Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5CE5A650DC0811EF98084C6E762E951A.roa
File: 5CE5A650DC0811EF98084C6E762E951A.roa (raw, json)
Hash identifier: Ve3yFGUTexndNsJfsCejdavqoJGHPiXI+HVfC3vBalE=
Subject key identifier: E0:02:B1:64:9C:F7:99:28:B7:09:99:D8:2D:B8:02:53:78:2B:7B:41
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014B10
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5CE5A650DC0811EF98084C6E762E951A.roa
Signing time: Sun 26 Jan 2025 17:09:55 +0000
ROA not before: Sun 26 Jan 2025 17:09:51 +0000
ROA not after: Thu 20 Feb 2025 17:09:51 +0000
asID: 142062
IP address blocks: 154.86.86.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84752 (0x14b10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 26 17:09:51 2025 GMT
Not After : Feb 20 17:09:51 2025 GMT
Subject: CN=67966c63-58de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:be:65:8c:b0:ee:ce:3c:9b:33:a9:3b:6b:74:
d9:73:3a:a7:97:cc:36:3b:e2:86:43:14:db:59:d3:
20:dc:7c:73:57:a4:c0:ab:94:17:bf:d5:90:43:03:
ef:db:5c:a4:ab:6d:e9:f9:d4:94:2c:fe:7b:ee:0b:
fc:fb:2a:e8:ba:99:f7:2e:14:35:d0:e2:d1:ce:22:
1d:fa:c1:ff:8f:6a:14:80:be:dc:c6:75:80:61:a6:
55:eb:c5:30:a6:2f:32:3f:1b:4d:11:da:d1:06:0f:
60:3f:ad:25:9d:c2:16:2f:fa:7c:c9:1b:28:24:80:
0c:8f:6a:1b:d6:3f:19:12:48:5b:1f:3e:64:ec:29:
6d:f0:76:be:2a:63:c2:c1:77:b6:2a:c5:b5:eb:33:
ad:8f:10:a9:07:d2:4e:fc:20:10:6d:e1:a5:13:af:
81:c5:0e:bf:3a:a1:35:2a:fc:da:ee:30:68:ab:b7:
9d:81:37:fa:12:01:25:ce:b6:c5:21:9f:27:d6:db:
c1:d7:aa:46:1b:5f:12:2b:2e:a3:aa:3d:68:c3:ee:
dd:59:e4:0a:83:d0:45:27:52:8d:af:4e:e9:3b:f5:
12:fb:d0:0e:9b:4d:e6:88:69:4f:e4:87:c9:3e:76:
5b:f4:3e:a9:b8:88:cc:66:62:bd:71:84:63:5f:76:
c7:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:02:B1:64:9C:F7:99:28:B7:09:99:D8:2D:B8:02:53:78:2B:7B:41
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5CE5A650DC0811EF98084C6E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.86.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:59:9c:63:c0:8c:63:8f:9b:27:16:83:07:51:29:98:52:2d:
3c:ff:fb:be:57:37:92:d1:86:7d:02:46:65:7e:15:63:9e:cc:
a2:81:4d:ca:95:99:68:9e:da:cf:e1:c0:01:35:83:26:ec:8a:
ab:49:42:1f:ba:32:fe:5d:0b:63:05:64:9a:d6:41:e7:fd:82:
91:cd:54:54:bd:b4:e0:4c:75:e1:f2:89:7b:8c:94:3e:59:83:
14:7c:be:28:e3:ec:b3:26:79:0b:9f:6a:87:0f:0b:8c:39:cc:
6b:b3:8f:1f:32:5d:26:c3:e6:37:42:dd:37:d7:23:cd:d6:d8:
28:5e:bb:b2:cf:d3:95:b9:44:76:cb:c4:96:a1:2d:ef:0d:9e:
83:60:4a:6d:3a:a0:05:84:32:26:6f:35:13:aa:5f:9c:92:05:
7f:31:9e:7a:0b:7e:35:e1:1f:07:90:16:39:ba:0e:20:01:4f:
fe:f0:58:8f:be:5d:56:6e:90:67:e3:8d:50:35:64:1a:8d:ce:
77:da:2f:d9:c4:d0:af:6c:df:96:a2:d5:aa:10:49:d6:06:97:
f7:56:6f:70:89:1b:2c:26:ac:34:4f:99:16:03:f8:9b:c6:d2:
ba:0f:06:06:34:c4:48:47:67:cd:cc:3e:44:d3:3c:88:5e:7f:
1b:8f:e7:02
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUsQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI2MTcwOTUxWhcNMjUwMjIwMTcwOTUxWjAYMRYw
FAYDVQQDEw02Nzk2NmM2My01OGRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0L5ljLDuzjybM6k7a3TZczqnl8w2O+KGQxTbWdMg3HxzV6TAq5QXv9WQ
QwPv21ykq23p+dSULP577gv8+yroupn3LhQ10OLRziId+sH/j2oUgL7cxnWAYaZV
68Uwpi8yPxtNEdrRBg9gP60lncIWL/p8yRsoJIAMj2ob1j8ZEkhbHz5k7Clt8Ha+
KmPCwXe2KsW16zOtjxCpB9JO/CAQbeGlE6+BxQ6/OqE1Kvza7jBoq7edgTf6EgEl
zrbFIZ8n1tvB16pGG18SKy6jqj1ow+7dWeQKg9BFJ1KNr07pO/US+9AOm03miGlP
5IfJPnZb9D6puIjMZmK9cYRjX3bHRwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOAC
sWSc95kotwmZ2C24AlN4K3tBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81Q0U1QTY1MERDMDgxMUVGOTgwODRDNkU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlZWMA0GCSqGSIb3DQEB
CwUAA4IBAQBdWZxjwIxjj5snFoMHUSmYUi08//u+VzeS0YZ9AkZlfhVjnsyigU3K
lZlontrP4cABNYMm7IqrSUIfujL+XQtjBWSa1kHn/YKRzVRUvbTgTHXh8ol7jJQ+
WYMUfL4o4+yzJnkLn2qHDwuMOcxrs48fMl0mw+Y3Qt031yPN1tgoXruyz9OVuUR2
y8SWoS3vDZ6DYEptOqAFhDImbzUTql+ckgV/MZ56C3414R8HkBY5ug4gAU/+8FiP
vl1WbpBn441QNWQajc532i/ZxNCvbN+WotWqEEnWBpf3Vm9wiRssJqw0T5kWA/ib
xtK6DwYGNMRIR2fNzD5E0zyIXn8bj+cC
-----END CERTIFICATE-----
Generated at Tue Apr 29 01:04:43 2025 by rpki-client