Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6DB2EEA0D57011EFB6C91298762E951A.roa
File: 6DB2EEA0D57011EFB6C91298762E951A.roa (raw, json)
Hash identifier: HNzye+Zs2kWQT/TpJCkMZRlgSXo+OLvJOAE5JlYxPc4=
Subject key identifier: E5:A4:81:68:E9:15:D8:AB:DE:A4:52:76:04:A0:0E:72:56:8A:84:EC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013DA6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6DB2EEA0D57011EFB6C91298762E951A.roa
Signing time: Sat 18 Jan 2025 07:47:12 +0000
ROA not before: Sat 18 Jan 2025 07:47:09 +0000
ROA not after: Sat 22 Feb 2025 07:47:09 +0000
asID: 55020
IP address blocks: 154.202.120.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81318 (0x13da6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 18 07:47:09 2025 GMT
Not After : Feb 22 07:47:09 2025 GMT
Subject: CN=678b5c80-973f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d4:b4:47:53:fa:f0:13:3f:c7:77:b7:c9:f7:
91:d5:ff:90:c3:29:c5:b9:3f:d2:e1:fb:22:1b:e6:
69:4e:7e:21:9a:65:4a:7b:f5:7b:d4:77:18:0d:d1:
3a:61:65:9e:dc:4b:bf:1d:f5:7b:d5:b8:4c:8a:b3:
aa:2a:7b:52:5d:c2:33:91:7c:a3:ca:73:e3:c2:c4:
c1:aa:ab:fe:8c:01:12:3a:04:7a:82:6d:17:78:0c:
a3:be:f1:8d:f4:38:81:63:bf:00:cf:e9:25:0b:b7:
c7:fd:f2:cd:0f:4e:be:1c:ed:8c:6f:c0:3f:74:00:
09:59:27:ff:f0:51:0f:8c:87:a5:5c:f7:02:42:4c:
4d:e9:4d:7d:9e:4e:6f:5e:36:c3:1b:0c:e6:a3:b0:
cb:50:51:3b:1b:57:27:8c:51:0f:c7:04:33:81:f6:
4a:fb:12:3c:c2:b6:63:28:0e:19:b9:a7:fd:45:bd:
49:cc:f9:fe:90:76:ee:9d:7b:fd:c3:57:19:3b:97:
a2:3b:25:0e:f7:a2:77:b6:8a:a7:48:f6:9d:fb:4e:
94:31:e0:92:97:5d:93:75:20:70:59:ec:41:96:80:
64:71:a6:1a:98:65:fc:a9:7a:85:26:07:d2:26:e6:
72:ae:7e:d0:bf:50:7d:02:eb:7d:8e:34:74:2f:a7:
e1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:A4:81:68:E9:15:D8:AB:DE:A4:52:76:04:A0:0E:72:56:8A:84:EC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6DB2EEA0D57011EFB6C91298762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.120.0/21
Signature Algorithm: sha256WithRSAEncryption
16:e8:79:5e:fd:69:f7:a9:9e:38:fe:d7:09:e2:ff:84:2c:30:
1c:ff:5f:ed:12:9b:25:69:e1:1c:97:3f:f1:36:3e:ba:32:b8:
bb:0b:70:69:cc:0b:75:d0:49:bc:cf:ac:9d:92:2b:81:a3:f8:
4e:51:12:26:11:2d:8b:fe:f0:67:29:89:52:26:cf:0c:c3:85:
b4:41:6b:cb:19:46:15:de:1f:38:6c:1c:dd:b7:04:e4:68:1c:
1d:89:fe:8a:8f:48:5d:1d:e7:6d:73:f3:17:45:7b:2c:2f:5b:
de:47:c8:e0:dc:94:9d:d1:81:2e:26:14:03:12:e6:b2:13:f2:
e9:74:bd:0a:00:15:9e:8f:d3:18:93:e4:c6:09:1d:87:42:72:
97:3d:f2:ee:2b:f7:f9:27:58:e2:09:86:a2:df:e6:fe:fa:b3:
58:99:d5:ef:d4:b4:46:78:06:5c:ac:a3:02:a4:91:e8:f0:a9:
76:96:8a:f5:1a:5c:3e:31:2f:8f:c3:5a:12:f1:c3:73:00:de:
cf:9d:df:97:05:c6:cf:e0:dc:39:87:18:c7:12:dd:aa:ae:5f:
82:98:d8:b4:6e:9b:5c:c1:f9:b5:7c:cc:72:73:21:64:57:ca:
40:e7:a0:e6:f2:77:37:87:53:01:1a:24:e2:87:0f:15:7f:d4:
3b:17:38:05
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT2mMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE4MDc0NzA5WhcNMjUwMjIyMDc0NzA5WjAYMRYw
FAYDVQQDEw02NzhiNWM4MC05NzNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzNS0R1P68BM/x3e3yfeR1f+QwynFuT/S4fsiG+ZpTn4hmmVKe/V71HcY
DdE6YWWe3Eu/HfV71bhMirOqKntSXcIzkXyjynPjwsTBqqv+jAESOgR6gm0XeAyj
vvGN9DiBY78Az+klC7fH/fLND06+HO2Mb8A/dAAJWSf/8FEPjIelXPcCQkxN6U19
nk5vXjbDGwzmo7DLUFE7G1cnjFEPxwQzgfZK+xI8wrZjKA4Zuaf9Rb1JzPn+kHbu
nXv9w1cZO5eiOyUO96J3toqnSPad+06UMeCSl12TdSBwWexBloBkcaYamGX8qXqF
JgfSJuZyrn7Qv1B9Aut9jjR0L6fh+wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOWk
gWjpFdir3qRSdgSgDnJWioTsMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82REIyRUVBMEQ1NzAxMUVGQjZDOTEyOTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmsp4MA0GCSqGSIb3DQEB
CwUAA4IBAQAW6Hle/Wn3qZ44/tcJ4v+ELDAc/1/tEpslaeEclz/xNj66Mri7C3Bp
zAt10Em8z6ydkiuBo/hOURImES2L/vBnKYlSJs8Mw4W0QWvLGUYV3h84bBzdtwTk
aBwdif6Kj0hdHedtc/MXRXssL1veR8jg3JSd0YEuJhQDEuayE/LpdL0KABWej9MY
k+TGCR2HQnKXPfLuK/f5J1jiCYai3+b++rNYmdXv1LRGeAZcrKMCpJHo8Kl2lor1
Glw+MS+Pw1oS8cNzAN7Pnd+XBcbP4Nw5hxjHEt2qrl+CmNi0bptcwfm1fMxycyFk
V8pA56Dm8nc3h1MBGiTihw8Vf9Q7FzgF
-----END CERTIFICATE-----
Generated at Tue Apr 29 01:01:02 2025 by rpki-client