Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/65BD6054CADA11EFB9001780762E951A.roa
File: 65BD6054CADA11EFB9001780762E951A.roa (raw, json)
Hash identifier: 0Ben5MMH3IwBRgjXE6WcVpGSawJsFk53DPmsSLj1A48=
Subject key identifier: 43:97:8E:4E:66:75:FF:76:CF:BA:08:64:31:A9:E0:8F:AB:17:6C:BA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013549
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/65BD6054CADA11EFB9001780762E951A.roa
Signing time: Sat 04 Jan 2025 20:28:03 +0000
ROA not before: Sun 05 Jan 2025 20:27:59 +0000
ROA not after: Sat 08 Feb 2025 20:27:59 +0000
asID: 203020
IP address blocks: 154.217.134.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79177 (0x13549)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 5 20:27:59 2025 GMT
Not After : Feb 8 20:27:59 2025 GMT
Subject: CN=677999d3-b33e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c8:be:ab:90:40:b9:d9:d8:75:7e:36:a9:9c:
b7:5e:b7:d5:05:3d:51:8c:de:eb:a1:24:ba:e1:2b:
0e:ec:ff:80:01:5e:aa:9e:a0:0d:eb:07:80:a6:86:
70:ef:b2:b7:c1:6f:2f:e2:70:49:18:fb:54:82:87:
63:3e:4b:e4:c7:fc:6c:03:e8:76:f3:4b:1b:14:9c:
5c:ca:9f:65:72:d1:8d:a2:8a:cd:6b:84:c8:a3:1b:
51:1b:73:a7:07:42:5a:49:a3:fe:5f:c4:d7:36:5a:
50:ac:35:92:ce:19:96:8e:32:a6:44:c1:c7:49:c3:
01:76:51:15:c7:73:d3:24:70:1a:a9:56:74:37:7c:
65:64:8f:97:64:79:1b:8e:27:9b:e1:8e:07:9d:ca:
c1:bc:ae:e9:02:b6:74:75:f4:7f:57:a5:d7:a7:c5:
56:e7:6a:67:51:2d:a3:51:2f:c4:ac:5c:63:5f:3a:
2f:37:01:61:29:37:83:3e:b2:d7:a3:de:85:67:a3:
9a:fe:9a:58:9d:94:50:21:28:54:10:8f:c1:c3:e1:
8b:87:a3:17:cc:97:b8:92:bd:a5:d6:93:b2:8c:f9:
07:06:73:e0:b8:cb:68:d4:20:58:5e:c1:a9:f2:56:
90:2b:3b:d9:a3:e3:ce:c8:d5:72:74:d2:8f:a2:0b:
d0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:97:8E:4E:66:75:FF:76:CF:BA:08:64:31:A9:E0:8F:AB:17:6C:BA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/65BD6054CADA11EFB9001780762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.134.0/23
Signature Algorithm: sha256WithRSAEncryption
72:85:66:33:18:fa:69:33:c4:be:04:3c:ca:e2:fd:20:74:73:
38:41:75:44:e5:a0:8b:48:ab:db:d4:d0:50:2f:ec:4c:26:87:
97:40:23:d5:0e:c2:be:1f:d7:4d:7d:ec:49:36:a1:2f:93:be:
60:be:ae:e9:c3:46:c9:45:5a:db:3e:66:2d:79:8b:47:dc:a6:
96:67:03:e9:6b:9c:f7:f7:ec:53:d7:f4:fa:bf:5a:75:11:c1:
73:1b:33:a9:85:25:88:fc:2f:81:ba:90:6e:e6:d1:b1:a0:15:
aa:c7:91:c3:63:a0:01:bf:ea:6c:9c:b4:bc:03:93:54:37:54:
25:e1:de:38:83:03:56:00:99:5b:c4:a3:b7:20:22:d9:3e:b4:
3b:05:ac:e4:37:fb:84:86:ec:b4:49:4c:44:3c:18:54:21:07:
e5:e1:75:4b:f6:66:29:10:00:93:a1:4e:97:a5:e9:69:4e:bf:
ad:be:db:a2:45:ec:af:3b:ec:8d:6b:b6:4e:63:05:35:05:25:
1a:bf:79:2f:72:99:70:89:55:fb:f5:dc:14:ff:7d:bd:ca:5c:
ed:2e:af:a4:dd:df:6a:9c:45:4f:50:31:47:e8:8f:97:6f:a1:
8d:86:4d:7c:56:ed:cf:1d:68:0a:46:9f:ed:7c:05:44:0e:ad:
96:a8:93:e2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATVJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA1MjAyNzU5WhcNMjUwMjA4MjAyNzU5WjAYMRYw
FAYDVQQDEw02Nzc5OTlkMy1iMzNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy8i+q5BAudnYdX42qZy3XrfVBT1RjN7roSS64SsO7P+AAV6qnqAN6weA
poZw77K3wW8v4nBJGPtUgodjPkvkx/xsA+h280sbFJxcyp9lctGNoorNa4TIoxtR
G3OnB0JaSaP+X8TXNlpQrDWSzhmWjjKmRMHHScMBdlEVx3PTJHAaqVZ0N3xlZI+X
ZHkbjieb4Y4HncrBvK7pArZ0dfR/V6XXp8VW52pnUS2jUS/ErFxjXzovNwFhKTeD
PrLXo96FZ6Oa/ppYnZRQIShUEI/Bw+GLh6MXzJe4kr2l1pOyjPkHBnPguMto1CBY
XsGp8laQKzvZo+POyNVydNKPogvQ+QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEOX
jk5mdf92z7oIZDGp4I+rF2y6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NUJENjA1NENBREExMUVGQjkwMDE3ODA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtmGMA0GCSqGSIb3DQEB
CwUAA4IBAQByhWYzGPppM8S+BDzK4v0gdHM4QXVE5aCLSKvb1NBQL+xMJoeXQCPV
DsK+H9dNfexJNqEvk75gvq7pw0bJRVrbPmYteYtH3KaWZwPpa5z39+xT1/T6v1p1
EcFzGzOphSWI/C+BupBu5tGxoBWqx5HDY6ABv+psnLS8A5NUN1Ql4d44gwNWAJlb
xKO3ICLZPrQ7BazkN/uEhuy0SUxEPBhUIQfl4XVL9mYpEACToU6XpelpTr+tvtui
ReyvO+yNa7ZOYwU1BSUav3kvcplwiVX79dwU/329ylztLq+k3d9qnEVPUDFH6I+X
b6GNhk18Vu3PHWgKRp/tfAVEDq2WqJPi
-----END CERTIFICATE-----
Generated at Fri Apr 25 17:01:04 2025 by rpki-client