Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6410E434DA3D11EFAB7A3E55762E951A.roa
File: 6410E434DA3D11EFAB7A3E55762E951A.roa (raw, json)
Hash identifier: 20ulGRlzGmMvISdIs6dh8IdMM/PGZY7Y5DJeukJ1xj4=
Subject key identifier: E6:7A:BA:9F:A3:01:4A:6D:F1:66:A7:47:6C:9E:C8:62:8E:F7:BD:73
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014582
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6410E434DA3D11EFAB7A3E55762E951A.roa
Signing time: Fri 24 Jan 2025 10:24:28 +0000
ROA not before: Fri 24 Jan 2025 10:24:24 +0000
ROA not after: Tue 11 Mar 2025 10:24:24 +0000
asID: 138915
IP address blocks: 154.95.80.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83330 (0x14582)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 10:24:24 2025 GMT
Not After : Mar 11 10:24:24 2025 GMT
Subject: CN=67936a5c-a701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:61:74:1a:49:8f:4d:42:48:16:9f:8a:83:57:
3a:77:38:42:3e:e0:3c:f2:a9:a5:b4:3b:50:3b:c2:
a0:72:93:69:76:40:53:4c:d5:6a:3a:12:0a:47:fb:
32:9a:5c:c4:e3:89:89:65:3e:7b:38:1b:5c:b5:eb:
a8:7d:2f:c6:3c:37:5c:e9:d0:12:f5:7c:da:7f:a2:
99:56:7a:5a:ef:04:12:1e:f9:b3:0c:1c:78:10:f6:
fd:73:41:db:bf:a4:5b:c6:28:c1:17:04:a5:5b:a5:
33:8a:56:1d:98:e2:4a:27:b6:5a:d3:20:80:16:ee:
02:54:59:10:dc:5b:35:05:57:f7:c3:9c:24:2d:6b:
0e:10:6b:6b:94:8f:80:e1:64:9f:72:7d:fa:91:39:
f6:87:be:65:b8:4b:e2:16:00:81:95:d9:19:44:2b:
e7:47:ea:83:c1:70:a7:ca:1d:46:33:ac:a6:66:f5:
cc:a4:3b:0e:d5:e2:05:c8:96:27:ae:67:2d:d0:dc:
65:88:2f:d5:62:5c:5a:dc:17:6a:b6:e9:66:e2:82:
fb:a8:4c:4b:35:ca:17:89:ec:16:cf:11:bb:48:bc:
c2:2a:57:3a:eb:80:e5:bc:55:23:b0:8a:3d:1a:bb:
25:a7:4b:e2:82:1d:17:aa:0e:23:c2:98:eb:fe:8e:
af:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:7A:BA:9F:A3:01:4A:6D:F1:66:A7:47:6C:9E:C8:62:8E:F7:BD:73
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6410E434DA3D11EFAB7A3E55762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.80.0/24
Signature Algorithm: sha256WithRSAEncryption
54:d9:18:2f:66:f6:e6:2a:7e:71:dc:4c:08:7c:d7:6e:3c:5c:
d9:b7:a5:14:5b:50:88:47:00:c4:80:d9:62:8a:bb:4b:94:6e:
02:63:b2:ce:70:c2:88:e4:32:9e:6c:c1:86:97:29:05:4a:57:
77:e5:2f:90:c4:01:e7:54:aa:29:61:7c:77:13:9e:88:ac:04:
9e:92:d1:f7:54:e6:c7:52:24:e2:1f:a9:b0:a9:0c:71:9e:22:
8b:dc:34:8a:8b:04:61:b3:ce:30:15:c3:73:4a:3d:8c:17:ef:
fc:01:2f:37:90:7d:fc:82:e2:e1:1b:ff:29:1e:66:41:b0:a1:
6b:cd:cb:35:fc:03:a2:45:0d:1a:dc:3c:c4:c5:da:aa:89:c0:
cd:bd:33:e0:02:79:28:a2:b8:ba:6f:b5:b6:c2:b5:3a:c2:0f:
94:78:ef:e9:b1:02:60:01:e0:cf:cf:86:62:84:4a:c9:5d:18:
e6:28:8a:80:e3:c1:eb:78:61:00:95:f4:53:cb:84:91:80:04:
0e:45:4f:d2:5c:5f:89:9d:90:fb:c3:2c:43:27:67:13:9b:a5:
9c:83:37:c9:2b:95:70:2f:86:56:fd:88:6b:8f:7e:a4:fb:57:
db:43:d8:56:2b:56:5e:e6:9b:fe:02:ca:12:85:90:5b:c3:6f:
cc:dc:08:25
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUWCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTAyNDI0WhcNMjUwMzExMTAyNDI0WjAYMRYw
FAYDVQQDEw02NzkzNmE1Yy1hNzAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzmF0GkmPTUJIFp+Kg1c6dzhCPuA88qmltDtQO8KgcpNpdkBTTNVqOhIK
R/symlzE44mJZT57OBtcteuofS/GPDdc6dAS9Xzaf6KZVnpa7wQSHvmzDBx4EPb9
c0Hbv6RbxijBFwSlW6UzilYdmOJKJ7Za0yCAFu4CVFkQ3Fs1BVf3w5wkLWsOEGtr
lI+A4WSfcn36kTn2h75luEviFgCBldkZRCvnR+qDwXCnyh1GM6ymZvXMpDsO1eIF
yJYnrmct0NxliC/VYlxa3Bdqtulm4oL7qExLNcoXiewWzxG7SLzCKlc664DlvFUj
sIo9Grslp0vigh0Xqg4jwpjr/o6vwwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOZ6
up+jAUpt8WanR2yeyGKO971zMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NDEwRTQzNERBM0QxMUVGQUI3QTNFNTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml9QMA0GCSqGSIb3DQEB
CwUAA4IBAQBU2RgvZvbmKn5x3EwIfNduPFzZt6UUW1CIRwDEgNliirtLlG4CY7LO
cMKI5DKebMGGlykFSld35S+QxAHnVKopYXx3E56IrASektH3VObHUiTiH6mwqQxx
niKL3DSKiwRhs84wFcNzSj2MF+/8AS83kH38guLhG/8pHmZBsKFrzcs1/AOiRQ0a
3DzExdqqicDNvTPgAnkoori6b7W2wrU6wg+UeO/psQJgAeDPz4ZihErJXRjmKIqA
48HreGEAlfRTy4SRgAQORU/SXF+JnZD7wyxDJ2cTm6WcgzfJK5VwL4ZW/Yhrj36k
+1fbQ9hWK1Ze5pv+AsoShZBbw2/M3Agl
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:30:21 2025 by rpki-client