Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5C09B500D97911EFB1A6C9A8762E951A.roa
File: 5C09B500D97911EFB1A6C9A8762E951A.roa (raw, json)
Hash identifier: Hvregw2qSZS4YQ7vxj8SrK/fftWLYxCYnp3B6u6ZYJw=
Subject key identifier: F1:2A:76:D4:4E:22:55:8C:66:D6:2C:E9:87:49:60:59:B5:19:84:FE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01416B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5C09B500D97911EFB1A6C9A8762E951A.roa
Signing time: Thu 23 Jan 2025 11:01:13 +0000
ROA not before: Thu 23 Jan 2025 11:01:09 +0000
ROA not after: Fri 28 Feb 2025 11:01:09 +0000
asID: 62240
IP address blocks: 154.195.144.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82283 (0x1416b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 23 11:01:09 2025 GMT
Not After : Feb 28 11:01:09 2025 GMT
Subject: CN=67922179-dca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8f:9b:59:3e:f8:2d:10:42:00:fe:1c:b1:c9:
c2:4e:06:15:57:4b:c8:e6:4d:e1:34:b5:e1:1e:c5:
e9:32:3a:cc:c8:c4:be:3f:b7:13:32:01:c4:58:de:
f0:7b:9a:0b:8f:b2:d5:6d:e5:11:45:32:f0:db:b5:
bb:a6:94:a6:d9:44:62:df:0a:cf:f1:63:90:71:de:
9a:61:46:22:e5:be:75:44:5f:4d:84:8c:60:cf:10:
cf:2c:e3:f0:2e:8f:71:60:b9:ad:4b:bc:e7:6e:d2:
ef:38:89:be:9d:65:fb:f8:02:9a:f3:dd:58:42:3c:
5b:25:8a:5a:73:a4:35:b5:41:81:a1:92:71:80:e7:
06:a7:0f:17:9c:86:64:90:ec:43:52:08:74:94:5c:
dd:23:bb:62:e2:bb:17:36:94:30:4c:fb:33:a8:43:
e8:bc:38:38:f5:b7:26:34:29:34:34:b0:30:71:95:
70:2e:95:3f:3c:71:7c:ad:cb:a4:21:62:b6:11:ca:
ff:63:a4:03:a2:6d:dd:2f:32:77:6d:8c:08:bb:1c:
93:2d:d7:49:e7:89:1f:26:49:2b:5b:88:26:fa:5a:
d1:c3:a2:67:38:03:d0:34:9a:0c:cd:ae:ff:91:4e:
35:dd:cc:c0:d5:9c:a3:d3:ac:b3:73:93:02:8c:e2:
a2:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:2A:76:D4:4E:22:55:8C:66:D6:2C:E9:87:49:60:59:B5:19:84:FE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5C09B500D97911EFB1A6C9A8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.144.0/24
Signature Algorithm: sha256WithRSAEncryption
82:c7:47:9d:c7:f9:65:87:50:7f:de:25:66:40:84:60:7d:7a:
9f:62:c6:34:eb:d1:6a:d0:a0:c6:3a:bb:d9:43:be:9b:27:5d:
48:61:63:8f:cc:fa:37:42:fc:c4:31:18:d1:63:82:91:ef:0f:
29:5c:f8:a3:92:24:18:55:04:c9:1b:c6:ac:59:7e:d6:f2:49:
0e:37:78:bc:04:c6:f8:24:33:0e:78:2c:0d:58:e6:8e:e0:6d:
f9:c8:09:1f:d9:1e:09:2e:6e:79:4f:85:44:23:54:24:f9:a0:
01:77:b7:53:1a:91:f7:26:1f:58:3b:41:6b:d7:84:5d:9c:21:
1b:bb:d9:fc:ed:e5:54:46:4d:33:f2:13:90:d1:19:b4:65:07:
99:61:6d:81:af:19:87:c3:d1:32:47:ae:4e:85:de:c0:7b:01:
ea:c0:18:3d:f8:70:50:ef:4a:0b:04:37:e7:98:3f:2b:4c:80:
75:4d:a6:d9:e3:eb:a7:f2:6a:b6:2e:10:8a:fc:85:76:3e:74:
40:7e:10:54:aa:44:af:82:6d:e4:26:ae:10:2a:2b:05:a1:7e:
91:de:5c:16:d3:2a:70:74:14:4a:e5:3b:4a:da:a5:c6:7b:d3:
c0:55:c0:23:b3:33:53:0f:22:56:28:a4:1a:18:ba:b2:db:5d:
7b:6e:8d:55
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUFrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMTEwMTA5WhcNMjUwMjI4MTEwMTA5WjAYMRYw
FAYDVQQDEw02NzkyMjE3OS1kY2E0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuo+bWT74LRBCAP4cscnCTgYVV0vI5k3hNLXhHsXpMjrMyMS+P7cTMgHE
WN7we5oLj7LVbeURRTLw27W7ppSm2URi3wrP8WOQcd6aYUYi5b51RF9NhIxgzxDP
LOPwLo9xYLmtS7znbtLvOIm+nWX7+AKa891YQjxbJYpac6Q1tUGBoZJxgOcGpw8X
nIZkkOxDUgh0lFzdI7ti4rsXNpQwTPszqEPovDg49bcmNCk0NLAwcZVwLpU/PHF8
rcukIWK2Ecr/Y6QDom3dLzJ3bYwIuxyTLddJ54kfJkkrW4gm+lrRw6JnOAPQNJoM
za7/kU413czA1Zyj06yzc5MCjOKiTQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPEq
dtROIlWMZtYs6YdJYFm1GYT+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81QzA5QjUwMEQ5NzkxMUVGQjFBNkM5QTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsOQMA0GCSqGSIb3DQEB
CwUAA4IBAQCCx0edx/llh1B/3iVmQIRgfXqfYsY069Fq0KDGOrvZQ76bJ11IYWOP
zPo3QvzEMRjRY4KR7w8pXPijkiQYVQTJG8asWX7W8kkON3i8BMb4JDMOeCwNWOaO
4G35yAkf2R4JLm55T4VEI1Qk+aABd7dTGpH3Jh9YO0Fr14RdnCEbu9n87eVURk0z
8hOQ0Rm0ZQeZYW2BrxmHw9EyR65Ohd7AewHqwBg9+HBQ70oLBDfnmD8rTIB1TabZ
4+un8mq2LhCK/IV2PnRAfhBUqkSvgm3kJq4QKisFoX6R3lwW0ypwdBRK5TtK2qXG
e9PAVcAjszNTDyJWKKQaGLqy2117bo1V
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:57:01 2025 by rpki-client