Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/651130A0C9C611EFBA7BF7B3762E951A.roa
File: 651130A0C9C611EFBA7BF7B3762E951A.roa (raw, json)
Hash identifier: 5qQKiwAuleS+zBNMLXuwt34cVc60GpPHF5qbg45Iz/I=
Subject key identifier: A3:03:76:83:AD:F6:0A:68:14:C9:B3:78:34:9E:33:E5:02:8F:8E:2F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0134A6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/651130A0C9C611EFBA7BF7B3762E951A.roa
Signing time: Fri 03 Jan 2025 11:32:21 +0000
ROA not before: Fri 03 Jan 2025 11:32:17 +0000
ROA not after: Tue 04 Feb 2025 11:32:17 +0000
asID: 203020
IP address blocks: 154.204.42.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79014 (0x134a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 3 11:32:17 2025 GMT
Not After : Feb 4 11:32:17 2025 GMT
Subject: CN=6777cac5-6781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:45:b3:af:32:62:f1:21:10:0a:02:d0:9f:d5:
b1:41:af:2d:24:ca:a8:49:73:0e:2e:c3:d6:e6:d6:
5f:b0:1c:63:8a:32:5a:52:ef:51:16:1f:4e:1c:d8:
a6:7e:6a:6b:77:9f:81:23:d4:16:aa:6f:8c:1f:5c:
e7:23:6f:a3:2e:e7:2d:ce:ab:68:a0:96:69:a7:f9:
bd:4a:50:c0:66:e7:ce:6b:c3:fb:ca:30:f9:bd:b1:
13:81:4d:6a:b9:98:af:89:78:87:ca:d7:a1:44:a1:
18:bd:f3:bf:30:89:7b:7d:77:2d:28:6f:5a:e7:70:
dc:c5:38:28:04:82:75:c1:e6:f9:68:d8:0c:55:87:
ab:d2:8f:c1:a4:01:1e:5e:a9:62:38:73:7a:b3:6b:
f5:04:80:28:69:f5:af:d3:64:da:58:7a:86:b1:dc:
28:63:3e:ac:df:f6:1a:8a:9f:a3:a1:a3:13:6c:1b:
1c:cf:77:e1:1f:1b:56:9e:03:f0:8c:32:e6:60:43:
ee:d5:81:6d:85:5b:55:fc:80:ee:df:3e:16:e0:09:
ca:b1:9e:cc:a0:9d:fe:6c:01:39:00:74:bb:0b:ef:
9f:1d:0f:9e:cb:dc:ac:52:5b:9a:29:47:95:73:8e:
ca:61:65:41:cc:10:dd:49:49:16:d3:c7:85:ab:f4:
5c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:03:76:83:AD:F6:0A:68:14:C9:B3:78:34:9E:33:E5:02:8F:8E:2F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/651130A0C9C611EFBA7BF7B3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.42.0/24
Signature Algorithm: sha256WithRSAEncryption
84:17:3d:bb:dd:af:2b:da:e3:6c:98:58:ad:72:0d:0d:08:01:
47:5c:63:72:37:81:eb:f5:22:46:b5:75:0f:c2:7b:26:76:95:
c6:b2:b0:48:98:72:b0:a1:49:77:65:96:a4:2e:92:e6:16:92:
56:74:da:ef:f1:df:2b:c4:16:90:e1:20:2d:86:f9:4c:b6:d9:
b0:9f:8e:57:6f:3b:0c:3e:95:40:0d:e8:05:c9:60:5e:ca:da:
63:18:80:ee:cd:d6:f8:3b:80:b9:54:bc:1f:32:dd:69:36:88:
b4:a8:8b:3b:56:7a:d0:8d:be:2b:58:29:0c:82:c2:b2:c8:15:
9f:08:8f:8a:19:59:12:0b:87:74:00:07:b2:54:46:db:54:29:
48:5e:de:d1:bb:16:84:c1:8a:2c:4e:75:59:c4:d8:30:f4:bf:
1a:82:2d:ca:9b:27:96:11:9b:2a:7d:70:23:d4:9d:d0:2b:9d:
ef:04:ce:3f:22:6a:6c:62:f5:58:9f:14:7c:53:a9:48:26:1b:
25:96:c1:ab:45:ce:86:cb:86:5c:f6:83:77:d7:ba:09:1a:d3:
b7:9e:a2:54:16:6a:e9:81:2e:f1:ea:ea:80:a5:2d:bf:42:c4:
ba:e1:d1:43:8a:bc:4b:f6:5b:a7:b2:cf:48:7d:43:ab:d6:05:
7b:15:16:ae
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATSmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAzMTEzMjE3WhcNMjUwMjA0MTEzMjE3WjAYMRYw
FAYDVQQDEw02Nzc3Y2FjNS02NzgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyUWzrzJi8SEQCgLQn9WxQa8tJMqoSXMOLsPW5tZfsBxjijJaUu9RFh9O
HNimfmprd5+BI9QWqm+MH1znI2+jLuctzqtooJZpp/m9SlDAZufOa8P7yjD5vbET
gU1quZiviXiHytehRKEYvfO/MIl7fXctKG9a53DcxTgoBIJ1web5aNgMVYer0o/B
pAEeXqliOHN6s2v1BIAoafWv02TaWHqGsdwoYz6s3/Yaip+joaMTbBscz3fhHxtW
ngPwjDLmYEPu1YFthVtV/IDu3z4W4AnKsZ7MoJ3+bAE5AHS7C++fHQ+ey9ysUlua
KUeVc47KYWVBzBDdSUkW08eFq/RcLwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKMD
doOt9gpoFMmzeDSeM+UCj44vMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NTExMzBBMEM5QzYxMUVGQkE3QkY3QjM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmswqMA0GCSqGSIb3DQEB
CwUAA4IBAQCEFz273a8r2uNsmFitcg0NCAFHXGNyN4Hr9SJGtXUPwnsmdpXGsrBI
mHKwoUl3ZZakLpLmFpJWdNrv8d8rxBaQ4SAthvlMttmwn45XbzsMPpVADegFyWBe
ytpjGIDuzdb4O4C5VLwfMt1pNoi0qIs7VnrQjb4rWCkMgsKyyBWfCI+KGVkSC4d0
AAeyVEbbVClIXt7RuxaEwYosTnVZxNgw9L8agi3KmyeWEZsqfXAj1J3QK53vBM4/
ImpsYvVYnxR8U6lIJhsllsGrRc6Gy4Zc9oN317oJGtO3nqJUFmrpgS7x6uqApS2/
QsS64dFDirxL9lunss9IfUOr1gV7FRau
-----END CERTIFICATE-----
Generated at Fri Apr 25 16:57:59 2025 by rpki-client