Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2023932EDD7711EFAB6E0DA1762E951A.roa
File: 2023932EDD7711EFAB6E0DA1762E951A.roa (raw, json)
Hash identifier: oTF/Nc9Oiau7VLeazwVK7di2Fm/mHxywGR5pj5ghXbw=
Subject key identifier: 51:45:A7:12:01:F7:82:A6:49:97:67:2E:F9:FB:5E:E4:C6:A6:39:24
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014D20
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2023932EDD7711EFAB6E0DA1762E951A.roa
Signing time: Tue 28 Jan 2025 12:55:18 +0000
ROA not before: Tue 28 Jan 2025 12:55:14 +0000
ROA not after: Tue 25 Feb 2025 12:55:14 +0000
asID: 5065
IP address blocks: 154.206.34.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85280 (0x14d20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 28 12:55:14 2025 GMT
Not After : Feb 25 12:55:14 2025 GMT
Subject: CN=6798d3b6-90f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e0:72:75:0b:79:9b:05:32:87:b7:9b:7b:f1:
0f:80:c5:91:fb:4a:a8:b3:67:11:e9:86:82:67:96:
37:eb:fe:9b:91:12:f4:2b:a7:af:a8:42:2b:47:f4:
38:b2:3b:20:22:a3:ac:9e:6f:39:c1:44:42:2a:ce:
af:be:0c:d3:3a:59:6c:bb:67:0c:18:62:0b:6d:13:
ea:9e:59:db:ec:b6:38:39:8f:ee:1d:16:3a:76:e2:
8a:8e:ba:4b:79:3c:d5:16:bd:a7:af:84:7e:98:22:
c5:12:27:30:bb:3c:86:b8:6c:aa:82:88:24:1f:85:
a1:b8:6e:9e:10:47:02:5c:45:ea:ae:35:d7:a9:61:
a5:39:e6:5a:3b:f9:eb:ca:94:64:87:df:5f:d6:dd:
d8:ff:d0:a4:72:60:30:52:72:43:90:f1:d9:c6:bf:
f8:6a:2c:68:ee:81:ce:b2:3a:30:be:18:99:ad:4c:
30:08:2b:89:9a:d2:91:f7:96:5e:6f:6e:f2:30:95:
89:ad:a7:41:c6:29:f3:df:54:28:2f:56:7c:d7:74:
ec:d3:fc:60:d0:5b:5d:8a:4b:1f:3f:3d:fb:b3:7f:
78:2b:f3:a0:49:eb:0e:ab:a0:52:bd:e6:35:65:47:
10:3d:1a:19:b5:89:ac:9d:cc:10:eb:22:b1:e9:03:
50:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:45:A7:12:01:F7:82:A6:49:97:67:2E:F9:FB:5E:E4:C6:A6:39:24
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2023932EDD7711EFAB6E0DA1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.34.0/24
Signature Algorithm: sha256WithRSAEncryption
55:c5:db:d7:6e:85:2b:bb:c4:5e:e3:93:af:04:76:2c:81:6f:
71:01:52:7b:2f:d9:49:5d:b8:21:2b:ee:ed:70:fb:5f:bf:94:
4e:e9:b6:0e:81:5c:05:7a:65:32:9b:03:1e:f7:eb:2d:db:ba:
bd:b9:3a:85:88:17:95:36:9a:32:8f:06:d9:17:3c:7e:91:e9:
dc:2a:b1:77:84:aa:13:64:a7:bd:51:ff:30:19:65:a7:57:d4:
ad:55:31:ec:95:9b:03:47:dc:cd:1f:e8:d5:53:b8:75:ec:44:
0f:11:fe:7f:03:bf:8d:36:1d:08:44:1a:62:c4:35:7f:9e:c8:
cb:7e:6a:b4:0d:ee:60:46:af:d7:c5:a5:d3:67:75:61:81:9a:
be:37:9b:1d:b5:25:02:df:70:7d:9b:2d:9b:2d:ef:6f:54:bb:
04:88:f2:f2:72:ac:c6:2a:3f:65:d1:18:81:88:98:09:d1:bb:
27:6c:4a:c5:9f:f2:37:e0:8b:46:bd:c0:55:37:49:e2:47:57:
00:a4:67:b6:b9:73:e7:07:0a:94:8b:f2:b5:80:63:1e:d4:5f:
db:fe:26:2c:b4:a5:29:43:3c:c8:32:9a:3c:fc:09:fb:b8:29:
1f:fc:80:69:3d:4d:84:88:d1:ef:c4:f5:06:11:22:d2:1b:99:
56:00:d7:e0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAU0gMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI4MTI1NTE0WhcNMjUwMjI1MTI1NTE0WjAYMRYw
FAYDVQQDEw02Nzk4ZDNiNi05MGYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuuBydQt5mwUyh7ebe/EPgMWR+0qos2cR6YaCZ5Y36/6bkRL0K6evqEIr
R/Q4sjsgIqOsnm85wURCKs6vvgzTOllsu2cMGGILbRPqnlnb7LY4OY/uHRY6duKK
jrpLeTzVFr2nr4R+mCLFEicwuzyGuGyqgogkH4WhuG6eEEcCXEXqrjXXqWGlOeZa
O/nrypRkh99f1t3Y/9CkcmAwUnJDkPHZxr/4aixo7oHOsjowvhiZrUwwCCuJmtKR
95Zeb27yMJWJradBxinz31QoL1Z813Ts0/xg0FtdiksfPz37s394K/OgSesOq6BS
veY1ZUcQPRoZtYmsncwQ6yKx6QNQtQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFFF
pxIB94KmSZdnLvn7XuTGpjkkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMDIzOTMyRURENzcxMUVGQUI2RTBEQTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms4iMA0GCSqGSIb3DQEB
CwUAA4IBAQBVxdvXboUru8Re45OvBHYsgW9xAVJ7L9lJXbghK+7tcPtfv5RO6bYO
gVwFemUymwMe9+st27q9uTqFiBeVNpoyjwbZFzx+kencKrF3hKoTZKe9Uf8wGWWn
V9StVTHslZsDR9zNH+jVU7h17EQPEf5/A7+NNh0IRBpixDV/nsjLfmq0De5gRq/X
xaXTZ3VhgZq+N5sdtSUC33B9my2bLe9vVLsEiPLycqzGKj9l0RiBiJgJ0bsnbErF
n/I34ItGvcBVN0niR1cApGe2uXPnBwqUi/K1gGMe1F/b/iYstKUpQzzIMpo8/An7
uCkf/IBpPU2EiNHvxPUGESLSG5lWANfg
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:16:22 2025 by rpki-client