Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6DB03A0CDA5C11EF9DD2D7A7762E951A.roa
File: 6DB03A0CDA5C11EF9DD2D7A7762E951A.roa (raw, json)
Hash identifier: b5ePu+ocbn9dBT4oUUWEtM/TeS7l3qkAKA0NvcAXZ60=
Subject key identifier: 2E:36:95:46:9B:A6:D0:48:9B:39:05:26:24:A6:D8:1E:7E:31:B3:AE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0147E6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6DB03A0CDA5C11EF9DD2D7A7762E951A.roa
Signing time: Fri 24 Jan 2025 14:06:38 +0000
ROA not before: Fri 24 Jan 2025 14:06:34 +0000
ROA not after: Fri 28 Feb 2025 14:06:34 +0000
asID: 62240
IP address blocks: 154.194.80.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83942 (0x147e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 14:06:34 2025 GMT
Not After : Feb 28 14:06:34 2025 GMT
Subject: CN=67939e6e-e731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:37:9d:11:1c:c2:78:4d:6b:9c:c8:71:35:55:
44:0c:74:a1:37:0b:f0:39:fe:b3:61:53:43:ca:eb:
88:ec:be:ab:a8:05:78:60:96:b3:1a:3a:94:46:10:
8d:57:06:f3:47:70:04:f4:ad:17:be:8b:36:6f:70:
59:d1:84:1d:b4:bc:ae:7b:3c:9c:a1:eb:6b:0c:0a:
24:3f:71:3f:ab:dd:1d:9a:d6:42:c9:93:7f:0d:e0:
eb:54:5c:97:23:23:98:d3:12:8a:6a:37:7d:10:e2:
66:e9:f6:f6:c0:e6:bd:27:02:a8:39:11:95:e9:99:
a6:d2:16:5e:5d:a5:57:9a:25:dc:52:4e:5c:6a:14:
4c:62:fc:bd:66:ba:62:6d:41:5a:9b:19:9d:f6:54:
67:d6:1c:a4:a6:c8:6f:35:06:0c:81:b1:cd:80:cb:
bc:ad:d8:10:91:39:77:00:f9:41:60:e4:3b:90:d1:
7e:ca:13:68:24:7b:e6:94:da:dc:00:c1:24:bf:c5:
37:51:e3:24:79:7b:75:d2:c7:99:d4:43:c3:a4:94:
67:78:e8:6c:32:d7:ec:e0:ba:1b:f4:ac:56:42:4f:
41:d9:67:c9:af:85:74:bb:13:f0:3d:a6:7b:50:e7:
bd:f9:c8:85:f2:6a:1c:0e:f5:8c:54:1c:84:d0:2b:
21:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:36:95:46:9B:A6:D0:48:9B:39:05:26:24:A6:D8:1E:7E:31:B3:AE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6DB03A0CDA5C11EF9DD2D7A7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.80.0/21
Signature Algorithm: sha256WithRSAEncryption
00:f3:c3:4d:66:78:1a:ee:64:a7:cc:19:75:aa:4b:a0:b3:19:
ce:51:a1:fe:e0:85:79:a3:c4:ab:90:7b:d8:23:d9:87:a3:44:
a0:c6:2a:de:76:4f:c8:58:36:2c:7d:0a:02:d8:3e:14:e2:1d:
e3:8f:1e:82:b7:f4:c8:93:4c:0f:a7:55:21:1b:ec:72:2c:39:
c8:bb:e3:fc:46:58:38:47:c4:2f:52:36:5a:44:97:e1:3a:af:
e9:db:f9:e6:f3:c6:70:f7:43:a3:31:8a:28:34:d5:4f:56:a0:
d1:66:8a:c4:3c:20:3b:1e:1d:e6:e7:3a:5e:6e:62:39:ed:0c:
e7:98:88:1a:d0:bf:43:7a:91:fc:be:33:26:09:22:78:3d:47:
fd:0b:65:36:6f:27:c2:9a:c8:a8:a5:40:fe:71:f1:8d:6a:5a:
70:02:a9:f8:7e:af:81:fb:01:c3:34:b9:e0:5f:09:2f:48:2a:
29:08:23:f9:68:f5:ff:56:95:44:e6:76:a8:b6:de:d2:8f:34:
66:6e:46:ab:12:52:1e:6d:2d:55:45:6f:eb:96:1f:5e:13:73:
b0:d3:04:1e:3c:f7:f1:bb:1b:8f:02:e6:7a:96:85:ef:2f:53:
7f:b6:86:9b:50:a3:4a:70:05:e0:e8:a9:f9:69:99:dc:f0:f3:
29:1d:5b:ae
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUfmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTQwNjM0WhcNMjUwMjI4MTQwNjM0WjAYMRYw
FAYDVQQDEw02NzkzOWU2ZS1lNzMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0DedERzCeE1rnMhxNVVEDHShNwvwOf6zYVNDyuuI7L6rqAV4YJazGjqU
RhCNVwbzR3AE9K0Xvos2b3BZ0YQdtLyuezycoetrDAokP3E/q90dmtZCyZN/DeDr
VFyXIyOY0xKKajd9EOJm6fb2wOa9JwKoORGV6Zmm0hZeXaVXmiXcUk5cahRMYvy9
ZrpibUFamxmd9lRn1hykpshvNQYMgbHNgMu8rdgQkTl3APlBYOQ7kNF+yhNoJHvm
lNrcAMEkv8U3UeMkeXt10seZ1EPDpJRneOhsMtfs4Lob9KxWQk9B2WfJr4V0uxPw
PaZ7UOe9+ciF8mocDvWMVByE0CshnQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFC42
lUabptBImzkFJiSm2B5+MbOuMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82REIwM0EwQ0RBNUMxMUVGOUREMkQ3QTc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmsJQMA0GCSqGSIb3DQEB
CwUAA4IBAQAA88NNZnga7mSnzBl1qkugsxnOUaH+4IV5o8SrkHvYI9mHo0Sgxire
dk/IWDYsfQoC2D4U4h3jjx6Ct/TIk0wPp1UhG+xyLDnIu+P8Rlg4R8QvUjZaRJfh
Oq/p2/nm88Zw90OjMYooNNVPVqDRZorEPCA7Hh3m5zpebmI57QznmIga0L9DepH8
vjMmCSJ4PUf9C2U2byfCmsiopUD+cfGNalpwAqn4fq+B+wHDNLngXwkvSCopCCP5
aPX/VpVE5naott7SjzRmbkarElIebS1VRW/rlh9eE3Ow0wQePPfxuxuPAuZ6loXv
L1N/toabUKNKcAXg6Kn5aZnc8PMpHVuu
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:21:13 2025 by rpki-client