Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/624C93FCDA5911EFAFC7E392762E951A.roa
File: 624C93FCDA5911EFAFC7E392762E951A.roa (raw, json)
Hash identifier: xta/umI9MSpwvYP1ZTlyCoN/3Y4uYa9y0GkNdFCDzpo=
Subject key identifier: 8B:5C:2A:1C:FB:BA:AA:7A:BF:F0:0C:90:81:60:FA:30:0D:02:59:EF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0147A6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/624C93FCDA5911EFAFC7E392762E951A.roa
Signing time: Fri 24 Jan 2025 13:44:51 +0000
ROA not before: Fri 24 Jan 2025 13:44:47 +0000
ROA not after: Fri 28 Feb 2025 13:44:47 +0000
asID: 62240
IP address blocks: 154.195.128.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83878 (0x147a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 13:44:47 2025 GMT
Not After : Feb 28 13:44:47 2025 GMT
Subject: CN=67939953-ce15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:94:0d:bc:98:b4:a1:ec:83:78:8e:06:ed:8c:
8a:9e:67:3b:f0:ca:57:7e:52:7a:66:7d:d0:e7:34:
49:7d:80:66:62:0d:35:be:49:71:99:3f:3b:83:70:
58:28:b9:3b:5c:c8:e6:ef:86:0f:b8:7d:e0:5f:a9:
1c:34:3f:06:e7:07:b9:a4:55:66:95:a9:91:27:65:
0c:63:7e:f7:a6:d7:0f:ef:d4:78:ed:1a:93:08:2b:
5e:a0:ab:11:9d:c3:a7:fd:fc:2b:0b:cd:13:14:21:
ff:c3:d8:d6:f0:f8:60:7a:15:21:79:5b:55:10:82:
47:e5:61:8d:9e:fb:58:13:6a:f2:08:46:1a:c7:64:
c4:b0:56:40:29:84:b4:9f:ff:e9:a7:4d:19:2a:96:
20:5d:fe:c4:94:8d:86:38:16:4f:9d:b5:bf:4a:0d:
63:1e:be:d5:a2:13:a7:dc:ff:af:e7:3c:ee:39:19:
7a:d7:31:17:ba:e2:37:b7:ac:7f:2b:cf:fe:3f:5b:
7d:0f:4f:c2:0b:c7:80:09:f1:68:08:f3:23:81:c2:
fa:1e:73:74:8d:eb:7d:1b:f1:5a:17:79:7d:17:c8:
97:b1:b2:18:ed:6d:1b:57:59:3e:f5:6f:44:2c:e3:
42:c9:f8:1e:6d:4a:16:4c:2d:9d:c0:dd:c5:61:13:
e7:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:5C:2A:1C:FB:BA:AA:7A:BF:F0:0C:90:81:60:FA:30:0D:02:59:EF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/624C93FCDA5911EFAFC7E392762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.128.0/18
Signature Algorithm: sha256WithRSAEncryption
62:f6:66:12:28:69:43:a9:be:78:a3:8b:15:19:e4:d6:c2:18:
be:aa:a0:3a:d5:80:59:78:22:b1:e2:f1:eb:33:d7:b0:ac:01:
cc:1d:cd:16:e0:1d:7b:a1:b6:90:28:42:b9:9f:7d:9b:7a:f8:
64:cf:09:99:6b:a5:b4:59:17:01:43:3a:a3:6d:9a:bc:58:fc:
ab:24:39:38:18:83:f4:d4:ae:9f:d9:76:ae:08:2a:db:8e:f9:
8f:9e:2b:24:40:b3:ab:a2:b3:77:33:8e:d6:7c:73:f3:5d:65:
7a:53:e6:da:56:2c:96:22:de:c3:43:30:52:88:1e:ca:db:87:
6e:ce:e6:4d:c8:bb:f8:0f:46:c4:f0:32:0e:91:62:2f:13:9a:
a0:87:82:7a:cc:d8:35:b0:8f:66:8f:af:c0:e8:46:51:e6:b4:
4a:2e:f5:b0:66:de:7b:c3:80:7f:06:77:22:22:82:fb:0b:82:
ce:e0:21:b2:f6:ed:9f:af:61:9c:02:65:03:d0:f6:35:86:42:
c0:03:cd:8d:c6:fe:59:f6:ba:ff:95:dc:81:55:af:73:7d:f9:
80:60:48:55:e0:44:ac:d0:22:fc:b8:87:74:ba:4f:84:1f:18:
0c:8e:14:80:65:f2:a2:f6:af:c4:9a:69:c3:07:ec:00:83:ae:
a4:95:39:90
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUemMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTM0NDQ3WhcNMjUwMjI4MTM0NDQ3WjAYMRYw
FAYDVQQDEw02NzkzOTk1My1jZTE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwpQNvJi0oeyDeI4G7YyKnmc78MpXflJ6Zn3Q5zRJfYBmYg01vklxmT87
g3BYKLk7XMjm74YPuH3gX6kcND8G5we5pFVmlamRJ2UMY373ptcP79R47RqTCCte
oKsRncOn/fwrC80TFCH/w9jW8PhgehUheVtVEIJH5WGNnvtYE2ryCEYax2TEsFZA
KYS0n//pp00ZKpYgXf7ElI2GOBZPnbW/Sg1jHr7VohOn3P+v5zzuORl61zEXuuI3
t6x/K8/+P1t9D0/CC8eACfFoCPMjgcL6HnN0jet9G/FaF3l9F8iXsbIY7W0bV1k+
9W9ELONCyfgebUoWTC2dwN3FYRPnJQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFItc
Khz7uqp6v/AMkIFg+jANAlnvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MjRDOTNGQ0RBNTkxMUVGQUZDN0UzOTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmsOAMA0GCSqGSIb3DQEB
CwUAA4IBAQBi9mYSKGlDqb54o4sVGeTWwhi+qqA61YBZeCKx4vHrM9ewrAHMHc0W
4B17obaQKEK5n32bevhkzwmZa6W0WRcBQzqjbZq8WPyrJDk4GIP01K6f2XauCCrb
jvmPniskQLOrorN3M47WfHPzXWV6U+baViyWIt7DQzBSiB7K24duzuZNyLv4D0bE
8DIOkWIvE5qgh4J6zNg1sI9mj6/A6EZR5rRKLvWwZt57w4B/BnciIoL7C4LO4CGy
9u2fr2GcAmUD0PY1hkLAA82Nxv5Z9rr/ldyBVa9zffmAYEhV4ESs0CL8uId0uk+E
HxgMjhSAZfKi9q/EmmnDB+wAg66klTmQ
-----END CERTIFICATE-----
Generated at Fri Apr 25 21:50:35 2025 by rpki-client