Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/38C69824DC9E11EF838A2566762E951A.roa
File: 38C69824DC9E11EF838A2566762E951A.roa (raw, json)
Hash identifier: AWzBKgQUyQZYD/vg68zMHpirChKkrrKClxOCXIOh1/k=
Subject key identifier: 5D:DB:36:16:68:D9:84:EB:99:AF:4E:6A:17:4E:C2:55:D3:E2:65:41
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014BC3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/38C69824DC9E11EF838A2566762E951A.roa
Signing time: Mon 27 Jan 2025 11:02:39 +0000
ROA not before: Mon 27 Jan 2025 11:02:35 +0000
ROA not after: Sat 08 Feb 2025 11:02:35 +0000
asID: 22773
IP address blocks: 154.88.10.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84931 (0x14bc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 27 11:02:35 2025 GMT
Not After : Feb 8 11:02:35 2025 GMT
Subject: CN=679767cf-3adf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8d:94:48:1d:47:b8:10:66:2e:7c:5e:00:b6:
c5:5f:46:e9:c3:ef:86:06:c7:61:d8:20:13:f0:06:
65:31:26:3b:14:c8:9f:04:1d:1c:9d:c1:7b:b2:43:
72:b8:17:22:19:b4:62:f4:ab:55:50:e9:e6:50:97:
c4:78:04:cb:dc:39:e2:0f:cb:12:2a:e6:b0:d7:fa:
d3:10:e3:e0:5b:1e:68:fa:89:8f:7a:30:65:fb:7a:
01:ed:ed:54:4c:94:c2:1e:fa:3e:33:45:b1:3f:09:
29:55:8d:81:61:6d:fc:09:65:c0:70:9a:0e:0d:e1:
7e:fa:35:34:d7:e3:e7:3b:fd:46:2b:b2:f5:d0:05:
39:ef:36:df:a6:bd:a9:60:cc:b6:93:82:0f:e7:0d:
7b:ae:d8:4a:f0:7f:be:a7:be:e6:75:a3:2a:99:0a:
52:93:b2:c3:5b:d5:70:58:ab:c4:c0:ba:3d:5a:34:
18:ec:18:e4:c8:1e:52:94:33:4e:5a:af:11:ff:8a:
1c:50:e6:90:1b:53:af:16:b3:aa:43:b5:05:15:61:
29:46:83:5c:5e:93:05:f5:80:71:59:b6:62:13:cc:
7e:6c:c5:ee:89:02:ae:b1:4a:e5:e5:e8:0f:a8:73:
69:49:8d:0a:f0:2d:bb:f4:bc:1b:cb:d7:7d:f9:92:
33:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:DB:36:16:68:D9:84:EB:99:AF:4E:6A:17:4E:C2:55:D3:E2:65:41
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/38C69824DC9E11EF838A2566762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.10.0/23
Signature Algorithm: sha256WithRSAEncryption
44:e1:5d:69:ba:a2:70:f5:3f:78:bd:64:25:0f:84:de:33:93:
98:c0:67:51:fa:bd:1b:9e:68:a9:7d:6c:d2:a1:ae:af:69:8f:
d4:4b:1a:32:b7:0c:77:9c:33:ca:5c:20:d1:ac:e8:fe:32:1b:
a2:af:85:0a:a6:f0:17:57:46:63:3b:aa:15:01:d7:06:e1:ed:
7b:1d:b5:ba:14:47:f4:a3:4f:73:19:8e:f3:eb:11:5e:b9:c3:
f9:c7:57:31:ba:67:80:08:dc:3b:7a:aa:04:e5:79:a8:93:4f:
b8:02:f1:3d:78:d4:e5:ba:cb:81:81:8a:a2:2d:7f:07:6c:79:
88:ef:52:1a:a9:9f:26:fc:2e:f8:fa:43:20:2f:c6:ba:96:0d:
ec:cb:14:cb:94:b2:0d:b7:df:26:2b:62:03:7a:c7:c3:1f:2c:
ea:0a:49:0a:f5:56:45:c1:bb:da:4c:77:c0:da:7f:13:8f:01:
75:78:2c:80:8e:ba:13:06:23:e8:8b:8f:35:62:34:ca:48:a1:
50:66:ae:c0:e8:b3:0d:a5:fb:d0:01:cf:0a:3e:d7:26:c5:7d:
01:d3:d7:a4:7a:fc:8f:39:32:01:3e:15:81:68:40:53:ae:e6:
30:e0:5b:86:09:e8:be:bd:c9:ab:7e:e5:9e:c0:80:5f:25:e5:
3b:7b:5a:f0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUvDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI3MTEwMjM1WhcNMjUwMjA4MTEwMjM1WjAYMRYw
FAYDVQQDEw02Nzk3NjdjZi0zYWRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuo2USB1HuBBmLnxeALbFX0bpw++GBsdh2CAT8AZlMSY7FMifBB0cncF7
skNyuBciGbRi9KtVUOnmUJfEeATL3DniD8sSKuaw1/rTEOPgWx5o+omPejBl+3oB
7e1UTJTCHvo+M0WxPwkpVY2BYW38CWXAcJoODeF++jU01+PnO/1GK7L10AU57zbf
pr2pYMy2k4IP5w17rthK8H++p77mdaMqmQpSk7LDW9VwWKvEwLo9WjQY7BjkyB5S
lDNOWq8R/4ocUOaQG1OvFrOqQ7UFFWEpRoNcXpMF9YBxWbZiE8x+bMXuiQKusUrl
5egPqHNpSY0K8C279Lwby9d9+ZIzMQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF3b
NhZo2YTrma9OahdOwlXT4mVBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zOEM2OTgyNERDOUUxMUVGODM4QTI1NjY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlgKMA0GCSqGSIb3DQEB
CwUAA4IBAQBE4V1puqJw9T94vWQlD4TeM5OYwGdR+r0bnmipfWzSoa6vaY/USxoy
twx3nDPKXCDRrOj+Mhuir4UKpvAXV0ZjO6oVAdcG4e17HbW6FEf0o09zGY7z6xFe
ucP5x1cxumeACNw7eqoE5Xmok0+4AvE9eNTlusuBgYqiLX8HbHmI71IaqZ8m/C74
+kMgL8a6lg3syxTLlLINt98mK2IDesfDHyzqCkkK9VZFwbvaTHfA2n8TjwF1eCyA
jroTBiPoi481YjTKSKFQZq7A6LMNpfvQAc8KPtcmxX0B09ekevyPOTIBPhWBaEBT
ruYw4FuGCei+vcmrfuWewIBfJeU7e1rw
-----END CERTIFICATE-----
Generated at Sun Apr 27 06:15:02 2025 by rpki-client