Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71CAD016CCC911EF83D4DE50762E951A.roa
File: 71CAD016CCC911EF83D4DE50762E951A.roa (raw, json)
Hash identifier: Ot3fL1Tg2Jf33PnTKiirzCJrZZOxrMJ9tmLOoyJMZJM=
Subject key identifier: 25:09:EC:BA:48:F5:4F:99:44:37:40:5C:55:5D:0A:5A:5D:4D:50:7E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013651
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71CAD016CCC911EF83D4DE50762E951A.roa
Signing time: Tue 07 Jan 2025 07:31:44 +0000
ROA not before: Tue 07 Jan 2025 07:31:40 +0000
ROA not after: Thu 13 Feb 2025 07:31:40 +0000
asID: 203020
IP address blocks: 154.209.240.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79441 (0x13651)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 7 07:31:40 2025 GMT
Not After : Feb 13 07:31:40 2025 GMT
Subject: CN=677cd860-f468
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:1d:96:ad:0f:a7:3b:7e:43:3e:cb:38:05:f7:
f4:0c:0e:36:91:26:8b:f3:1c:75:56:4b:f2:1b:cb:
1f:33:a4:d3:50:c0:50:57:af:da:7c:c2:70:c8:af:
55:b3:2d:7a:1b:a1:8a:61:50:93:6d:d6:a0:cc:ac:
ab:01:cb:87:63:b3:7f:0a:c5:9d:0c:7b:41:c5:87:
75:04:4b:37:48:67:05:58:61:54:96:ee:51:e8:bc:
7b:2e:be:87:35:53:c9:17:be:8d:f8:e1:25:a5:17:
b0:75:95:4f:b7:5b:f8:60:0b:04:4e:63:94:1d:f1:
00:c2:48:d0:5b:c1:2d:aa:23:7d:69:da:82:23:a6:
16:71:5c:ae:be:57:8d:5f:fb:e2:29:fc:16:ae:f4:
dd:ff:c1:8c:6f:54:f6:dc:04:6c:1b:9c:98:02:ff:
13:db:d9:62:90:f8:5c:bd:89:93:34:2f:14:7a:e8:
6c:64:bf:82:e4:9a:af:d2:95:e6:e9:8c:7b:66:08:
6f:3a:a6:4f:3b:11:f6:4a:af:30:7e:0e:88:c3:96:
ec:7c:8f:4a:67:83:6e:cd:0d:e1:4e:04:a9:2e:62:
63:67:2c:24:17:c6:9e:6b:5f:5a:fe:25:91:a7:50:
b4:02:34:c0:01:e9:76:cb:da:2e:a4:42:f5:70:a3:
c8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:09:EC:BA:48:F5:4F:99:44:37:40:5C:55:5D:0A:5A:5D:4D:50:7E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71CAD016CCC911EF83D4DE50762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.240.0/21
Signature Algorithm: sha256WithRSAEncryption
26:7b:fc:5c:1d:a0:db:59:09:3a:10:ee:84:5c:ff:f7:e4:b3:
93:55:6c:35:9f:dc:93:84:3f:b6:78:c9:e1:e6:d8:2e:db:c1:
48:2f:83:8f:34:97:9c:29:ff:a6:4d:6d:c6:e7:92:4e:da:22:
3b:62:8c:b0:1d:39:53:c9:05:d8:90:99:dd:9c:1f:54:45:86:
02:b9:d0:89:fe:ef:e1:6f:1b:68:4c:12:19:96:46:07:75:fc:
82:b3:1a:d1:2b:27:bc:bb:43:2a:49:55:f4:7d:d5:1d:02:39:
2b:53:73:10:b6:94:a8:ff:eb:eb:5e:07:85:51:f4:5a:bd:52:
5e:23:d4:b5:e5:9b:fb:a1:97:54:12:51:44:6e:ac:61:a1:ae:
af:71:95:43:93:b0:56:98:c1:2e:d6:e9:68:10:fa:e8:77:42:
40:61:22:a6:76:a3:8c:d3:20:a9:b2:cf:e7:bf:97:87:95:78:
24:15:ec:a1:e3:bc:a3:3b:b1:ca:c0:44:09:93:8c:94:85:7d:
71:4c:cd:58:c6:dd:1f:fc:a9:e0:09:e8:95:e0:52:aa:fd:99:
35:5f:95:9b:6d:a9:b0:ea:a2:39:85:be:ad:67:4e:aa:0e:b6:
4a:7d:80:30:a9:7d:c5:3e:a9:50:67:de:1f:af:ad:da:fc:6a:
53:60:00:75
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATZRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA3MDczMTQwWhcNMjUwMjEzMDczMTQwWjAYMRYw
FAYDVQQDEw02NzdjZDg2MC1mNDY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzx2WrQ+nO35DPss4Bff0DA42kSaL8xx1VkvyG8sfM6TTUMBQV6/afMJw
yK9Vsy16G6GKYVCTbdagzKyrAcuHY7N/CsWdDHtBxYd1BEs3SGcFWGFUlu5R6Lx7
Lr6HNVPJF76N+OElpRewdZVPt1v4YAsETmOUHfEAwkjQW8EtqiN9adqCI6YWcVyu
vleNX/viKfwWrvTd/8GMb1T23ARsG5yYAv8T29likPhcvYmTNC8UeuhsZL+C5Jqv
0pXm6Yx7ZghvOqZPOxH2Sq8wfg6Iw5bsfI9KZ4NuzQ3hTgSpLmJjZywkF8aea19a
/iWRp1C0AjTAAel2y9oupEL1cKPIRwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCUJ
7LpI9U+ZRDdAXFVdClpdTVB+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MUNBRDAxNkNDQzkxMUVGODNENERFNTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmtHwMA0GCSqGSIb3DQEB
CwUAA4IBAQAme/xcHaDbWQk6EO6EXP/35LOTVWw1n9yThD+2eMnh5tgu28FIL4OP
NJecKf+mTW3G55JO2iI7YoywHTlTyQXYkJndnB9URYYCudCJ/u/hbxtoTBIZlkYH
dfyCsxrRKye8u0MqSVX0fdUdAjkrU3MQtpSo/+vrXgeFUfRavVJeI9S15Zv7oZdU
ElFEbqxhoa6vcZVDk7BWmMEu1uloEProd0JAYSKmdqOM0yCpss/nv5eHlXgkFeyh
47yjO7HKwEQJk4yUhX1xTM1Yxt0f/KngCeiV4FKq/Zk1X5Wbbamw6qI5hb6tZ06q
DrZKfYAwqX3FPqlQZ94fr63a/GpTYAB1
-----END CERTIFICATE-----
Generated at Sat Apr 26 02:09:21 2025 by rpki-client