Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/88A5929ECADF11EF854107A1762E951A.roa
File: 88A5929ECADF11EF854107A1762E951A.roa (raw, json)
Hash identifier: jehk4kxH0SjqU7vMN4Rw9XUnIvsk/0+s9JkDPPYGDIw=
Subject key identifier: A3:5B:92:C5:5B:9F:BC:B3:7F:D4:F3:EB:66:16:31:17:3B:DC:E8:29
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013561
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/88A5929ECADF11EF854107A1762E951A.roa
Signing time: Sat 04 Jan 2025 21:04:49 +0000
ROA not before: Sun 05 Jan 2025 21:04:45 +0000
ROA not after: Tue 04 Feb 2025 21:04:45 +0000
asID: 203020
IP address blocks: 154.207.124.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79201 (0x13561)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 5 21:04:45 2025 GMT
Not After : Feb 4 21:04:45 2025 GMT
Subject: CN=6779a271-fb44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:66:56:9a:8a:9c:38:a9:fe:08:02:fa:64:66:
c6:1a:75:ea:e2:2e:d8:13:15:54:75:78:74:8d:31:
c0:a1:95:24:ce:22:0e:8f:31:ab:ad:3f:f4:91:e2:
a9:1f:ef:58:83:34:da:23:29:f5:90:e4:26:ae:87:
a1:00:07:17:92:76:82:1f:b1:77:e8:83:3c:30:3a:
ca:ae:f2:63:cb:f7:eb:ed:18:59:81:54:fa:ba:48:
e8:fd:c3:db:2c:78:76:7b:5e:68:e6:69:75:9c:94:
2e:96:b4:b7:e1:ac:f3:b6:be:43:8c:ef:50:6c:15:
c5:48:16:5f:b3:47:b8:e4:4a:91:e6:b5:2b:b8:4d:
9c:3e:7e:03:d4:bb:26:37:07:4d:d7:43:c1:02:27:
ab:d8:8b:41:da:7d:77:ec:04:89:ed:d6:37:60:ab:
24:fc:dd:24:d0:3c:86:e5:b7:3c:2b:f9:f5:9d:d7:
d4:5f:10:63:aa:53:e8:16:6a:44:ed:da:ec:b7:ee:
fe:d5:b7:77:aa:df:e8:54:cd:55:15:84:40:e6:32:
3b:30:84:9b:db:c2:25:eb:1e:a8:2f:5a:7e:b0:64:
2b:8a:f7:df:27:b1:3c:eb:d6:82:fa:9d:f6:5a:a6:
e4:fd:d0:1d:dd:89:cb:ab:11:c9:2e:f2:de:f0:ef:
56:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:5B:92:C5:5B:9F:BC:B3:7F:D4:F3:EB:66:16:31:17:3B:DC:E8:29
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/88A5929ECADF11EF854107A1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.124.0/23
Signature Algorithm: sha256WithRSAEncryption
ce:46:73:a7:91:5e:c6:71:f9:cf:6a:f7:62:aa:32:a8:e8:47:
18:ee:01:be:c9:36:52:cc:8d:f1:71:b5:3b:ce:b3:4e:01:6c:
af:0c:10:b8:ec:c9:f7:45:5c:fe:6d:d5:c9:1e:21:8d:23:15:
32:64:a8:95:2a:71:6a:c6:07:93:55:cc:cb:28:d6:34:e3:c1:
ea:b3:b3:b4:6d:14:0f:7d:07:04:db:85:20:00:0a:52:4a:6c:
0d:09:ca:34:89:4d:dd:7e:dc:54:72:8a:a1:33:bb:4a:8f:8c:
50:99:68:a4:ae:12:36:4c:9d:cf:07:99:fe:66:05:71:4a:1d:
60:59:ba:17:65:7b:b0:90:9c:75:66:45:09:f9:52:32:90:c7:
8b:7a:0d:a2:0e:43:b7:d4:ab:6d:66:69:d7:88:35:de:9a:3e:
17:81:6e:de:4b:bf:53:48:25:38:e2:9b:5c:c8:01:0c:66:e8:
bb:62:43:b9:40:94:0f:70:32:50:d9:8d:05:b5:82:30:0f:3b:
3a:55:6c:60:77:d9:39:fe:f8:88:d1:c1:29:51:f4:b8:a1:1b:
7a:23:f7:44:88:da:e8:9e:f1:8d:cc:6e:1e:66:41:10:c3:04:
02:d8:4e:a7:aa:72:74:cd:4e:cb:2f:e3:74:0f:25:d6:d3:7a:
66:73:db:85
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATVhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA1MjEwNDQ1WhcNMjUwMjA0MjEwNDQ1WjAYMRYw
FAYDVQQDEw02Nzc5YTI3MS1mYjQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnWZWmoqcOKn+CAL6ZGbGGnXq4i7YExVUdXh0jTHAoZUkziIOjzGrrT/0
keKpH+9YgzTaIyn1kOQmroehAAcXknaCH7F36IM8MDrKrvJjy/fr7RhZgVT6ukjo
/cPbLHh2e15o5ml1nJQulrS34azztr5DjO9QbBXFSBZfs0e45EqR5rUruE2cPn4D
1LsmNwdN10PBAier2ItB2n137ASJ7dY3YKsk/N0k0DyG5bc8K/n1ndfUXxBjqlPo
FmpE7drst+7+1bd3qt/oVM1VFYRA5jI7MISb28Il6x6oL1p+sGQrivffJ7E869aC
+p32Wqbk/dAd3YnLqxHJLvLe8O9WVwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKNb
ksVbn7yzf9Tz62YWMRc73OgpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84OEE1OTI5RUNBREYxMUVGODU0MTA3QTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms98MA0GCSqGSIb3DQEB
CwUAA4IBAQDORnOnkV7GcfnPavdiqjKo6EcY7gG+yTZSzI3xcbU7zrNOAWyvDBC4
7Mn3RVz+bdXJHiGNIxUyZKiVKnFqxgeTVczLKNY048Hqs7O0bRQPfQcE24UgAApS
SmwNCco0iU3dftxUcoqhM7tKj4xQmWikrhI2TJ3PB5n+ZgVxSh1gWboXZXuwkJx1
ZkUJ+VIykMeLeg2iDkO31KttZmnXiDXemj4XgW7eS79TSCU44ptcyAEMZui7YkO5
QJQPcDJQ2Y0FtYIwDzs6VWxgd9k5/viI0cEpUfS4oRt6I/dEiNronvGNzG4eZkEQ
wwQC2E6nqnJ0zU7LL+N0DyXW03pmc9uF
-----END CERTIFICATE-----
Generated at Fri Apr 25 17:03:32 2025 by rpki-client