Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/48D80AAAD51811EFAB741049762E951A.roa
File: 48D80AAAD51811EFAB741049762E951A.roa (raw, json)
Hash identifier: Kg9I+onbUwc+p+gbSTdJyqxOA1afUacxtg1z8AXhUeI=
Subject key identifier: 24:6E:45:CA:F5:3C:0D:90:14:24:36:FC:D8:CB:CE:AA:07:08:0E:92
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013D53
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/48D80AAAD51811EFAB741049762E951A.roa
Signing time: Fri 17 Jan 2025 21:16:15 +0000
ROA not before: Fri 17 Jan 2025 21:16:11 +0000
ROA not after: Sat 22 Feb 2025 21:16:11 +0000
asID: 141883
IP address blocks: 154.208.16.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81235 (0x13d53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 17 21:16:11 2025 GMT
Not After : Feb 22 21:16:11 2025 GMT
Subject: CN=678ac89f-eff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:0b:49:72:bc:3d:b8:3f:19:a5:ee:50:de:fb:
67:8e:7d:ed:53:a7:e9:0e:22:16:9f:04:b7:31:a3:
c3:28:e1:32:56:93:0f:a4:77:02:68:f6:ab:72:2a:
ca:48:90:f7:47:35:0f:d5:b5:73:5b:49:cc:00:0d:
55:5a:5d:6b:95:09:08:3c:8e:f0:c8:51:a1:ad:a4:
97:19:0b:61:19:c5:3d:39:18:3b:8a:82:ab:49:b0:
c4:21:54:0b:f3:25:70:e9:53:55:03:eb:80:84:fa:
3f:74:da:3b:d0:1d:8a:46:56:98:57:cb:e8:b5:4e:
8f:c4:27:77:11:97:44:1e:25:7c:4c:42:c7:68:8a:
d1:5d:d7:95:2e:bc:4d:35:a2:29:20:d4:7f:fa:1b:
94:cf:24:ec:ad:09:7f:4b:f7:1b:e4:c7:f8:9b:0e:
c8:9e:0b:c0:fc:bd:39:bf:cd:93:a2:6f:62:46:d2:
66:c0:39:1f:43:df:c9:9f:e0:40:61:67:18:53:16:
55:20:b7:c8:02:ba:67:8d:f0:d6:56:31:5b:91:67:
30:b1:84:d0:b6:ea:0e:34:96:22:2c:1b:4e:4f:2d:
2e:36:27:37:f6:a4:e4:3c:4c:5f:93:3b:a5:16:69:
43:a4:ed:06:fc:29:85:c8:6f:75:bc:be:72:82:d0:
9b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:6E:45:CA:F5:3C:0D:90:14:24:36:FC:D8:CB:CE:AA:07:08:0E:92
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/48D80AAAD51811EFAB741049762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.16.0/20
Signature Algorithm: sha256WithRSAEncryption
9d:a1:4a:66:83:2a:38:0d:21:a1:bf:5f:52:76:43:96:ce:f9:
26:3b:59:15:30:8e:fd:56:f9:25:48:e9:08:81:48:6b:7b:69:
e0:6f:11:cb:2a:c0:f9:2a:1b:97:1d:70:d1:f0:7a:63:d0:9f:
ec:dc:84:05:7f:bd:74:74:83:f6:fa:90:2b:42:3d:ac:6e:af:
89:ee:b2:4f:b8:dc:5c:08:fd:4c:15:5f:41:c8:d7:85:6d:56:
14:e9:f9:16:2f:05:08:4c:5d:50:34:e6:3a:93:7e:9f:13:81:
9c:64:a7:8d:c9:09:df:6a:a3:f4:0c:87:03:31:ac:0f:74:38:
81:54:b6:3d:01:ba:e3:c0:05:b0:a8:97:4a:a8:4b:66:07:86:
2d:1a:44:f1:8d:ed:14:da:7e:08:52:a8:51:8d:98:cf:7c:9d:
36:ed:09:f5:91:0d:59:7e:4a:0c:a9:27:51:52:10:15:10:f9:
0b:6c:ef:ed:b2:40:6e:2b:7e:99:83:3e:55:8a:26:c4:c5:5d:
78:6a:65:4a:f3:cf:2d:a8:78:3d:7d:bb:d2:50:94:4f:7b:c6:
db:8c:1f:ea:99:9a:c8:8b:b9:76:69:08:7f:31:f0:3f:97:00:
c4:d9:00:5a:d7:ef:4b:a5:87:6f:86:d5:f7:1c:0a:a2:ad:4f:
52:53:a1:c1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT1TMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE3MjExNjExWhcNMjUwMjIyMjExNjExWjAYMRYw
FAYDVQQDEw02NzhhYzg5Zi1lZmYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0wtJcrw9uD8Zpe5Q3vtnjn3tU6fpDiIWnwS3MaPDKOEyVpMPpHcCaPar
cirKSJD3RzUP1bVzW0nMAA1VWl1rlQkIPI7wyFGhraSXGQthGcU9ORg7ioKrSbDE
IVQL8yVw6VNVA+uAhPo/dNo70B2KRlaYV8votU6PxCd3EZdEHiV8TELHaIrRXdeV
LrxNNaIpINR/+huUzyTsrQl/S/cb5Mf4mw7IngvA/L05v82Tom9iRtJmwDkfQ9/J
n+BAYWcYUxZVILfIArpnjfDWVjFbkWcwsYTQtuoONJYiLBtOTy0uNic39qTkPExf
kzulFmlDpO0G/CmFyG91vL5ygtCbawIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCRu
Rcr1PA2QFCQ2/NjLzqoHCA6SMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80OEQ4MEFBQUQ1MTgxMUVGQUI3NDEwNDk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtAQMA0GCSqGSIb3DQEB
CwUAA4IBAQCdoUpmgyo4DSGhv19SdkOWzvkmO1kVMI79VvklSOkIgUhre2ngbxHL
KsD5KhuXHXDR8Hpj0J/s3IQFf710dIP2+pArQj2sbq+J7rJPuNxcCP1MFV9ByNeF
bVYU6fkWLwUITF1QNOY6k36fE4GcZKeNyQnfaqP0DIcDMawPdDiBVLY9AbrjwAWw
qJdKqEtmB4YtGkTxje0U2n4IUqhRjZjPfJ027Qn1kQ1ZfkoMqSdRUhAVEPkLbO/t
skBuK36Zgz5ViibExV14amVK888tqHg9fbvSUJRPe8bbjB/qmZrIi7l2aQh/MfA/
lwDE2QBa1+9LpYdvhtX3HAqirU9SU6HB
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:16:22 2025 by rpki-client