Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5DE50776DCCB11EF982B8B90762E951A.roa
File: 5DE50776DCCB11EF982B8B90762E951A.roa (raw, json)
Hash identifier: byADS5ARHAMu27+d6u7TawQNsn8Zh86H0SpGQcKG9F8=
Subject key identifier: AD:26:D1:2B:9F:B3:71:B4:F9:1E:03:DC:82:13:AD:E8:77:0D:EA:60
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014C75
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5DE50776DCCB11EF982B8B90762E951A.roa
Signing time: Mon 27 Jan 2025 16:25:48 +0000
ROA not before: Mon 27 Jan 2025 16:25:45 +0000
ROA not after: Wed 12 Feb 2025 16:25:45 +0000
asID: 135097
IP address blocks: 154.220.16.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85109 (0x14c75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 27 16:25:45 2025 GMT
Not After : Feb 12 16:25:45 2025 GMT
Subject: CN=6797b38c-8450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d4:9d:e1:91:d3:33:18:f3:4f:2d:0e:c3:6f:
3e:a0:a8:4b:e7:9d:e5:80:0c:10:70:ad:9a:f6:c6:
58:47:88:e7:73:8e:3a:1d:d7:d1:8b:fe:f9:02:fb:
a5:ff:e6:c3:6b:09:fd:71:39:5e:f5:47:bb:b8:b7:
65:d5:5c:7c:bb:6f:39:73:b7:f0:91:d4:12:87:ec:
3d:d2:2a:da:88:2e:b6:0e:73:c7:98:d3:2a:0b:c2:
06:98:de:e7:55:6e:4b:c4:b1:38:a9:12:cb:c0:85:
e7:e2:d8:42:40:98:a5:d0:29:0c:20:7c:35:ca:6e:
74:33:47:9f:8a:e2:37:3b:de:97:26:0e:76:0e:b8:
9b:20:8b:a0:20:66:69:6b:b7:2d:23:b0:b3:a1:ef:
d1:ce:1d:78:ab:08:fc:3b:59:ee:ba:57:94:28:f8:
d3:05:f7:1c:d9:2e:d3:79:41:61:86:0f:e2:70:fd:
90:17:0f:a5:5d:0e:96:5f:00:53:94:d9:11:da:20:
5b:a2:28:16:98:67:cc:d3:6c:37:da:51:49:78:18:
ab:79:40:df:58:6d:79:49:cb:72:3f:64:52:03:ac:
04:7f:f9:2d:3f:fa:5d:a5:a8:7f:8e:c8:9c:82:d4:
97:12:46:28:31:d4:af:93:88:76:dc:15:bb:ca:d7:
c0:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:26:D1:2B:9F:B3:71:B4:F9:1E:03:DC:82:13:AD:E8:77:0D:EA:60
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5DE50776DCCB11EF982B8B90762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.16.0/20
Signature Algorithm: sha256WithRSAEncryption
7c:64:0e:76:06:b0:a7:d6:49:7f:9f:c5:13:4e:f0:92:1b:e5:
ff:13:5b:3b:bd:f8:28:22:0f:76:bf:c9:53:e4:9f:51:14:d0:
31:f0:fa:db:20:09:d4:8f:2a:7f:19:a5:8e:51:47:1b:4f:93:
bf:43:e9:c5:02:11:5f:77:c3:ec:c7:d0:01:99:13:7d:67:1f:
39:c7:67:99:ef:52:2c:76:c3:95:8e:1f:3a:5e:fb:62:a6:16:
ec:9e:01:27:9f:06:28:b0:90:8a:57:f2:08:a3:7e:b6:37:97:
de:19:50:78:53:e6:3c:74:36:5e:30:1c:96:32:0c:30:a0:ed:
18:3f:83:3d:47:24:10:1e:2d:4b:50:f3:ed:2b:59:4f:78:ca:
16:14:27:34:b5:ec:5f:c9:7f:68:47:1a:df:28:73:a6:d1:e1:
82:99:95:59:44:9b:9e:4b:84:0d:9e:0e:69:4c:b7:44:2a:56:
b6:89:ae:70:22:ea:ad:79:e3:40:93:d5:80:5f:17:96:8d:87:
76:45:6d:35:23:c7:85:21:b2:99:35:75:f1:9c:cd:ca:6c:af:
2f:c3:17:fa:cd:c7:c8:1a:50:c4:30:6e:77:7d:b5:fa:41:d9:
2a:9f:d3:dd:59:81:32:10:6a:e5:37:42:35:96:36:67:c4:7a:
76:01:b6:3a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUx1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI3MTYyNTQ1WhcNMjUwMjEyMTYyNTQ1WjAYMRYw
FAYDVQQDEw02Nzk3YjM4Yy04NDUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA19Sd4ZHTMxjzTy0Ow28+oKhL553lgAwQcK2a9sZYR4jnc446HdfRi/75
Avul/+bDawn9cTle9Ue7uLdl1Vx8u285c7fwkdQSh+w90iraiC62DnPHmNMqC8IG
mN7nVW5LxLE4qRLLwIXn4thCQJil0CkMIHw1ym50M0efiuI3O96XJg52DribIIug
IGZpa7ctI7Czoe/Rzh14qwj8O1nuuleUKPjTBfcc2S7TeUFhhg/icP2QFw+lXQ6W
XwBTlNkR2iBboigWmGfM02w32lFJeBireUDfWG15SctyP2RSA6wEf/ktP/pdpah/
jsicgtSXEkYoMdSvk4h23BW7ytfA7QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFK0m
0Sufs3G0+R4D3IITreh3DepgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81REU1MDc3NkRDQ0IxMUVGOTgyQjhCOTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtwQMA0GCSqGSIb3DQEB
CwUAA4IBAQB8ZA52BrCn1kl/n8UTTvCSG+X/E1s7vfgoIg92v8lT5J9RFNAx8Prb
IAnUjyp/GaWOUUcbT5O/Q+nFAhFfd8Psx9ABmRN9Zx85x2eZ71IsdsOVjh86Xvti
phbsngEnnwYosJCKV/IIo362N5feGVB4U+Y8dDZeMByWMgwwoO0YP4M9RyQQHi1L
UPPtK1lPeMoWFCc0texfyX9oRxrfKHOm0eGCmZVZRJueS4QNng5pTLdEKla2ia5w
IuqteeNAk9WAXxeWjYd2RW01I8eFIbKZNXXxnM3KbK8vwxf6zcfIGlDEMG53fbX6
Qdkqn9PdWYEyEGrlN0I1ljZnxHp2AbY6
-----END CERTIFICATE-----
Generated at Tue Apr 29 01:00:54 2025 by rpki-client