Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2D5E7B22D71D11EFA301AB8A762E951A.roa
File: 2D5E7B22D71D11EFA301AB8A762E951A.roa (raw, json)
Hash identifier: CZ08iO0fOjSff1TBv0+cABHRPn9f3gFmNNp1abdy00I=
Subject key identifier: D2:21:28:95:03:36:CA:F4:1E:00:0D:B4:FF:AC:11:9F:DA:D9:6B:3A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013E28
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2D5E7B22D71D11EFA301AB8A762E951A.roa
Signing time: Mon 20 Jan 2025 10:56:19 +0000
ROA not before: Mon 20 Jan 2025 10:56:15 +0000
ROA not after: Sat 01 Feb 2025 10:56:15 +0000
asID: 48031
IP address blocks: 154.92.12.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81448 (0x13e28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 20 10:56:15 2025 GMT
Not After : Feb 1 10:56:15 2025 GMT
Subject: CN=678e2bd3-358d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d1:7f:0d:81:db:ab:cc:8c:9e:1b:a8:67:92:
95:ba:ca:ea:06:57:a2:c5:71:40:1f:34:15:fb:f0:
6e:4d:cf:6a:ba:f5:0f:a9:01:c6:23:1c:a3:33:84:
3d:94:a1:21:28:82:0a:16:b3:a6:5e:4c:b4:74:a7:
48:bd:3c:91:46:4d:00:82:20:09:4d:9b:f1:04:63:
a8:49:c6:d6:7b:86:43:d2:e6:f8:83:7f:48:35:bf:
26:10:78:df:9d:d5:15:f5:76:83:26:b2:bc:1e:58:
ee:a8:a8:8f:da:84:f7:01:0a:75:2a:bd:ea:8a:ee:
e8:d5:d2:69:40:6a:f4:a3:1d:20:a3:95:5f:bf:96:
6c:5c:e1:59:0a:01:a2:f5:82:f1:ff:07:88:78:42:
cd:3b:d8:9b:a1:11:2b:ce:65:71:ea:53:58:08:b8:
a5:e4:ac:01:f1:67:f6:b2:98:1d:2b:d0:fc:c3:9f:
a0:61:56:18:47:c9:82:62:80:0f:b4:88:81:ec:a1:
c8:ca:36:1b:f0:7f:f4:1e:39:4d:75:ec:79:0c:84:
65:3b:66:f1:cf:28:d5:a3:b2:8b:8d:fb:22:02:cc:
dc:9c:bd:b3:ee:f0:bc:6a:df:b1:29:6e:93:7e:2d:
15:8e:f7:9b:9a:1e:d0:9e:9c:c8:c1:99:77:b1:00:
cf:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:21:28:95:03:36:CA:F4:1E:00:0D:B4:FF:AC:11:9F:DA:D9:6B:3A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2D5E7B22D71D11EFA301AB8A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.12.0/23
Signature Algorithm: sha256WithRSAEncryption
88:d1:a2:b8:6e:40:9d:6e:57:ae:76:5b:ab:7c:69:3a:6e:cc:
1c:8a:bb:52:d7:d0:ad:ae:fb:50:7c:27:bd:16:06:08:34:8a:
3e:98:73:bc:a5:3b:79:c0:07:7b:17:7e:62:94:5c:93:1c:b7:
93:98:23:f6:75:15:e2:2c:15:d9:94:d0:eb:35:a6:a8:e0:2a:
a7:3b:08:21:4d:45:9f:f8:d0:f4:3d:8d:ba:5b:16:e8:6b:83:
5a:4a:b0:71:e6:c2:ab:fe:f9:64:b3:ce:0c:b5:b4:67:fc:79:
d9:0d:e6:41:ce:4c:3f:a4:a8:bb:8c:76:59:4a:8d:35:5f:f9:
60:2b:77:58:6d:8d:09:69:3b:04:88:09:89:4e:dd:56:b1:5d:
fc:a7:69:17:22:9d:26:2f:7a:18:db:6d:d9:55:f4:f4:5f:d7:
a2:cf:bc:1b:f0:31:b4:70:1f:ee:d5:a2:7a:91:0f:c1:bf:ff:
96:00:e6:6a:ce:a4:6d:8c:45:f6:b0:92:20:75:59:a6:4f:19:
23:f4:ed:b0:9d:81:b1:83:a1:72:3f:91:cf:4b:94:9f:da:79:
85:cf:5b:7d:d7:b8:f8:fb:04:7b:98:aa:83:9e:78:17:0b:4f:
be:7d:c3:f2:41:c9:9b:59:d1:40:e0:b7:51:91:19:c8:40:27:
cc:10:8c:03
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT4oMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIwMTA1NjE1WhcNMjUwMjAxMTA1NjE1WjAYMRYw
FAYDVQQDEw02NzhlMmJkMy0zNThkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwtF/DYHbq8yMnhuoZ5KVusrqBleixXFAHzQV+/BuTc9quvUPqQHGIxyj
M4Q9lKEhKIIKFrOmXky0dKdIvTyRRk0AgiAJTZvxBGOoScbWe4ZD0ub4g39INb8m
EHjfndUV9XaDJrK8HljuqKiP2oT3AQp1Kr3qiu7o1dJpQGr0ox0go5Vfv5ZsXOFZ
CgGi9YLx/weIeELNO9iboRErzmVx6lNYCLil5KwB8Wf2spgdK9D8w5+gYVYYR8mC
YoAPtIiB7KHIyjYb8H/0HjlNdex5DIRlO2bxzyjVo7KLjfsiAszcnL2z7vC8at+x
KW6Tfi0Vjvebmh7QnpzIwZl3sQDP1QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNIh
KJUDNsr0HgANtP+sEZ/a2Ws6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRDVFN0IyMkQ3MUQxMUVGQTMwMUFCOEE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlwMMA0GCSqGSIb3DQEB
CwUAA4IBAQCI0aK4bkCdbleudlurfGk6bswcirtS19CtrvtQfCe9FgYINIo+mHO8
pTt5wAd7F35ilFyTHLeTmCP2dRXiLBXZlNDrNaao4CqnOwghTUWf+ND0PY26Wxbo
a4NaSrBx5sKr/vlks84MtbRn/HnZDeZBzkw/pKi7jHZZSo01X/lgK3dYbY0JaTsE
iAmJTt1WsV38p2kXIp0mL3oY223ZVfT0X9eiz7wb8DG0cB/u1aJ6kQ/Bv/+WAOZq
zqRtjEX2sJIgdVmmTxkj9O2wnYGxg6FyP5HPS5Sf2nmFz1t917j4+wR7mKqDnngX
C0++fcPyQcmbWdFA4LdRkRnIQCfMEIwD
-----END CERTIFICATE-----
Generated at Sat Apr 26 03:52:50 2025 by rpki-client