Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43E0B3B2DC9D11EFBCABFF5D762E951A.roa
File: 43E0B3B2DC9D11EFBCABFF5D762E951A.roa (raw, json)
Hash identifier: cw/f0ZPRihmmWn1PDf/ZpECVwGfzio0avRMoaJ8lwKc=
Subject key identifier: 8F:2A:FA:5C:16:55:52:2A:CC:D5:63:2D:B1:64:51:65:18:0D:DE:E0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014BBD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43E0B3B2DC9D11EFBCABFF5D762E951A.roa
Signing time: Mon 27 Jan 2025 10:55:48 +0000
ROA not before: Mon 27 Jan 2025 10:55:44 +0000
ROA not after: Sat 08 Feb 2025 10:55:44 +0000
asID: 5065
IP address blocks: 154.85.110.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84925 (0x14bbd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 27 10:55:44 2025 GMT
Not After : Feb 8 10:55:44 2025 GMT
Subject: CN=67976634-6b90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b2:d9:44:6d:f0:28:12:50:ef:93:34:b2:f5:
a9:83:38:ea:b0:fd:a3:e3:cb:51:6a:2d:f6:c3:fb:
b2:2f:86:74:41:43:01:4b:b1:50:e8:6c:3a:71:8c:
62:4e:ac:e8:5e:ba:16:44:ea:99:4b:68:65:37:38:
e2:69:8e:2e:fa:22:b1:98:94:c5:60:0a:47:f8:b2:
82:9d:ba:a9:3a:d8:9e:f1:3f:aa:e5:90:e6:f9:2c:
aa:db:ee:c6:7e:62:96:dc:ff:f6:78:81:d0:a7:28:
62:9b:54:93:e0:be:93:56:47:7c:58:60:8d:19:fa:
67:4c:c7:a8:f6:cc:32:93:ab:ec:1e:f1:cc:bd:96:
3d:bf:fd:a2:cb:f5:69:14:7d:36:0b:1d:b2:74:e7:
d9:35:71:c1:b5:a6:ce:88:68:03:dc:0a:7f:a0:90:
a3:a4:3f:0b:2d:4e:83:95:33:06:42:d2:e1:fd:50:
b0:5d:cf:e5:1e:58:9d:51:dd:ea:1f:96:23:80:a5:
4a:d7:b1:75:a9:16:89:21:cb:58:35:88:9e:e6:8a:
72:4c:fa:ac:eb:32:4a:dd:fe:1b:f4:a4:1c:d5:f6:
d1:22:ce:51:ba:19:0a:b7:9e:6e:85:09:e6:f5:05:
21:0a:bb:00:59:ba:27:84:92:69:cc:6d:06:5e:3f:
86:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:2A:FA:5C:16:55:52:2A:CC:D5:63:2D:B1:64:51:65:18:0D:DE:E0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43E0B3B2DC9D11EFBCABFF5D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.110.0/24
Signature Algorithm: sha256WithRSAEncryption
49:3a:55:01:17:72:3b:a2:35:50:e6:d9:8b:11:1f:3a:56:28:
d4:99:f3:b4:1d:f4:6f:81:df:53:08:7c:b1:bf:d9:87:04:aa:
4a:1d:45:04:95:ca:e6:22:2a:62:a5:0e:cf:a7:3c:da:25:a0:
06:3a:c8:36:4e:70:c2:e7:a4:ae:cd:a4:42:79:54:ad:85:fb:
b4:b0:e9:67:1d:ba:6a:48:6d:56:c0:4c:b6:90:71:f4:f7:57:
7b:ee:d8:ed:f0:fb:cb:db:33:6e:3b:9c:1c:73:a2:3a:b9:3b:
f9:7c:57:56:e7:ce:cf:f1:e3:aa:1b:6e:31:38:84:e1:f6:ab:
bd:48:28:b1:02:ea:6b:1b:16:52:d2:ec:99:43:92:39:14:93:
44:30:54:1b:97:d2:07:be:b7:31:42:c7:ef:a1:ff:6d:7d:81:
b1:b3:52:58:22:56:5c:f5:a3:d2:c7:07:b8:da:79:20:89:41:
85:d3:47:94:25:f6:8d:37:f1:62:4d:c9:7c:39:cc:a1:80:da:
f0:02:63:9b:b6:dd:ed:4b:b0:57:c1:fd:b7:89:a1:90:f1:ae:
b4:eb:61:76:39:62:d9:00:67:59:ae:9c:ea:d4:60:f1:d6:04:
2c:7d:03:82:24:0f:68:e1:6f:ac:29:52:85:af:97:4b:ff:49:
5d:df:7b:bb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUu9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI3MTA1NTQ0WhcNMjUwMjA4MTA1NTQ0WjAYMRYw
FAYDVQQDEw02Nzk3NjYzNC02YjkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApbLZRG3wKBJQ75M0svWpgzjqsP2j48tRai32w/uyL4Z0QUMBS7FQ6Gw6
cYxiTqzoXroWROqZS2hlNzjiaY4u+iKxmJTFYApH+LKCnbqpOtie8T+q5ZDm+Syq
2+7GfmKW3P/2eIHQpyhim1ST4L6TVkd8WGCNGfpnTMeo9swyk6vsHvHMvZY9v/2i
y/VpFH02Cx2ydOfZNXHBtabOiGgD3Ap/oJCjpD8LLU6DlTMGQtLh/VCwXc/lHlid
Ud3qH5YjgKVK17F1qRaJIctYNYie5opyTPqs6zJK3f4b9KQc1fbRIs5RuhkKt55u
hQnm9QUhCrsAWbonhJJpzG0GXj+GfwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI8q
+lwWVVIqzNVjLbFkUWUYDd7gMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80M0UwQjNCMkRDOUQxMUVGQkNBQkZGNUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlVuMA0GCSqGSIb3DQEB
CwUAA4IBAQBJOlUBF3I7ojVQ5tmLER86VijUmfO0HfRvgd9TCHyxv9mHBKpKHUUE
lcrmIipipQ7PpzzaJaAGOsg2TnDC56SuzaRCeVSthfu0sOlnHbpqSG1WwEy2kHH0
91d77tjt8PvL2zNuO5wcc6I6uTv5fFdW587P8eOqG24xOITh9qu9SCixAuprGxZS
0uyZQ5I5FJNEMFQbl9IHvrcxQsfvof9tfYGxs1JYIlZc9aPSxwe42nkgiUGF00eU
JfaNN/FiTcl8OcyhgNrwAmObtt3tS7BXwf23iaGQ8a6062F2OWLZAGdZrpzq1GDx
1gQsfQOCJA9o4W+sKVKFr5dL/0ld33u7
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:40:49 2025 by rpki-client