Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5DAD26C0D3F311EFA0FA4053762E951A.roa
File: 5DAD26C0D3F311EFA0FA4053762E951A.roa (raw, json)
Hash identifier: YEbuICeLhzhvMbUcgMC4hl3IpeMIzD5j1dphg/tW2FI=
Subject key identifier: 2C:2F:76:97:55:9C:34:F5:AC:49:56:AB:FE:F1:72:6F:E7:5E:6E:72
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013BCC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5DAD26C0D3F311EFA0FA4053762E951A.roa
Signing time: Thu 16 Jan 2025 10:19:27 +0000
ROA not before: Thu 16 Jan 2025 10:19:24 +0000
ROA not after: Sun 16 Mar 2025 10:19:24 +0000
asID: 17561
IP address blocks: 154.196.112.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80844 (0x13bcc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 16 10:19:24 2025 GMT
Not After : Mar 16 10:19:24 2025 GMT
Subject: CN=6788dd2f-bf3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:17:36:93:79:de:01:3e:eb:84:4f:ec:0e:a4:
93:07:e3:bf:58:81:82:a5:87:ef:89:68:d0:08:d7:
25:37:16:d6:14:a2:d5:78:3e:1a:ec:7c:82:f2:0b:
4c:25:20:fb:42:7f:a8:ac:11:09:9c:eb:39:46:12:
65:79:12:98:15:5d:7d:59:33:06:54:e0:e0:ac:7e:
dc:db:95:9a:83:86:5f:c9:3c:3b:2f:c5:fd:49:eb:
52:32:73:7e:19:5b:50:33:e0:06:42:94:dd:97:13:
e2:c3:74:51:92:54:98:32:cd:51:6c:56:d3:ff:b7:
e5:5e:c5:10:b9:94:d8:42:40:4f:ab:40:6a:cd:90:
6f:92:80:70:eb:ba:bf:60:1c:fd:64:0a:ac:aa:c0:
70:43:d3:8c:7b:1f:30:52:34:a4:d4:03:a2:7e:e4:
17:82:3d:ca:03:62:7d:45:d1:f5:c7:15:e2:e4:c8:
f3:56:f3:b0:7f:eb:65:4f:3e:d8:67:80:e2:b4:80:
9c:49:54:6c:6e:bf:9a:af:67:15:f4:fc:df:aa:08:
1f:2c:81:ad:64:ac:87:92:17:3d:54:88:3e:d2:ae:
a0:c9:85:40:e9:12:ff:27:ca:6a:82:5a:3a:f0:28:
68:1e:17:28:4e:91:b0:a4:8b:2c:19:d4:d7:09:74:
6a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:2F:76:97:55:9C:34:F5:AC:49:56:AB:FE:F1:72:6F:E7:5E:6E:72
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5DAD26C0D3F311EFA0FA4053762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.112.0/20
Signature Algorithm: sha256WithRSAEncryption
03:95:39:6a:e3:da:16:e7:61:78:55:6b:6c:92:cf:79:32:a3:
e7:1b:a7:db:ae:0c:1c:df:55:ba:5a:61:dc:e3:1e:bf:ae:18:
e3:50:8f:b0:25:85:a8:8b:5f:08:1e:0d:37:10:d0:65:8c:e9:
09:6b:a8:d4:d3:a9:c9:48:24:1c:25:9f:59:df:f9:15:bc:96:
d7:24:e1:48:b1:7e:61:0d:00:9e:9c:2b:fa:aa:f1:54:ef:a2:
81:bd:4e:1b:65:4d:48:eb:b9:3f:7d:f0:8e:3c:0a:d7:29:88:
9a:d8:19:40:c0:42:64:84:9d:4c:a6:99:79:86:7b:92:9f:5b:
f8:87:c2:cd:06:31:7f:cd:cf:2f:ba:b2:7f:54:04:0a:34:93:
ce:de:bc:e6:b9:06:aa:4e:04:13:c5:d0:73:40:d4:8d:f5:83:
d7:11:a8:77:f7:03:f2:3a:c0:5b:52:51:61:84:0e:6a:88:40:
43:d0:69:a7:d0:80:f8:6a:9c:f2:41:54:3b:38:df:35:de:ba:
7f:fd:0a:ae:e1:48:27:64:6c:b7:75:04:e1:0a:c9:d0:31:82:
11:a7:aa:cb:27:4c:e7:9a:38:80:9b:ba:a2:9b:66:1a:e8:e3:
32:be:e8:0e:93:a4:52:83:e9:62:36:00:7a:84:97:5b:3b:f8:
f5:c6:40:80
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATvMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE2MTAxOTI0WhcNMjUwMzE2MTAxOTI0WjAYMRYw
FAYDVQQDEw02Nzg4ZGQyZi1iZjNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqxc2k3neAT7rhE/sDqSTB+O/WIGCpYfviWjQCNclNxbWFKLVeD4a7HyC
8gtMJSD7Qn+orBEJnOs5RhJleRKYFV19WTMGVODgrH7c25Wag4ZfyTw7L8X9SetS
MnN+GVtQM+AGQpTdlxPiw3RRklSYMs1RbFbT/7flXsUQuZTYQkBPq0BqzZBvkoBw
67q/YBz9ZAqsqsBwQ9OMex8wUjSk1AOifuQXgj3KA2J9RdH1xxXi5MjzVvOwf+tl
Tz7YZ4DitICcSVRsbr+ar2cV9PzfqggfLIGtZKyHkhc9VIg+0q6gyYVA6RL/J8pq
glo68ChoHhcoTpGwpIssGdTXCXRqywIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCwv
dpdVnDT1rElWq/7xcm/nXm5yMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81REFEMjZDMEQzRjMxMUVGQTBGQTQwNTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmsRwMA0GCSqGSIb3DQEB
CwUAA4IBAQADlTlq49oW52F4VWtsks95MqPnG6fbrgwc31W6WmHc4x6/rhjjUI+w
JYWoi18IHg03ENBljOkJa6jU06nJSCQcJZ9Z3/kVvJbXJOFIsX5hDQCenCv6qvFU
76KBvU4bZU1I67k/ffCOPArXKYia2BlAwEJkhJ1Mppl5hnuSn1v4h8LNBjF/zc8v
urJ/VAQKNJPO3rzmuQaqTgQTxdBzQNSN9YPXEah39wPyOsBbUlFhhA5qiEBD0Gmn
0ID4apzyQVQ7ON813rp//Qqu4UgnZGy3dQThCsnQMYIRp6rLJ0znmjiAm7qim2Ya
6OMyvugOk6RSg+liNgB6hJdbO/j1xkCA
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:39:48 2025 by rpki-client