Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4B210B6CDB3611EFA09B8A67762E951A.roa
File: 4B210B6CDB3611EFA09B8A67762E951A.roa (raw, json)
Hash identifier: qDcM6HHivcV4AleukzBaCogoUjWn0+hIpQbXl1xMOgY=
Subject key identifier: 66:CD:9B:45:D2:B6:C2:05:47:09:03:A5:D9:1E:B0:CD:49:5D:16:36
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014A20
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4B210B6CDB3611EFA09B8A67762E951A.roa
Signing time: Sat 25 Jan 2025 16:06:11 +0000
ROA not before: Sat 25 Jan 2025 16:06:07 +0000
ROA not after: Fri 07 Mar 2025 16:06:07 +0000
asID: 138915
IP address blocks: 154.223.54.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84512 (0x14a20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 25 16:06:07 2025 GMT
Not After : Mar 7 16:06:07 2025 GMT
Subject: CN=67950bf3-6b87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:60:48:22:e3:d6:0e:42:78:f2:90:ab:de:6a:
5b:18:da:27:e1:8e:49:ec:79:18:1e:5b:a2:c5:4b:
65:88:85:55:34:e6:d0:a2:e1:3a:8d:a9:43:20:a3:
0d:11:b6:3b:ba:d2:f9:d9:f6:3a:5b:04:11:e4:41:
2f:ab:0c:f9:22:ae:79:d7:60:6e:5a:35:eb:d7:2e:
19:ae:d7:6a:83:4b:a9:67:fc:9e:34:76:c2:d6:b7:
b7:22:c2:88:c5:69:63:1b:04:0c:5d:08:07:04:1f:
63:6e:81:8e:e7:24:83:27:6e:ca:e6:b3:54:d8:cd:
96:49:91:8f:6b:b7:d0:ae:56:98:7b:2c:0a:81:00:
81:1e:fb:8f:a3:85:1a:fc:96:0a:96:b4:89:df:91:
e9:85:21:f3:e2:27:06:5c:e8:e7:f1:83:7a:d6:b6:
96:e8:12:b3:b1:39:11:0d:46:22:df:8d:bf:f4:fb:
70:01:c9:eb:32:02:fb:39:16:07:25:ee:33:2c:42:
6a:3c:04:1f:0d:13:f9:d6:7d:c0:9c:03:36:a3:51:
a5:1d:50:62:df:9d:2b:53:7c:3c:ac:ed:41:f2:eb:
06:df:01:09:16:2c:e6:85:ff:22:be:60:3f:cc:a9:
91:46:05:d2:f7:88:ee:58:77:69:26:00:af:97:7f:
43:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:CD:9B:45:D2:B6:C2:05:47:09:03:A5:D9:1E:B0:CD:49:5D:16:36
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4B210B6CDB3611EFA09B8A67762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.54.0/23
Signature Algorithm: sha256WithRSAEncryption
23:69:0e:9a:3f:0f:d1:0b:30:45:c7:1d:dc:97:1b:c9:d3:22:
ba:88:22:66:3b:de:5f:00:bd:ec:15:4d:0c:04:6c:0e:81:be:
70:5d:bf:45:da:31:9c:97:18:e3:22:13:c9:2b:a3:ac:a5:81:
ae:41:5b:54:d8:43:2a:64:a8:14:4d:3d:ba:95:48:a5:be:86:
78:d0:45:00:d6:d7:06:31:9c:ed:23:94:94:3d:7d:42:ed:a6:
f6:9e:3d:ad:cb:da:bf:1b:7b:76:2d:9b:dc:db:00:f8:c1:1f:
74:e4:55:ef:17:90:91:69:6c:8d:fc:15:29:af:28:af:b2:c4:
16:7f:06:73:67:e8:81:9d:fc:4c:93:38:97:da:0d:73:f3:ae:
14:67:30:dc:5f:87:11:73:c2:25:6d:08:a1:02:6f:bf:1f:b1:
8b:e5:5f:09:76:60:f1:a7:5c:d5:9e:52:64:b5:c3:9e:15:94:
e3:11:f0:e8:86:9e:3f:a2:f4:5f:28:fe:2b:46:be:ea:df:1d:
35:af:b3:7e:e3:21:fa:af:c1:5a:60:6d:00:3f:9e:40:18:6c:
c9:5e:1a:3c:6c:b8:2e:c7:87:a0:d2:90:a4:84:eb:e3:e5:f8:
17:a4:82:6c:c5:c1:26:a0:8f:11:d4:89:ef:b8:c6:15:95:25:
f0:b7:56:3d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUogMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI1MTYwNjA3WhcNMjUwMzA3MTYwNjA3WjAYMRYw
FAYDVQQDEw02Nzk1MGJmMy02Yjg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwmBIIuPWDkJ48pCr3mpbGNon4Y5J7HkYHluixUtliIVVNObQouE6jalD
IKMNEbY7utL52fY6WwQR5EEvqwz5Iq5512BuWjXr1y4Zrtdqg0upZ/yeNHbC1re3
IsKIxWljGwQMXQgHBB9jboGO5ySDJ27K5rNU2M2WSZGPa7fQrlaYeywKgQCBHvuP
o4Ua/JYKlrSJ35HphSHz4icGXOjn8YN61raW6BKzsTkRDUYi342/9PtwAcnrMgL7
ORYHJe4zLEJqPAQfDRP51n3AnAM2o1GlHVBi350rU3w8rO1B8usG3wEJFizmhf8i
vmA/zKmRRgXS94juWHdpJgCvl39DxwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGbN
m0XStsIFRwkDpdkesM1JXRY2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80QjIxMEI2Q0RCMzYxMUVGQTA5QjhBNjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmt82MA0GCSqGSIb3DQEB
CwUAA4IBAQAjaQ6aPw/RCzBFxx3clxvJ0yK6iCJmO95fAL3sFU0MBGwOgb5wXb9F
2jGclxjjIhPJK6OspYGuQVtU2EMqZKgUTT26lUilvoZ40EUA1tcGMZztI5SUPX1C
7ab2nj2ty9q/G3t2LZvc2wD4wR905FXvF5CRaWyN/BUpryivssQWfwZzZ+iBnfxM
kziX2g1z864UZzDcX4cRc8IlbQihAm+/H7GL5V8JdmDxp1zVnlJktcOeFZTjEfDo
hp4/ovRfKP4rRr7q3x01r7N+4yH6r8FaYG0AP55AGGzJXho8bLgux4eg0pCkhOvj
5fgXpIJsxcEmoI8R1InvuMYVlSXwt1Y9
-----END CERTIFICATE-----
Generated at Sat Apr 26 01:02:12 2025 by rpki-client