Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/480A5F12D8E011EF9758369F762E951A.roa
File: 480A5F12D8E011EF9758369F762E951A.roa (raw, json)
Hash identifier: xV8x0uRg3oDRKJfon/P5nwBC5+S6wMihkqumDdiLw3U=
Subject key identifier: B2:30:45:8B:94:E8:BF:BB:0F:51:E7:89:49:16:ED:1B:4C:2E:ED:5E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013FF0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/480A5F12D8E011EF9758369F762E951A.roa
Signing time: Wed 22 Jan 2025 16:45:26 +0000
ROA not before: Wed 22 Jan 2025 16:45:23 +0000
ROA not after: Sat 15 Mar 2025 16:45:23 +0000
asID: 138915
IP address blocks: 154.206.82.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81904 (0x13ff0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 22 16:45:23 2025 GMT
Not After : Mar 15 16:45:23 2025 GMT
Subject: CN=679120a6-5694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:70:be:b7:e7:1c:d1:b9:f2:ef:71:d3:c5:e7:
77:62:10:e5:b1:58:bd:f3:cc:10:a4:82:b2:0b:a7:
2a:39:c2:fc:a3:17:86:bc:3a:57:f7:5b:e4:27:ff:
f9:af:bf:9d:bc:52:9b:1b:59:d0:2f:4d:bf:ae:4b:
f7:c5:aa:e8:05:4f:d1:98:5d:99:53:98:76:3a:91:
94:7a:a9:b2:18:0e:5c:36:43:b7:f9:84:56:ad:d7:
77:6b:a1:38:9f:b9:2b:7f:8c:83:95:ea:2f:6a:b0:
b7:30:8e:65:31:da:ee:99:12:9a:bf:70:9b:5c:f8:
17:b1:41:01:b9:79:c7:bc:6d:92:13:a5:10:de:53:
63:f0:64:b6:c7:0b:55:89:5f:d8:6e:64:e9:e5:4b:
fe:d6:ff:df:bd:f0:95:34:ec:95:44:b3:22:96:9f:
74:f2:cd:a3:f3:8a:1f:fc:c9:af:67:ff:e4:93:4f:
1e:fa:49:07:ee:ee:a3:27:c1:42:6f:cd:6c:3d:fb:
6b:77:98:32:30:26:9d:80:3a:8b:0d:0c:f9:62:eb:
ee:26:9c:8f:e1:0d:c6:a8:54:92:ab:3d:e8:13:4d:
36:f5:39:4f:3a:4c:01:58:db:00:db:c9:b2:c4:0a:
52:89:3f:ef:3a:a8:ce:92:d1:69:93:3d:44:30:6d:
eb:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:30:45:8B:94:E8:BF:BB:0F:51:E7:89:49:16:ED:1B:4C:2E:ED:5E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/480A5F12D8E011EF9758369F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.82.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:51:30:9d:f9:f6:e1:3d:c3:a4:3c:12:7c:d4:7d:f8:9c:c2:
9a:db:9f:00:41:71:00:f7:ad:49:7d:58:16:3d:cb:c0:f8:4d:
12:9b:9a:8b:03:13:95:2b:b7:c8:69:9d:f7:39:72:37:4b:2b:
a6:f5:4a:10:27:68:d5:37:b8:33:03:bc:cf:d4:eb:ca:84:db:
6b:3e:5d:a0:3e:4b:af:39:fb:ad:12:3a:d2:d0:31:5f:34:03:
f3:a5:d0:79:9f:99:fe:7a:3e:db:7c:53:d9:13:01:a5:2a:e6:
5e:b3:73:31:d8:17:b5:09:5e:87:7f:dc:1a:12:01:a6:8a:29:
98:0b:f6:f6:52:05:db:17:ae:a0:f3:a8:24:17:a2:ba:33:81:
06:40:24:e9:7c:7c:c5:e2:7b:87:5d:4c:8a:50:07:a5:c6:37:
c1:80:ca:88:d4:5c:ab:5e:18:24:7c:f8:83:28:48:c6:ff:73:
f6:e1:39:a3:37:45:6f:6f:cb:63:c6:b7:7b:0f:39:28:62:01:
39:b3:03:26:a9:b3:34:83:cc:61:da:fe:88:83:24:e4:6f:3d:
5d:97:c5:72:bc:b2:3a:52:73:44:d4:6f:2f:ff:5f:a1:e4:6f:
5e:1f:04:b2:0c:23:32:62:45:d1:8f:c0:06:a1:07:44:3b:67:
ea:8f:70:29
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT/wMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIyMTY0NTIzWhcNMjUwMzE1MTY0NTIzWjAYMRYw
FAYDVQQDEw02NzkxMjBhNi01Njk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt3C+t+cc0bny73HTxed3YhDlsVi988wQpIKyC6cqOcL8oxeGvDpX91vk
J//5r7+dvFKbG1nQL02/rkv3xaroBU/RmF2ZU5h2OpGUeqmyGA5cNkO3+YRWrdd3
a6E4n7krf4yDleovarC3MI5lMdrumRKav3CbXPgXsUEBuXnHvG2SE6UQ3lNj8GS2
xwtViV/YbmTp5Uv+1v/fvfCVNOyVRLMilp908s2j84of/MmvZ//kk08e+kkH7u6j
J8FCb81sPftrd5gyMCadgDqLDQz5YuvuJpyP4Q3GqFSSqz3oE0029TlPOkwBWNsA
28myxApSiT/vOqjOktFpkz1EMG3rFwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLIw
RYuU6L+7D1HniUkW7RtMLu1eMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80ODBBNUYxMkQ4RTAxMUVGOTc1ODM2OUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms5SMA0GCSqGSIb3DQEB
CwUAA4IBAQAtUTCd+fbhPcOkPBJ81H34nMKa258AQXEA961JfVgWPcvA+E0Sm5qL
AxOVK7fIaZ33OXI3Syum9UoQJ2jVN7gzA7zP1OvKhNtrPl2gPkuvOfutEjrS0DFf
NAPzpdB5n5n+ej7bfFPZEwGlKuZes3Mx2Be1CV6Hf9waEgGmiimYC/b2UgXbF66g
86gkF6K6M4EGQCTpfHzF4nuHXUyKUAelxjfBgMqI1FyrXhgkfPiDKEjG/3P24Tmj
N0Vvb8tjxrd7DzkoYgE5swMmqbM0g8xh2v6IgyTkbz1dl8VyvLI6UnNE1G8v/1+h
5G9eHwSyDCMyYkXRj8AGoQdEO2fqj3Ap
-----END CERTIFICATE-----
Generated at Sun Apr 27 11:10:24 2025 by rpki-client