Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2F691402DFFD11EF8BAB339D762E951A.roa
File: 2F691402DFFD11EF8BAB339D762E951A.roa (raw, json)
Hash identifier: BkLslGE4VL9M/yILZCBVixJR2pZSJPBoTLD1YSSrgNk=
Subject key identifier: 40:24:21:85:BD:63:BA:ED:40:95:74:A9:4A:82:FA:01:F6:78:11:D4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014E41
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2F691402DFFD11EF8BAB339D762E951A.roa
Signing time: Fri 31 Jan 2025 17:59:59 +0000
ROA not before: Fri 31 Jan 2025 17:59:55 +0000
ROA not after: Mon 03 Mar 2025 17:59:55 +0000
asID: 54600
IP address blocks: 154.207.208.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85569 (0x14e41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 31 17:59:55 2025 GMT
Not After : Mar 3 17:59:55 2025 GMT
Subject: CN=679d0f9f-4d53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:02:13:aa:20:fa:66:f6:d0:c0:f2:a9:5e:5b:
fa:fe:42:fc:ed:2f:0f:ef:c2:1c:37:d4:fb:72:b6:
61:9d:7a:29:a2:fa:8d:55:54:b8:e6:5c:97:80:71:
8e:28:9b:b8:11:29:d1:81:09:97:eb:63:74:76:b2:
e2:fd:44:1e:22:a2:94:e6:dc:1d:e8:a1:57:d5:8b:
b0:55:e7:da:24:45:d7:69:82:ac:f3:0e:c8:f2:13:
69:9f:03:18:db:19:87:f4:57:e9:0a:1a:7a:2c:bc:
a8:eb:57:f5:2a:f6:a7:b6:8a:d5:fd:73:28:51:6a:
fa:67:ed:fb:ae:b8:4e:a3:14:d3:77:be:41:ea:8e:
c4:f7:e4:e4:35:6e:a2:0f:c7:d8:3c:e8:a9:ca:62:
bb:9d:2e:2c:3f:6a:d4:e6:34:92:a1:28:f4:b2:b0:
b7:cc:fd:d6:fd:9e:4e:00:9c:a5:11:4d:b1:bc:43:
a7:4f:c4:aa:3e:70:2f:d0:12:02:82:60:4e:5c:ac:
a7:5f:9b:bb:34:ae:2a:d1:10:60:05:19:a1:40:66:
77:bd:18:59:33:cc:d5:5a:86:ab:82:1f:27:a3:92:
51:b5:64:ae:79:08:b2:0e:21:26:26:bc:75:2b:63:
5d:fe:22:99:fe:de:00:90:37:c1:dd:d4:18:88:03:
8f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:24:21:85:BD:63:BA:ED:40:95:74:A9:4A:82:FA:01:F6:78:11:D4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2F691402DFFD11EF8BAB339D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.208.0/21
Signature Algorithm: sha256WithRSAEncryption
2d:66:9f:c0:a8:6d:ae:86:57:ae:4f:a7:96:f0:42:d4:2d:05:
80:e9:09:10:77:87:e7:eb:d9:6e:d3:38:1f:9b:25:d5:25:26:
5f:0d:26:dc:b1:cc:ea:5d:67:9d:00:16:cc:ed:70:14:de:97:
3e:ce:2a:a2:b8:a0:ee:09:09:15:b6:c8:71:26:9a:14:05:b5:
a4:d9:91:d8:4f:2c:d2:99:e4:70:09:34:f8:ea:29:37:1e:85:
da:ef:ac:27:be:98:b8:84:c0:9a:00:d3:71:67:42:92:3a:34:
83:3c:3a:59:92:a6:40:c3:87:45:e8:26:5b:53:a8:04:89:3f:
61:79:6f:9d:1e:79:5f:c6:21:37:27:38:87:8a:17:af:80:47:
89:0e:7a:b8:85:b5:cb:a2:45:0e:f8:bd:a0:3f:bd:5d:ac:a4:
da:ca:b9:cc:15:a9:6b:e7:72:de:07:a3:e7:6c:b5:fc:fa:f1:
bf:b2:86:ec:b2:31:d0:4a:59:93:c8:b6:96:3d:57:12:be:7c:
09:4c:ca:c0:67:df:7a:07:2f:f6:40:db:7b:4e:c1:e5:2f:69:
a1:ce:65:94:3b:c8:45:3b:d0:91:93:5c:fe:6a:74:53:06:28:
43:4c:97:3d:50:0a:9a:27:7a:48:86:cb:9c:58:b9:0a:41:6c:
13:aa:15:42
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAU5BMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTMxMTc1OTU1WhcNMjUwMzAzMTc1OTU1WjAYMRYw
FAYDVQQDEw02NzlkMGY5Zi00ZDUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtwITqiD6ZvbQwPKpXlv6/kL87S8P78IcN9T7crZhnXopovqNVVS45lyX
gHGOKJu4ESnRgQmX62N0drLi/UQeIqKU5twd6KFX1YuwVefaJEXXaYKs8w7I8hNp
nwMY2xmH9FfpChp6LLyo61f1KvantorV/XMoUWr6Z+37rrhOoxTTd75B6o7E9+Tk
NW6iD8fYPOipymK7nS4sP2rU5jSSoSj0srC3zP3W/Z5OAJylEU2xvEOnT8SqPnAv
0BICgmBOXKynX5u7NK4q0RBgBRmhQGZ3vRhZM8zVWoargh8no5JRtWSueQiyDiEm
Jrx1K2Nd/iKZ/t4AkDfB3dQYiAOPTwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEAk
IYW9Y7rtQJV0qUqC+gH2eBHUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRjY5MTQwMkRGRkQxMUVGOEJBQjMzOUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDms/QMA0GCSqGSIb3DQEB
CwUAA4IBAQAtZp/AqG2uhleuT6eW8ELULQWA6QkQd4fn69lu0zgfmyXVJSZfDSbc
sczqXWedABbM7XAU3pc+ziqiuKDuCQkVtshxJpoUBbWk2ZHYTyzSmeRwCTT46ik3
HoXa76wnvpi4hMCaANNxZ0KSOjSDPDpZkqZAw4dF6CZbU6gEiT9heW+dHnlfxiE3
JziHihevgEeJDnq4hbXLokUO+L2gP71drKTayrnMFalr53LeB6PnbLX8+vG/sobs
sjHQSlmTyLaWPVcSvnwJTMrAZ996By/2QNt7TsHlL2mhzmWUO8hFO9CRk1z+anRT
BihDTJc9UAqaJ3pIhsucWLkKQWwTqhVC
-----END CERTIFICATE-----
Generated at Sat Apr 26 11:35:45 2025 by rpki-client