Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/64968A42DB6111EF8C3B5986762E951A.roa
File: 64968A42DB6111EF8C3B5986762E951A.roa (raw, json)
Hash identifier: RUhSECOFb/v54dJqFAErTXICtykcvp3GnSieXRXV8lI=
Subject key identifier: DC:A3:FC:FA:FB:C7:49:C9:02:1E:E2:0D:D0:9B:CD:B0:54:A2:C3:1D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014A5E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/64968A42DB6111EF8C3B5986762E951A.roa
Signing time: Sat 25 Jan 2025 21:14:42 +0000
ROA not before: Sat 25 Jan 2025 21:14:38 +0000
ROA not after: Wed 19 Mar 2025 21:14:38 +0000
asID: 138915
IP address blocks: 154.90.48.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84574 (0x14a5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 25 21:14:38 2025 GMT
Not After : Mar 19 21:14:38 2025 GMT
Subject: CN=67955442-0cde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3f:83:60:1f:f1:e9:0c:61:8a:ce:bf:d9:54:
0b:95:5e:60:d2:d2:33:3f:c1:e2:c7:6a:d3:a9:ff:
51:eb:59:11:e5:6e:df:ae:14:fb:e1:05:23:98:86:
09:f2:60:1a:6c:96:92:f7:43:10:6f:8f:6c:60:35:
a8:89:12:30:f5:3b:b1:b3:d9:dc:3b:03:c3:b1:d3:
09:e0:ea:e4:74:ea:06:82:30:a4:71:c8:04:6e:f9:
11:46:ec:4f:c9:8c:48:7d:12:77:91:a0:fc:c9:db:
e1:22:cc:a6:2a:1e:fa:08:0a:b4:bf:61:8f:e5:fd:
4f:50:2c:41:64:7c:e1:96:c6:bb:a4:db:70:b5:38:
9e:da:27:8b:e6:19:78:ba:35:50:c2:56:90:36:bc:
5e:21:5a:1f:09:88:e2:30:98:da:68:2f:b8:29:1f:
ae:d6:78:9e:79:60:f4:91:b3:ad:6b:dc:fd:cd:f0:
89:16:04:2f:ef:ab:19:23:0a:d7:4f:b0:cf:66:cd:
d5:30:44:1c:d6:50:26:8c:de:19:b7:9d:43:32:71:
63:ca:c4:f6:84:36:81:10:21:03:ea:99:7f:ec:57:
79:a2:27:c3:8e:08:f0:d7:52:ab:95:17:ff:bb:fa:
eb:42:c6:21:3f:81:dc:0d:a3:49:ef:ea:a2:46:2a:
0e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A3:FC:FA:FB:C7:49:C9:02:1E:E2:0D:D0:9B:CD:B0:54:A2:C3:1D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/64968A42DB6111EF8C3B5986762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.48.0/23
Signature Algorithm: sha256WithRSAEncryption
89:e6:7c:f5:21:23:48:ba:9b:90:b5:be:c7:4f:3b:78:6a:a1:
21:2d:85:18:64:ae:b9:8c:c8:c9:a9:16:27:4b:b8:e2:33:48:
5f:c9:3a:bc:3c:d2:d7:e0:26:fd:10:87:cd:b9:b2:91:a1:2e:
4f:70:d1:44:19:85:fe:f8:95:79:4b:04:26:54:93:c8:39:2c:
17:f0:73:77:02:b4:20:f5:17:0e:94:6e:78:19:31:68:fe:c1:
09:19:d8:46:59:86:a0:d9:e8:01:0d:6e:98:e2:a2:3d:51:86:
cb:51:e4:bd:cc:db:b4:fd:63:6d:3e:da:17:b2:95:8a:66:da:
d3:23:86:3e:ef:be:d7:96:45:fc:0f:2c:06:1a:aa:5c:e4:63:
32:17:0b:d8:31:a2:ad:d9:20:23:85:99:73:eb:8d:5e:55:ef:
b3:4f:90:2a:fc:47:79:1d:01:2e:f3:dc:46:e7:53:11:d0:b6:
6c:78:4b:bd:67:29:60:23:15:57:82:b5:5d:60:1a:2b:1a:ad:
be:fa:fb:38:66:fb:43:ed:99:c6:fe:5a:2b:95:07:9c:85:b6:
55:35:bb:48:cb:c3:b8:42:7d:a1:a3:d6:d6:f6:d2:63:81:d1:
c7:a3:ee:88:d9:28:f5:bb:a2:1f:67:1b:21:ba:73:eb:43:55:
18:0d:4c:5a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUpeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI1MjExNDM4WhcNMjUwMzE5MjExNDM4WjAYMRYw
FAYDVQQDEw02Nzk1NTQ0Mi0wY2RlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmT+DYB/x6Qxhis6/2VQLlV5g0tIzP8Hix2rTqf9R61kR5W7frhT74QUj
mIYJ8mAabJaS90MQb49sYDWoiRIw9Tuxs9ncOwPDsdMJ4OrkdOoGgjCkccgEbvkR
RuxPyYxIfRJ3kaD8ydvhIsymKh76CAq0v2GP5f1PUCxBZHzhlsa7pNtwtTie2ieL
5hl4ujVQwlaQNrxeIVofCYjiMJjaaC+4KR+u1nieeWD0kbOta9z9zfCJFgQv76sZ
IwrXT7DPZs3VMEQc1lAmjN4Zt51DMnFjysT2hDaBECED6pl/7Fd5oifDjgjw11Kr
lRf/u/rrQsYhP4HcDaNJ7+qiRioOHwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNyj
/Pr7x0nJAh7iDdCbzbBUosMdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NDk2OEE0MkRCNjExMUVGOEMzQjU5ODY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlowMA0GCSqGSIb3DQEB
CwUAA4IBAQCJ5nz1ISNIupuQtb7HTzt4aqEhLYUYZK65jMjJqRYnS7jiM0hfyTq8
PNLX4Cb9EIfNubKRoS5PcNFEGYX++JV5SwQmVJPIOSwX8HN3ArQg9RcOlG54GTFo
/sEJGdhGWYag2egBDW6Y4qI9UYbLUeS9zNu0/WNtPtoXspWKZtrTI4Y+777XlkX8
DywGGqpc5GMyFwvYMaKt2SAjhZlz641eVe+zT5Aq/Ed5HQEu89xG51MR0LZseEu9
ZylgIxVXgrVdYBorGq2++vs4ZvtD7ZnG/lorlQechbZVNbtIy8O4Qn2ho9bW9tJj
gdHHo+6I2Sj1u6IfZxshunPrQ1UYDUxa
-----END CERTIFICATE-----
Generated at Sat Apr 26 02:17:06 2025 by rpki-client