Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20985A86CCD011EF837F2D7A762E951A.roa
File: 20985A86CCD011EF837F2D7A762E951A.roa (raw, json)
Hash identifier: DVjmk2kL7HmsS1CpyneNZb0L0BMHk6gafDUTv1vbb/o=
Subject key identifier: CE:81:B3:0F:9C:0B:D9:82:32:98:4F:7D:C0:3A:19:01:57:04:8E:06
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013671
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20985A86CCD011EF837F2D7A762E951A.roa
Signing time: Tue 07 Jan 2025 08:19:34 +0000
ROA not before: Tue 07 Jan 2025 08:19:31 +0000
ROA not after: Sun 02 Feb 2025 08:19:31 +0000
asID: 5065
IP address blocks: 154.86.8.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79473 (0x13671)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 7 08:19:31 2025 GMT
Not After : Feb 2 08:19:31 2025 GMT
Subject: CN=677ce396-9de5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e9:9f:dd:64:86:ff:d3:a6:30:94:61:fe:23:
db:71:31:19:61:9b:f3:51:62:81:98:1f:28:63:58:
3c:c5:d1:92:8b:27:bf:62:2d:0a:49:64:62:f7:ab:
dd:7f:31:c3:f6:78:d5:58:c4:ed:04:3c:6b:32:90:
34:7a:c1:03:0a:db:75:21:b3:1f:30:3f:1b:f7:f4:
a1:d4:4a:cb:dd:fe:4b:a8:3c:01:0d:75:f0:9c:9b:
e9:09:fc:d2:da:84:e5:c7:f8:35:6d:ef:8b:48:ef:
bb:15:38:be:52:49:43:65:bb:96:aa:8f:fb:ab:e8:
b3:f2:c8:aa:08:29:16:5c:eb:b1:b1:55:5f:01:2e:
c6:4e:c4:f3:01:bc:0f:a9:fc:2f:34:37:0a:74:81:
5a:5d:8a:72:3e:43:32:e4:65:2c:7b:09:6d:73:2e:
d6:f2:c1:13:41:fe:4b:49:91:4d:7d:95:c6:9b:24:
4b:18:d9:4e:4c:c7:e5:59:3b:92:0d:59:e7:e9:2d:
44:84:9b:57:ff:69:96:a0:b3:96:f1:5c:03:1f:6a:
03:d6:1b:1c:5d:09:e2:8b:68:68:4b:e6:9b:db:b2:
94:53:ca:c4:ae:df:88:ae:1d:6b:61:d8:6c:2d:86:
5d:27:d8:67:79:51:20:1c:8b:97:4d:18:f8:ed:c7:
1f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:81:B3:0F:9C:0B:D9:82:32:98:4F:7D:C0:3A:19:01:57:04:8E:06
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20985A86CCD011EF837F2D7A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.8.0/22
Signature Algorithm: sha256WithRSAEncryption
57:e3:3d:f1:85:a1:c9:2b:dd:d6:04:74:4d:f1:4b:e2:23:e8:
67:d2:33:dc:21:10:c8:bd:2a:4a:c3:92:96:4b:0b:f4:3f:03:
b2:4e:66:69:30:5e:89:07:01:69:54:74:ce:6b:05:2d:56:e4:
69:49:97:41:6e:6b:49:25:6a:6b:38:cb:2f:84:9d:73:3b:67:
19:10:fe:59:9e:09:52:ef:2b:c8:7a:32:ba:35:17:bb:bf:77:
68:e4:1d:c7:85:8f:3c:b1:6a:9d:b9:07:11:e5:d3:9f:8c:35:
a4:ed:32:48:1e:c7:25:3d:a0:b4:a6:a0:2b:2e:9e:2e:8b:0d:
bd:ae:35:0b:a0:7f:c5:ad:c4:b1:5d:ce:03:f3:c9:ed:8f:87:
f4:e4:ea:50:0f:da:4c:32:e1:8b:dd:7f:f2:39:a4:04:2d:db:
59:d9:e6:af:b7:53:cb:f9:8d:5c:1f:34:ab:f5:24:31:71:63:
6e:60:88:1f:74:2c:91:fa:6b:ea:c2:83:3f:10:d9:25:ac:61:
33:28:7b:19:0e:65:b6:23:5d:77:d1:26:ca:f2:de:2e:43:d0:
f5:18:a5:47:65:f6:ea:c9:db:aa:05:ed:b5:f1:90:5b:26:23:
28:3d:b1:56:8d:ec:8d:9a:31:86:18:1e:3a:f6:d5:d8:59:c5:
77:66:ee:a4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATZxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA3MDgxOTMxWhcNMjUwMjAyMDgxOTMxWjAYMRYw
FAYDVQQDEw02NzdjZTM5Ni05ZGU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuOmf3WSG/9OmMJRh/iPbcTEZYZvzUWKBmB8oY1g8xdGSiye/Yi0KSWRi
96vdfzHD9njVWMTtBDxrMpA0esEDCtt1IbMfMD8b9/Sh1ErL3f5LqDwBDXXwnJvp
CfzS2oTlx/g1be+LSO+7FTi+UklDZbuWqo/7q+iz8siqCCkWXOuxsVVfAS7GTsTz
AbwPqfwvNDcKdIFaXYpyPkMy5GUsewltcy7W8sETQf5LSZFNfZXGmyRLGNlOTMfl
WTuSDVnn6S1EhJtX/2mWoLOW8VwDH2oD1hscXQnii2hoS+ab27KUU8rErt+Irh1r
YdhsLYZdJ9hneVEgHIuXTRj47ccfLwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM6B
sw+cC9mCMphPfcA6GQFXBI4GMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMDk4NUE4NkNDRDAxMUVGODM3RjJEN0E3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlYIMA0GCSqGSIb3DQEB
CwUAA4IBAQBX4z3xhaHJK93WBHRN8UviI+hn0jPcIRDIvSpKw5KWSwv0PwOyTmZp
MF6JBwFpVHTOawUtVuRpSZdBbmtJJWprOMsvhJ1zO2cZEP5ZnglS7yvIejK6NRe7
v3do5B3HhY88sWqduQcR5dOfjDWk7TJIHsclPaC0pqArLp4uiw29rjULoH/FrcSx
Xc4D88ntj4f05OpQD9pMMuGL3X/yOaQELdtZ2eavt1PL+Y1cHzSr9SQxcWNuYIgf
dCyR+mvqwoM/ENklrGEzKHsZDmW2I1130SbK8t4uQ9D1GKVHZfbqyduqBe218ZBb
JiMoPbFWjeyNmjGGGB469tXYWcV3Zu6k
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:43:30 2025 by rpki-client