Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5B34D92EB21011EF81D69B68762E951A.roa
File: 5B34D92EB21011EF81D69B68762E951A.roa (raw, json)
Hash identifier: vYP3V4pf4SgEx2IPs9lvH6mRrQ+4JG4nWeP0Cn/RJWg=
Subject key identifier: 75:D2:10:9C:11:A6:49:C5:88:1D:33:AA:BF:29:DB:C4:FE:4B:31:E0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0117AA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5B34D92EB21011EF81D69B68762E951A.roa
Signing time: Wed 04 Dec 2024 07:21:19 +0000
ROA not before: Wed 04 Dec 2024 07:21:15 +0000
ROA not after: Sat 01 Feb 2025 07:21:15 +0000
asID: 150008
IP address blocks: 154.206.24.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71594 (0x117aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Dec 4 07:21:15 2024 GMT
Not After : Feb 1 07:21:15 2025 GMT
Subject: CN=675002ef-4b18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:70:b9:55:be:77:9d:e7:9e:70:14:47:0b:98:
64:8b:c1:76:3f:2b:be:2a:b6:b0:1d:0d:b1:0e:f4:
81:d6:85:82:63:08:fb:6d:3f:88:dc:9c:50:c1:1e:
98:99:42:db:e7:c3:f9:ff:bd:c5:6a:6f:74:6e:da:
d0:0d:0e:a6:11:90:21:33:a8:0c:f5:bb:77:f2:08:
57:4f:9c:1d:6c:27:04:ec:19:79:b7:f8:37:d7:12:
42:c6:c7:8d:83:93:89:95:16:e6:12:4a:1f:b1:1e:
28:a2:1f:61:65:6b:ff:d6:08:85:3b:ad:c9:95:77:
13:8f:d2:c1:9d:00:9c:45:a1:e5:cd:d7:3d:42:45:
e5:03:b1:4c:be:b8:af:5f:02:f9:f7:48:7a:5c:21:
fe:56:a0:33:b9:24:96:f4:a8:0a:fe:12:ad:04:ed:
1e:85:86:02:de:43:96:75:3f:47:86:a0:14:b7:7f:
d3:7c:24:f4:ff:7e:54:96:79:c9:96:98:b8:27:a8:
2f:71:1c:d5:d7:67:0e:72:de:d4:4a:dc:a5:95:bb:
46:e3:c0:93:f6:d5:e1:62:eb:6d:72:c5:a9:01:03:
2e:9d:b8:14:ae:9c:9c:c6:31:79:7d:97:00:a5:9a:
45:d4:87:66:17:f1:57:dd:e2:5b:c2:70:86:24:b1:
1c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:D2:10:9C:11:A6:49:C5:88:1D:33:AA:BF:29:DB:C4:FE:4B:31:E0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5B34D92EB21011EF81D69B68762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.24.0/21
Signature Algorithm: sha256WithRSAEncryption
9f:20:76:e6:48:09:cd:cd:ad:e8:5d:43:5e:86:41:22:86:d5:
27:70:b3:a4:61:7f:f0:5a:13:94:1f:fa:a4:fe:14:a8:77:c0:
ed:78:00:c8:2b:5a:98:44:95:79:84:00:dc:e0:66:0f:8f:8b:
46:35:7b:41:d8:94:41:17:78:39:2a:ce:4d:96:46:9d:b8:64:
fa:82:73:c6:91:8e:f6:1f:52:df:fc:37:9d:f0:86:98:fb:03:
29:6b:4d:80:41:ef:32:ad:0c:d0:3d:3a:d2:7c:e0:b6:29:8c:
81:36:29:f6:24:8c:dd:90:8c:46:ac:cb:da:e2:aa:8f:b5:d8:
71:c9:7d:71:14:03:7f:4e:05:d7:22:91:87:f7:c5:d1:c0:b1:
05:ac:75:11:83:df:2d:c7:8d:39:ed:2d:3a:84:6c:ca:46:ee:
3e:03:e7:e2:c1:0a:31:c5:64:63:39:19:34:b1:3e:8c:16:76:
77:4c:84:a6:6f:6d:c7:28:9d:e2:55:36:cf:99:75:d9:2d:3b:
76:57:57:34:c9:38:1e:b7:b0:3d:93:d1:34:a3:09:7b:af:bd:
8b:03:53:38:99:0f:81:d0:0e:5a:0a:85:4f:29:6f:af:df:da:
8e:d2:59:3b:72:a5:82:ef:9b:0a:86:cf:7a:85:34:dd:e1:f0:
d5:db:fc:db
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAReqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjA0MDcyMTE1WhcNMjUwMjAxMDcyMTE1WjAYMRYw
FAYDVQQDEw02NzUwMDJlZi00YjE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6XC5Vb53neeecBRHC5hki8F2Pyu+KrawHQ2xDvSB1oWCYwj7bT+I3JxQ
wR6YmULb58P5/73Fam90btrQDQ6mEZAhM6gM9bt38ghXT5wdbCcE7Bl5t/g31xJC
xseNg5OJlRbmEkofsR4ooh9hZWv/1giFO63JlXcTj9LBnQCcRaHlzdc9QkXlA7FM
vrivXwL590h6XCH+VqAzuSSW9KgK/hKtBO0ehYYC3kOWdT9HhqAUt3/TfCT0/35U
lnnJlpi4J6gvcRzV12cOct7UStyllbtG48CT9tXhYuttcsWpAQMunbgUrpycxjF5
fZcApZpF1IdmF/FX3eJbwnCGJLEckwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHXS
EJwRpknFiB0zqr8p28T+SzHgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81QjM0RDkyRUIyMTAxMUVGODFENjlCNjg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDms4YMA0GCSqGSIb3DQEB
CwUAA4IBAQCfIHbmSAnNza3oXUNehkEihtUncLOkYX/wWhOUH/qk/hSod8DteADI
K1qYRJV5hADc4GYPj4tGNXtB2JRBF3g5Ks5NlkaduGT6gnPGkY72H1Lf/Ded8IaY
+wMpa02AQe8yrQzQPTrSfOC2KYyBNin2JIzdkIxGrMva4qqPtdhxyX1xFAN/TgXX
IpGH98XRwLEFrHURg98tx4057S06hGzKRu4+A+fiwQoxxWRjORk0sT6MFnZ3TISm
b23HKJ3iVTbPmXXZLTt2V1c0yTget7A9k9E0owl7r72LA1M4mQ+B0A5aCoVPKW+v
39qO0lk7cqWC75sKhs96hTTd4fDV2/zb
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:08 2025 by rpki-client