Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5B2F4DCEDA0611EFB6327E65762E951A.roa
File: 5B2F4DCEDA0611EFB6327E65762E951A.roa (raw, json)
Hash identifier: AYgoGHZ3s5LSG6YdE6Z3fmR+PnJkpUPptcqpHaB/vCI=
Subject key identifier: 42:63:64:2F:51:03:D0:30:43:D5:EE:DE:85:AC:A3:EA:E4:F9:F3:AE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0143A6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5B2F4DCEDA0611EFB6327E65762E951A.roa
Signing time: Fri 24 Jan 2025 03:50:31 +0000
ROA not before: Fri 24 Jan 2025 03:50:27 +0000
ROA not after: Sat 01 Mar 2025 03:50:27 +0000
asID: 44559
IP address blocks: 154.198.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82854 (0x143a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 03:50:27 2025 GMT
Not After : Mar 1 03:50:27 2025 GMT
Subject: CN=67930e06-73ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:91:87:55:e2:bc:a3:65:bf:93:66:cc:40:2b:
4d:20:5b:11:99:90:4a:82:94:66:49:05:04:b4:02:
95:b0:fa:8f:a1:eb:05:7a:e5:16:67:6f:48:8a:a5:
95:d3:07:4f:0b:4e:da:21:13:9d:29:90:2e:6c:f7:
a6:54:6c:f7:2a:cd:4c:fa:89:49:bb:89:62:63:1c:
9a:67:31:92:48:99:c2:ca:60:cd:da:71:79:1b:1d:
ab:5d:84:78:b8:bf:1e:a7:5d:66:bf:d0:8d:d4:c0:
c5:9b:57:05:11:65:e7:f8:29:4a:b4:3a:22:c0:ca:
49:56:bf:d0:de:d4:e2:9a:85:d7:95:d1:96:61:84:
c0:fd:2a:42:d6:f0:36:61:fb:8e:ba:c6:da:35:99:
b6:42:0e:a7:bb:50:48:f0:03:f1:32:fe:fe:e5:c1:
f5:0f:d1:65:92:b6:a7:53:c5:e8:ee:7a:8f:8c:5a:
59:32:94:c4:bc:5f:62:de:34:1e:e7:9a:9a:ae:2f:
e2:52:82:8b:3e:49:9c:df:b3:df:39:50:10:b2:84:
11:30:30:c3:10:d7:3c:88:7c:71:87:f9:cd:b1:de:
47:64:30:1b:5c:a9:37:b6:d4:30:67:46:8a:b1:5c:
2f:80:0a:00:60:f5:76:42:22:f5:1d:d9:8f:86:ae:
3b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:63:64:2F:51:03:D0:30:43:D5:EE:DE:85:AC:A3:EA:E4:F9:F3:AE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5B2F4DCEDA0611EFB6327E65762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.39.0/24
Signature Algorithm: sha256WithRSAEncryption
11:cc:39:68:56:f4:1f:3d:84:12:ed:a9:39:7b:71:3e:3f:27:
06:ad:8b:ea:cc:7e:32:4b:4a:14:df:e0:50:4b:f3:3b:ec:ee:
bf:0e:71:b1:3d:f1:5f:32:45:32:32:e9:c3:81:61:04:9d:fd:
0b:ee:f6:b3:9f:f2:71:34:cb:98:f0:8c:a1:39:a8:ec:fa:04:
56:27:cb:5e:ef:b8:f0:d7:bb:47:3e:a6:46:9c:f7:c2:7f:63:
50:b2:75:0c:1a:7b:af:cb:35:d0:52:97:7b:0e:a9:59:c7:65:
b3:3a:f3:08:38:17:db:6a:74:64:17:a0:a3:40:66:81:3b:39:
91:ca:1f:f5:f6:c9:df:62:6d:6d:ca:68:b6:f6:a7:af:83:3a:
32:c7:1e:06:0d:e9:41:94:db:7d:9b:40:97:fa:ab:e8:c9:c8:
15:32:7e:49:15:eb:f7:1c:44:e1:4b:28:e7:c8:62:90:8b:08:
21:d3:04:c3:8d:32:35:46:02:5b:85:4e:57:6e:33:5a:09:d2:
5f:9b:24:52:b8:4e:cc:26:a0:fa:fc:6b:2d:62:a0:e8:1b:39:
7a:3c:3e:62:87:e7:2d:d7:47:57:0e:9d:75:bb:c8:23:58:d0:
06:5a:39:b9:2f:8e:65:8a:67:e7:1d:ce:91:2a:49:c9:ca:5f:
f6:4d:89:ed
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUOmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDM1MDI3WhcNMjUwMzAxMDM1MDI3WjAYMRYw
FAYDVQQDEw02NzkzMGUwNi03M2VmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn5GHVeK8o2W/k2bMQCtNIFsRmZBKgpRmSQUEtAKVsPqPoesFeuUWZ29I
iqWV0wdPC07aIROdKZAubPemVGz3Ks1M+olJu4liYxyaZzGSSJnCymDN2nF5Gx2r
XYR4uL8ep11mv9CN1MDFm1cFEWXn+ClKtDoiwMpJVr/Q3tTimoXXldGWYYTA/SpC
1vA2YfuOusbaNZm2Qg6nu1BI8APxMv7+5cH1D9FlkranU8Xo7nqPjFpZMpTEvF9i
3jQe55qari/iUoKLPkmc37PfOVAQsoQRMDDDENc8iHxxh/nNsd5HZDAbXKk3ttQw
Z0aKsVwvgAoAYPV2QiL1HdmPhq47kQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEJj
ZC9RA9AwQ9Xu3oWso+rk+fOuMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81QjJGNERDRURBMDYxMUVGQjYzMjdFNjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsYnMA0GCSqGSIb3DQEB
CwUAA4IBAQARzDloVvQfPYQS7ak5e3E+PycGrYvqzH4yS0oU3+BQS/M77O6/DnGx
PfFfMkUyMunDgWEEnf0L7vazn/JxNMuY8IyhOajs+gRWJ8te77jw17tHPqZGnPfC
f2NQsnUMGnuvyzXQUpd7DqlZx2WzOvMIOBfbanRkF6CjQGaBOzmRyh/19snfYm1t
ymi29qevgzoyxx4GDelBlNt9m0CX+qvoycgVMn5JFev3HEThSyjnyGKQiwgh0wTD
jTI1RgJbhU5XbjNaCdJfmyRSuE7MJqD6/GstYqDoGzl6PD5ih+ct10dXDp11u8gj
WNAGWjm5L45limfnHc6RKknJyl/2TYnt
-----END CERTIFICATE-----
Generated at Sat Apr 26 10:12:34 2025 by rpki-client