Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5FD3FF80D95E11EFB3D7E676762E951A.roa
File: 5FD3FF80D95E11EFB3D7E676762E951A.roa (raw, json)
Hash identifier: /cEBUNueKXV0+U6/Q0jRX+0DBZAlg9jBOpflNUHFVB4=
Subject key identifier: 0D:55:77:CD:48:3C:46:85:23:C0:7C:D9:5A:90:C7:47:E9:51:B5:9E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014055
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5FD3FF80D95E11EFB3D7E676762E951A.roa
Signing time: Thu 23 Jan 2025 07:48:03 +0000
ROA not before: Thu 23 Jan 2025 07:47:59 +0000
ROA not after: Sat 08 Feb 2025 07:47:59 +0000
asID: 18229
IP address blocks: 154.210.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82005 (0x14055)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 23 07:47:59 2025 GMT
Not After : Feb 8 07:47:59 2025 GMT
Subject: CN=6791f433-ecb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f4:ea:5f:66:a4:a5:d7:97:71:92:71:55:56:
dc:cd:b3:26:bc:4b:e0:0b:5e:1a:87:3c:a9:6c:4f:
87:8d:88:1d:f0:87:98:70:71:e1:47:5d:70:a2:52:
86:45:2c:f9:aa:6a:07:48:99:52:5b:6d:cd:7e:4e:
bc:2c:02:5e:77:80:e7:ec:1a:bc:c4:1e:19:50:0b:
23:59:04:a5:55:bf:83:10:29:16:42:6f:43:08:fa:
ac:59:ce:a6:4d:58:b9:f0:19:7c:77:70:c9:41:96:
2f:32:06:41:54:ef:d3:1e:d4:4e:98:f2:70:13:16:
b3:2a:26:64:18:80:f8:90:1c:10:b9:ef:e0:44:c7:
2e:f4:de:66:75:ce:2f:75:c3:46:44:9e:43:c1:be:
a7:04:44:2e:bd:ed:33:c4:d6:96:af:c7:89:24:42:
7f:71:b7:22:c8:c9:ba:f7:c5:fa:e8:7a:4e:97:af:
e0:12:5b:53:1f:e5:ef:00:11:6c:cf:1b:c9:9a:5e:
16:f2:f2:b5:f0:c8:a8:bd:d2:dc:b9:a9:89:ad:60:
78:61:b2:92:9b:2f:3c:39:73:e6:80:f4:66:8f:e8:
12:68:0d:06:f2:25:d7:7a:cb:60:7c:58:32:7a:dc:
7f:29:a9:6a:69:04:86:4f:04:fb:0c:fe:ba:1e:58:
8e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:55:77:CD:48:3C:46:85:23:C0:7C:D9:5A:90:C7:47:E9:51:B5:9E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5FD3FF80D95E11EFB3D7E676762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.171.0/24
Signature Algorithm: sha256WithRSAEncryption
68:87:0b:1f:07:0a:08:f2:d2:db:bc:1d:5b:af:21:4b:f6:1d:
1c:84:e8:35:21:60:ab:48:8e:47:6d:a7:7d:f2:3b:2c:47:52:
52:19:85:af:3b:53:c7:34:19:e8:ed:53:63:83:fa:10:e2:63:
f9:56:76:8c:9f:d3:4a:db:7f:43:90:bc:28:e2:59:1b:62:91:
c6:fe:b9:99:f1:6f:75:10:da:83:0b:47:04:07:7f:3f:e7:d5:
0e:4f:91:e3:3d:a9:91:4f:f1:2a:16:ce:a5:39:58:9d:43:08:
6a:19:cb:e7:3d:5c:37:c3:49:c9:f7:7f:5c:ce:e3:ab:a7:6d:
d1:fc:14:d6:35:a8:0c:97:46:71:6a:15:81:bd:b3:23:89:b0:
72:09:a4:e0:c7:6f:80:6d:e6:42:4f:d9:3e:89:f3:c6:51:2e:
78:ce:41:3d:ef:12:9f:6d:f9:b5:af:00:bf:f2:ab:0a:a7:1e:
56:39:02:cf:6c:97:59:30:f9:55:e1:42:21:37:86:52:d3:ec:
8a:2c:d1:06:73:4b:d8:2c:71:53:89:3a:39:58:34:4f:62:21:
aa:cf:92:83:90:0d:5f:22:f6:60:a6:af:37:49:d4:d0:a0:ae:
82:97:93:54:00:8d:fc:f2:a4:bd:6b:76:74:ad:e9:f4:fe:6e:
ad:b9:32:45
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUBVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMDc0NzU5WhcNMjUwMjA4MDc0NzU5WjAYMRYw
FAYDVQQDEw02NzkxZjQzMy1lY2I1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz/TqX2akpdeXcZJxVVbczbMmvEvgC14ahzypbE+HjYgd8IeYcHHhR11w
olKGRSz5qmoHSJlSW23Nfk68LAJed4Dn7Bq8xB4ZUAsjWQSlVb+DECkWQm9DCPqs
Wc6mTVi58Bl8d3DJQZYvMgZBVO/THtROmPJwExazKiZkGID4kBwQue/gRMcu9N5m
dc4vdcNGRJ5Dwb6nBEQuve0zxNaWr8eJJEJ/cbciyMm698X66HpOl6/gEltTH+Xv
ABFszxvJml4W8vK18MiovdLcuamJrWB4YbKSmy88OXPmgPRmj+gSaA0G8iXXestg
fFgyetx/KalqaQSGTwT7DP66HliOvQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFA1V
d81IPEaFI8B82VqQx0fpUbWeMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RkQzRkY4MEQ5NUUxMUVGQjNEN0U2NzY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtKrMA0GCSqGSIb3DQEB
CwUAA4IBAQBohwsfBwoI8tLbvB1bryFL9h0chOg1IWCrSI5Hbad98jssR1JSGYWv
O1PHNBno7VNjg/oQ4mP5VnaMn9NK239DkLwo4lkbYpHG/rmZ8W91ENqDC0cEB38/
59UOT5HjPamRT/EqFs6lOVidQwhqGcvnPVw3w0nJ939czuOrp23R/BTWNagMl0Zx
ahWBvbMjibByCaTgx2+AbeZCT9k+ifPGUS54zkE97xKfbfm1rwC/8qsKpx5WOQLP
bJdZMPlV4UIhN4ZS0+yKLNEGc0vYLHFTiTo5WDRPYiGqz5KDkA1fIvZgpq83SdTQ
oK6Cl5NUAI388qS9a3Z0ren0/m6tuTJF
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:46:06 2025 by rpki-client