Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5FA2AACED73411EFBBE82BA0762E951A.roa
File: 5FA2AACED73411EFBBE82BA0762E951A.roa (raw, json)
Hash identifier: kZPpL+JjzX0aWmErhYR9Nv7D8QUr2LPmyJCx3/gdjtw=
Subject key identifier: CE:CC:73:0D:71:5E:1E:E7:26:95:24:60:DD:96:7F:AB:1C:7E:05:38
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013E5A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5FA2AACED73411EFBBE82BA0762E951A.roa
Signing time: Mon 20 Jan 2025 13:42:21 +0000
ROA not before: Mon 20 Jan 2025 13:42:18 +0000
ROA not after: Wed 05 Feb 2025 13:42:18 +0000
asID: 135097
IP address blocks: 154.213.12.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81498 (0x13e5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 20 13:42:18 2025 GMT
Not After : Feb 5 13:42:18 2025 GMT
Subject: CN=678e52bd-e117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1c:87:c5:c7:07:5c:52:2f:7e:1b:2b:58:85:
cf:42:85:d3:6e:d5:37:fb:39:39:32:8a:87:cb:d8:
8e:66:4c:b5:60:65:64:0c:97:45:9b:83:58:29:81:
a9:76:f9:c7:e2:57:5e:63:24:e2:fb:ab:50:91:b1:
51:89:82:40:3d:9b:ac:4a:11:eb:81:02:30:cd:e6:
a8:c7:f3:2e:a9:b1:55:8a:56:5b:ef:d5:53:d8:77:
25:8e:2f:ce:02:44:21:cd:3b:8e:6c:77:30:4c:76:
93:96:6e:63:de:fa:fa:83:25:eb:d7:35:20:f9:5f:
c5:8d:e9:66:1f:68:3c:2b:6f:7b:73:14:b6:fe:67:
eb:78:f8:e5:f7:df:b8:d4:0b:fe:53:da:59:04:28:
e7:52:a8:46:29:b6:85:57:8e:48:94:b8:2b:d2:8f:
6f:21:bd:80:a0:10:e9:70:f4:e2:31:e6:0a:7e:02:
f2:3b:db:23:10:d6:d7:55:f1:db:0b:83:bb:e5:8f:
12:15:c3:ea:f4:86:38:c4:da:b3:78:71:f4:26:ca:
2b:0a:ef:f1:ea:62:93:cb:30:c0:84:88:86:81:07:
41:b6:6d:c7:13:21:27:05:d4:7c:1e:ec:34:1b:af:
a6:e8:10:fd:f7:09:77:49:b9:83:5f:df:67:91:cb:
75:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:CC:73:0D:71:5E:1E:E7:26:95:24:60:DD:96:7F:AB:1C:7E:05:38
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5FA2AACED73411EFBBE82BA0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.12.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:5e:2a:50:69:17:12:a3:69:41:52:96:bf:70:1f:2f:68:8f:
5e:f4:50:40:55:fc:f4:2e:d7:57:68:19:92:58:55:2e:15:ac:
8b:d0:33:9f:ac:50:65:28:83:d2:2d:0c:e5:09:de:c3:b4:bc:
03:23:11:4c:b8:8c:2b:d0:59:05:b1:6a:07:45:a0:4e:12:6d:
2d:74:9a:5a:f3:09:3e:ac:a8:b2:12:1d:47:3d:d3:63:c2:e4:
ad:3e:ac:1b:1a:12:23:e0:d6:cf:46:4f:50:5d:89:ef:73:4f:
62:0d:6c:18:a8:5b:17:4a:f3:28:10:bc:67:19:1e:55:5a:ae:
6f:ec:04:f0:c1:93:16:45:01:6c:82:ae:9d:6c:7b:84:9a:aa:
87:1a:ed:9b:63:c7:ea:d4:f9:96:49:27:f8:cb:df:ad:7d:1a:
97:ca:db:7a:e1:b5:8a:60:58:17:51:52:d5:aa:2a:f9:ae:b9:
bd:ec:a2:93:b7:44:06:20:cf:34:47:e8:79:6d:30:53:0f:9e:
4c:92:0b:e0:aa:51:a4:62:95:81:45:fd:5e:cb:ff:e9:7b:5c:
74:d7:9d:61:8e:83:de:2c:be:a0:5b:11:bc:6d:e0:a7:d0:33:
27:dc:3d:23:4a:e1:6d:22:c1:e8:ea:5b:20:c9:d1:1f:4f:57:
ca:66:e4:0c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT5aMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIwMTM0MjE4WhcNMjUwMjA1MTM0MjE4WjAYMRYw
FAYDVQQDEw02NzhlNTJiZC1lMTE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsxyHxccHXFIvfhsrWIXPQoXTbtU3+zk5MoqHy9iOZky1YGVkDJdFm4NY
KYGpdvnH4ldeYyTi+6tQkbFRiYJAPZusShHrgQIwzeaox/MuqbFVilZb79VT2Hcl
ji/OAkQhzTuObHcwTHaTlm5j3vr6gyXr1zUg+V/FjelmH2g8K297cxS2/mfrePjl
99+41Av+U9pZBCjnUqhGKbaFV45IlLgr0o9vIb2AoBDpcPTiMeYKfgLyO9sjENbX
VfHbC4O75Y8SFcPq9IY4xNqzeHH0JsorCu/x6mKTyzDAhIiGgQdBtm3HEyEnBdR8
Huw0G6+m6BD99wl3SbmDX99nkct1RQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM7M
cw1xXh7nJpUkYN2Wf6scfgU4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RkEyQUFDRUQ3MzQxMUVGQkJFODJCQTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtUMMA0GCSqGSIb3DQEB
CwUAA4IBAQCMXipQaRcSo2lBUpa/cB8vaI9e9FBAVfz0LtdXaBmSWFUuFayL0DOf
rFBlKIPSLQzlCd7DtLwDIxFMuIwr0FkFsWoHRaBOEm0tdJpa8wk+rKiyEh1HPdNj
wuStPqwbGhIj4NbPRk9QXYnvc09iDWwYqFsXSvMoELxnGR5VWq5v7ATwwZMWRQFs
gq6dbHuEmqqHGu2bY8fq1PmWSSf4y9+tfRqXytt64bWKYFgXUVLVqir5rrm97KKT
t0QGIM80R+h5bTBTD55MkgvgqlGkYpWBRf1ey//pe1x0151hjoPeLL6gWxG8beCn
0DMn3D0jSuFtIsHo6lsgydEfT1fKZuQM
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:45:28 2025 by rpki-client