Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5DE9CAECD73311EFB3F3BF99762E951A.roa
File: 5DE9CAECD73311EFB3F3BF99762E951A.roa (raw, json)
Hash identifier: Ndj0E5nORTvvzD9AN8/Wla+AsYOgw8biJKRB9YI252s=
Subject key identifier: EB:AC:F5:7B:3E:58:EE:6B:06:0D:31:4C:DC:2E:61:3A:34:F4:27:5C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013E52
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5DE9CAECD73311EFB3F3BF99762E951A.roa
Signing time: Mon 20 Jan 2025 13:35:09 +0000
ROA not before: Mon 20 Jan 2025 13:35:05 +0000
ROA not after: Wed 05 Feb 2025 13:35:05 +0000
asID: 135097
IP address blocks: 154.213.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81490 (0x13e52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 20 13:35:05 2025 GMT
Not After : Feb 5 13:35:05 2025 GMT
Subject: CN=678e510d-98e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:04:47:04:ff:82:37:88:65:f9:6e:5c:26:1e:
2c:16:89:36:c7:ae:f1:ea:53:80:df:13:4e:e1:8d:
d5:41:4d:8b:96:34:b7:10:c4:31:85:60:ab:46:ff:
e1:e9:25:13:9a:16:f7:ff:a0:76:a2:69:59:1c:bb:
55:19:89:70:87:ee:49:e4:ce:4e:68:b5:b2:2f:8d:
5e:60:92:05:1e:02:f0:3a:42:d6:82:56:d5:c0:e5:
c9:28:ef:5f:06:eb:92:75:7f:02:c2:15:f6:43:45:
f8:31:b2:3f:ef:38:35:2e:f2:24:2c:cc:c8:83:86:
f9:c8:80:21:ca:4d:91:20:d4:4b:0f:c8:a0:d0:95:
49:d0:ff:e2:51:f3:c0:92:3f:81:cb:7c:25:2b:e2:
13:e7:0b:38:82:29:28:21:aa:72:ee:5a:ba:fd:c0:
1d:33:22:98:d9:7e:f2:4a:d9:58:02:29:f5:d7:40:
0e:fb:20:a1:58:fb:2f:53:80:5a:a3:49:70:66:65:
b5:56:9a:99:2b:04:6b:0a:d2:02:34:ce:fe:cb:5b:
01:a8:e2:95:fa:0d:26:c0:4e:f7:ad:f9:00:bc:e0:
1d:95:cf:95:dd:25:f0:17:4c:6b:c3:4d:30:c4:69:
90:ff:c0:61:9a:47:b5:4a:d9:e2:7d:7b:8e:fc:54:
52:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:AC:F5:7B:3E:58:EE:6B:06:0D:31:4C:DC:2E:61:3A:34:F4:27:5C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5DE9CAECD73311EFB3F3BF99762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.11.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:05:41:db:ff:8d:11:53:67:1a:bc:fe:b0:b4:23:91:b8:67:
d8:09:6c:4c:29:83:7a:eb:48:5e:95:a1:61:75:b0:af:05:48:
0b:29:c4:a7:09:ba:11:47:fa:40:9a:55:f1:c2:4d:55:28:62:
81:84:95:8a:ed:f5:a9:5f:33:51:ab:14:52:98:53:16:0b:eb:
50:2a:07:96:1d:63:ab:f6:c0:5b:19:a8:fd:51:e1:5f:6c:d7:
1c:6f:ab:dc:17:7c:86:7c:a7:7b:7c:25:fa:1c:d2:43:65:bd:
65:ce:f1:10:f4:a0:9d:6d:61:5e:1d:d2:3a:96:57:81:2d:21:
cf:e6:79:5a:3f:e7:e6:de:48:1e:db:b1:1f:38:3d:27:65:b6:
56:3a:8b:6c:e1:04:00:98:f8:73:d9:e2:fe:dd:df:22:70:c6:
bc:d1:af:5f:f0:9d:dd:ba:30:73:fa:e2:e2:90:e0:4c:db:6c:
74:3a:a2:58:23:a4:ae:bf:88:3d:11:b7:81:dc:6c:06:1f:82:
08:38:c4:34:bc:b7:d3:37:3e:3e:37:ad:0c:1a:72:93:96:21:
0a:9b:35:97:83:87:21:de:76:cd:4a:60:86:45:79:3e:35:c5:
e2:39:f5:4a:f5:fd:2f:91:21:22:4a:ee:fb:67:bd:0e:06:dc:
a7:0e:22:ac
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT5SMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIwMTMzNTA1WhcNMjUwMjA1MTMzNTA1WjAYMRYw
FAYDVQQDEw02NzhlNTEwZC05OGU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuARHBP+CN4hl+W5cJh4sFok2x67x6lOA3xNO4Y3VQU2LljS3EMQxhWCr
Rv/h6SUTmhb3/6B2omlZHLtVGYlwh+5J5M5OaLWyL41eYJIFHgLwOkLWglbVwOXJ
KO9fBuuSdX8CwhX2Q0X4MbI/7zg1LvIkLMzIg4b5yIAhyk2RINRLD8ig0JVJ0P/i
UfPAkj+By3wlK+IT5ws4gikoIapy7lq6/cAdMyKY2X7yStlYAin110AO+yChWPsv
U4Bao0lwZmW1VpqZKwRrCtICNM7+y1sBqOKV+g0mwE73rfkAvOAdlc+V3SXwF0xr
w00wxGmQ/8Bhmke1StnifXuO/FRSsQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOus
9Xs+WO5rBg0xTNwuYTo09CdcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81REU5Q0FFQ0Q3MzMxMUVGQjNGM0JGOTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtULMA0GCSqGSIb3DQEB
CwUAA4IBAQDVBUHb/40RU2cavP6wtCORuGfYCWxMKYN660helaFhdbCvBUgLKcSn
CboRR/pAmlXxwk1VKGKBhJWK7fWpXzNRqxRSmFMWC+tQKgeWHWOr9sBbGaj9UeFf
bNccb6vcF3yGfKd7fCX6HNJDZb1lzvEQ9KCdbWFeHdI6lleBLSHP5nlaP+fm3kge
27EfOD0nZbZWOots4QQAmPhz2eL+3d8icMa80a9f8J3dujBz+uLikOBM22x0OqJY
I6Suv4g9EbeB3GwGH4IIOMQ0vLfTNz4+N60MGnKTliEKmzWXg4ch3nbNSmCGRXk+
NcXiOfVK9f0vkSEiSu77Z70OBtynDiKs
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:50:15 2025 by rpki-client