2VyULod1fMEbcWgNrnTM3D4x6jRhP0DLc37mMmXJb9bV0INryVXt1p+MR
Y1NSkOcOpSH4T+Uk7mnk6b966MyWVJMkB0c4K/jwNgJ0R5B7TRIyiRsTrP8WOTWA
iGRZ6ze+Hv01OetSFwGvfD3Et0Hh8QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOOb
bON+TFXrEyY18pgIdmCa3JK9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xRkNFNDE0QURFMTYxMUVGQTczQjk1NTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms4NMA0GCSqGSIb3DQEB
CwUAA4IBAQAe0wgNkV4Uu6OfxPgCQD0VLK4uMEaWB7E4loTLYJd0Awc0yhLxyYX6
Bvp8bX1GLVGgThIPVsQbubDbFbi0Vp7nYZ8ybeunHpMyqgyqpWvGZyk1vI4O0oLV
cSK5xmOnqR9B7HqjQ43V61xc2cHpPTlKScP1ci2h3s/8WWCIpXGiJ3vxtudWU2QX
m/ITMWcob3hEM42ahD1tMRQPg2oBLPdnIeUjX5GY6UGGpLIqFlrNeKWOL5SkxvCo
6zGdDQPFZ6HxsHXU+JeC5Qg0ZpHUxDwO/P8eoI9xZb7ZrhlYHspmMJPuhfUVp96H
1qzNNnPBpHL9nfkMZWd+HFS1w6H/kCMn
-----END CERTIFICATE-----
Generated at Fri Apr 25 16:43:19 2025 by rpki-client