Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5CEF4E2CDB6211EF81BC108D762E951A.roa
File: 5CEF4E2CDB6211EF81BC108D762E951A.roa (raw, json)
Hash identifier: zgjpH3ED5Ej2nYo3qVfsaM/60NBxS4J1v8wcEWF0gT4=
Subject key identifier: 31:CD:9B:96:DA:4C:C7:22:45:68:76:4C:07:C1:62:52:7F:6C:C8:6E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014A64
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5CEF4E2CDB6211EF81BC108D762E951A.roa
Signing time: Sat 25 Jan 2025 21:21:38 +0000
ROA not before: Sat 25 Jan 2025 21:21:35 +0000
ROA not after: Wed 19 Mar 2025 21:21:35 +0000
asID: 138915
IP address blocks: 154.90.56.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84580 (0x14a64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 25 21:21:35 2025 GMT
Not After : Mar 19 21:21:35 2025 GMT
Subject: CN=679555e2-81dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:02:7e:8c:cc:ec:d8:30:04:27:0a:41:ab:5a:
cd:41:ad:b9:5c:17:7f:65:a9:b2:84:12:12:d4:84:
1c:0b:e8:78:2b:ae:24:d4:b2:ce:b2:bd:e9:1b:21:
1c:0b:45:1d:3f:d8:05:ff:ab:84:7d:9d:c5:8b:8a:
7c:01:a5:51:db:74:e8:07:28:7d:d0:23:fb:4a:51:
db:e0:d5:bf:d6:9d:09:5c:be:d4:6d:75:04:1e:81:
ee:ee:86:37:a7:b0:61:0b:8c:20:7a:e7:84:d5:6a:
87:1b:6c:0f:dc:ae:67:42:1d:26:2b:1e:cb:0a:50:
15:68:9c:5b:a1:02:01:b0:3c:5b:8f:2e:e7:33:a2:
df:8c:db:91:58:9d:92:28:a9:0c:70:a0:34:3a:dc:
d2:ac:72:07:f4:dc:d3:0d:80:66:93:11:46:37:2a:
51:f2:a5:23:61:69:77:4a:10:7d:fb:e3:92:48:5d:
82:f9:98:e2:ac:31:66:37:60:69:11:ef:26:7b:4e:
97:9d:cd:4b:91:aa:8e:a2:be:1f:0f:3e:be:81:24:
80:06:e0:dd:f8:ea:7c:2c:99:bb:1e:d8:d4:a6:38:
54:cf:88:f2:ff:5e:80:20:3e:6c:18:43:79:f7:5d:
05:90:e3:4c:92:ad:a7:4e:66:89:57:5a:b5:d7:d1:
7b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:CD:9B:96:DA:4C:C7:22:45:68:76:4C:07:C1:62:52:7F:6C:C8:6E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5CEF4E2CDB6211EF81BC108D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.56.0/23
Signature Algorithm: sha256WithRSAEncryption
98:b0:86:68:35:03:e3:d1:fd:d5:a9:d7:0f:6f:63:92:f4:22:
5e:e7:d0:d4:e9:19:3e:48:38:a8:d2:2c:61:e6:0c:3a:55:83:
f6:95:93:36:1a:08:eb:66:e7:8e:5a:54:d5:0b:e6:9e:2e:e8:
c0:ac:ed:4e:61:28:84:10:a1:b0:df:11:ca:ff:9b:8b:d9:2a:
c0:cc:2c:af:bc:8c:cc:60:58:df:7c:70:b0:3b:7a:7d:48:65:
c5:2e:d1:c3:ed:82:3e:27:1f:6c:8d:59:f6:2e:c6:4d:cb:81:
db:b4:3d:2c:36:9d:7b:31:95:0f:48:19:e9:9f:55:25:fd:2b:
80:24:b6:3f:26:90:c7:09:9d:ef:82:14:05:08:fa:af:68:29:
e5:fa:46:8b:fe:c4:a0:1e:f3:d1:cb:1a:5c:c0:f9:e3:9c:85:
17:5d:24:f2:a5:9c:c4:b8:9b:2a:16:22:66:02:e2:bb:1f:a9:
75:db:85:d0:dc:73:10:42:98:87:2f:db:a4:b2:d5:88:33:30:
69:68:30:52:41:7d:f7:92:d8:eb:16:ab:e4:b1:20:1b:8a:3c:
45:0a:ef:61:4f:64:e3:73:57:34:87:04:da:4e:0c:8c:b3:e4:
56:b8:c4:22:07:f1:41:3d:04:cd:a8:37:3d:ef:6d:6a:88:fc:
10:89:c9:20
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUpkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI1MjEyMTM1WhcNMjUwMzE5MjEyMTM1WjAYMRYw
FAYDVQQDEw02Nzk1NTVlMi04MWRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxAJ+jMzs2DAEJwpBq1rNQa25XBd/ZamyhBIS1IQcC+h4K64k1LLOsr3p
GyEcC0UdP9gF/6uEfZ3Fi4p8AaVR23ToByh90CP7SlHb4NW/1p0JXL7UbXUEHoHu
7oY3p7BhC4wgeueE1WqHG2wP3K5nQh0mKx7LClAVaJxboQIBsDxbjy7nM6LfjNuR
WJ2SKKkMcKA0OtzSrHIH9NzTDYBmkxFGNypR8qUjYWl3ShB9++OSSF2C+ZjirDFm
N2BpEe8me06Xnc1LkaqOor4fDz6+gSSABuDd+Op8LJm7HtjUpjhUz4jy/16AID5s
GEN5910FkONMkq2nTmaJV1q119F7AwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDHN
m5baTMciRWh2TAfBYlJ/bMhuMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81Q0VGNEUyQ0RCNjIxMUVGODFCQzEwOEQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlo4MA0GCSqGSIb3DQEB
CwUAA4IBAQCYsIZoNQPj0f3VqdcPb2OS9CJe59DU6Rk+SDio0ixh5gw6VYP2lZM2
GgjrZueOWlTVC+aeLujArO1OYSiEEKGw3xHK/5uL2SrAzCyvvIzMYFjffHCwO3p9
SGXFLtHD7YI+Jx9sjVn2LsZNy4HbtD0sNp17MZUPSBnpn1Ul/SuAJLY/JpDHCZ3v
ghQFCPqvaCnl+kaL/sSgHvPRyxpcwPnjnIUXXSTypZzEuJsqFiJmAuK7H6l124XQ
3HMQQpiHL9ukstWIMzBpaDBSQX33ktjrFqvksSAbijxFCu9hT2Tjc1c0hwTaTgyM
s+RWuMQiB/FBPQTNqDc9721qiPwQickg
-----END CERTIFICATE-----
Generated at Sat Apr 26 02:16:24 2025 by rpki-client