Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/31DDF9ECDFFC11EF8FFF2898762E951A.roa
File: 31DDF9ECDFFC11EF8FFF2898762E951A.roa (raw, json)
Hash identifier: LsgDUBIPfSffP6V6VzBg7E3CcVSx/wdCK7QlNmnKHEo=
Subject key identifier: D2:8D:E5:5B:86:F3:07:28:6B:78:3B:24:03:5B:96:49:14:B4:FF:64
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014E37
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/31DDF9ECDFFC11EF8FFF2898762E951A.roa
Signing time: Fri 31 Jan 2025 17:52:53 +0000
ROA not before: Fri 31 Jan 2025 17:52:50 +0000
ROA not after: Mon 03 Mar 2025 17:52:50 +0000
asID: 54600
IP address blocks: 154.202.224.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85559 (0x14e37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 31 17:52:50 2025 GMT
Not After : Mar 3 17:52:50 2025 GMT
Subject: CN=679d0df5-d6fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:2b:fd:f3:cd:1a:bc:6a:d6:59:16:30:9b:97:
40:5d:4f:2a:ca:dc:62:32:3a:76:c1:ac:2e:c0:2f:
68:23:4a:a2:de:ed:4e:2b:5a:21:1f:ba:8c:46:fa:
93:1a:32:34:e0:0f:e3:a7:a8:5b:2b:d5:e8:f1:a1:
98:9e:df:0e:c0:ad:bf:4d:93:e1:d5:db:84:e0:3a:
1e:ec:28:a4:7e:06:63:56:24:f0:dc:d1:fc:11:b3:
36:fb:2d:1c:de:32:9e:db:b6:b4:2a:ea:f4:b9:b8:
c1:07:fa:4f:be:00:d0:a4:dc:58:14:b0:06:8b:74:
83:99:e1:c5:db:d0:37:40:15:1a:2d:de:b5:75:b3:
e3:d7:52:64:20:53:10:cc:be:98:02:7f:d2:72:09:
f8:1b:7b:11:de:f6:de:ec:13:7c:93:bc:77:48:bd:
56:d7:bd:e2:72:45:c2:6c:0c:85:16:b2:4e:a4:3e:
09:5f:f0:dd:cc:a3:c6:bc:74:3a:3f:44:0b:62:11:
bf:c4:37:98:5d:f9:4d:36:b0:db:17:63:11:b5:06:
b5:3a:73:5c:16:2a:22:99:36:17:88:49:49:86:54:
3d:ac:5c:f3:b9:a5:30:d7:9e:8a:0f:cf:0a:15:00:
9a:16:20:52:80:e9:1c:f9:01:d6:63:a0:7d:39:38:
cb:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:8D:E5:5B:86:F3:07:28:6B:78:3B:24:03:5B:96:49:14:B4:FF:64
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/31DDF9ECDFFC11EF8FFF2898762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.224.0/20
Signature Algorithm: sha256WithRSAEncryption
3e:4d:e7:4b:7f:f4:82:0f:b4:49:b8:49:86:43:fe:af:91:2f:
1a:ce:27:37:39:d0:d5:46:5f:f7:8d:55:9b:b3:47:2c:e0:5b:
d7:ea:0d:8e:05:38:15:cb:99:93:41:35:f4:df:eb:14:6a:16:
6d:0e:ad:7e:d0:c0:fa:3b:a2:e2:3b:7e:4b:f7:5d:4b:f4:99:
b9:77:2e:9f:54:2f:1f:1d:0b:a7:92:36:74:12:2f:4e:49:74:
ee:40:82:80:0d:f0:ba:25:1a:61:0f:72:22:32:f3:25:c5:37:
ca:7f:aa:68:6c:3e:51:e1:d0:11:4e:ee:5c:33:70:b9:18:6c:
a1:61:41:bd:ca:f9:10:55:92:78:52:f0:93:30:2d:8b:fe:30:
18:6c:8a:ef:ca:f8:18:2b:7e:73:61:4d:a2:77:24:fb:ff:af:
78:1b:c1:be:9c:40:58:e7:33:b3:b3:92:7d:e6:f0:ab:8d:b0:
9f:89:17:f9:dd:21:4b:b8:61:50:23:c1:25:b2:5f:a8:21:20:
41:08:f5:79:68:ab:ae:fd:24:78:30:67:e8:16:f2:d2:88:e6:
aa:ef:3d:55:44:4d:46:1f:8b:31:d0:c5:ef:cb:44:ce:32:a7:
56:1a:62:e5:79:a5:83:25:e9:f8:10:96:73:b6:e9:21:93:90:
26:0c:ee:40
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAU43MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTMxMTc1MjUwWhcNMjUwMzAzMTc1MjUwWjAYMRYw
FAYDVQQDEw02NzlkMGRmNS1kNmZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8Cv9880avGrWWRYwm5dAXU8qytxiMjp2wawuwC9oI0qi3u1OK1ohH7qM
RvqTGjI04A/jp6hbK9Xo8aGYnt8OwK2/TZPh1duE4Doe7CikfgZjViTw3NH8EbM2
+y0c3jKe27a0Kur0ubjBB/pPvgDQpNxYFLAGi3SDmeHF29A3QBUaLd61dbPj11Jk
IFMQzL6YAn/Scgn4G3sR3vbe7BN8k7x3SL1W173ickXCbAyFFrJOpD4JX/DdzKPG
vHQ6P0QLYhG/xDeYXflNNrDbF2MRtQa1OnNcFioimTYXiElJhlQ9rFzzuaUw156K
D88KFQCaFiBSgOkc+QHWY6B9OTjLgwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNKN
5VuG8wcoa3g7JANblkkUtP9kMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMURERjlFQ0RGRkMxMUVGOEZGRjI4OTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmsrgMA0GCSqGSIb3DQEB
CwUAA4IBAQA+TedLf/SCD7RJuEmGQ/6vkS8azic3OdDVRl/3jVWbs0cs4FvX6g2O
BTgVy5mTQTX03+sUahZtDq1+0MD6O6LiO35L911L9Jm5dy6fVC8fHQunkjZ0Ei9O
SXTuQIKADfC6JRphD3IiMvMlxTfKf6pobD5R4dARTu5cM3C5GGyhYUG9yvkQVZJ4
UvCTMC2L/jAYbIrvyvgYK35zYU2idyT7/694G8G+nEBY5zOzs5J95vCrjbCfiRf5
3SFLuGFQI8Elsl+oISBBCPV5aKuu/SR4MGfoFvLSiOaq7z1VRE1GH4sx0MXvy0TO
MqdWGmLleaWDJen4EJZztukhk5AmDO5A
-----END CERTIFICATE-----
Generated at Sat Apr 26 11:30:59 2025 by rpki-client