Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8CD486BAD8DE11EFB0D5A195762E951A.roa
File: 8CD486BAD8DE11EFB0D5A195762E951A.roa (raw, json)
Hash identifier: Wf9Gq5Iv9voo6t2PIjIPVotj7T8D8xLwP0DKw59WDto=
Subject key identifier: 00:16:4B:39:0C:8E:C2:4F:AD:1C:92:73:84:B0:FE:E2:6B:DF:EC:39
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013FE6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8CD486BAD8DE11EFB0D5A195762E951A.roa
Signing time: Wed 22 Jan 2025 16:33:03 +0000
ROA not before: Wed 22 Jan 2025 16:32:58 +0000
ROA not after: Sat 15 Mar 2025 16:32:58 +0000
asID: 138915
IP address blocks: 154.206.112.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81894 (0x13fe6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 22 16:32:58 2025 GMT
Not After : Mar 15 16:32:58 2025 GMT
Subject: CN=67911dbf-5fb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:70:59:f8:da:bc:95:d2:11:c2:4f:66:7f:c9:
85:fc:84:d6:52:52:f5:99:db:16:56:67:b3:1f:b0:
ac:62:e4:df:7e:28:32:b8:97:69:87:63:f0:03:86:
5b:94:bf:b1:a2:43:57:d4:fd:b6:86:d5:2f:55:f0:
06:b5:41:75:c1:12:56:3f:5e:24:ab:34:ac:d9:bf:
d2:a7:f8:1c:3c:3f:7d:3c:6c:75:cb:d2:6f:65:20:
3b:97:f7:c5:c4:4c:7e:50:f1:8d:ff:96:f2:d4:9b:
43:b8:b7:34:d5:1a:9f:a9:03:42:8a:14:ad:d1:f1:
1c:7c:b9:42:5e:63:57:68:99:01:6f:1a:8a:e2:73:
53:f6:f1:c7:e9:34:96:68:6f:0a:23:e6:90:58:47:
86:4d:f1:34:8a:b4:a2:e8:ab:0e:38:8d:3b:9a:ef:
1b:00:f6:7c:f0:fd:2e:c5:f5:23:44:bf:18:29:26:
58:e8:92:57:5f:43:16:5d:4b:36:ff:33:26:ce:9b:
8c:b8:62:1d:25:ba:47:b0:81:d6:46:88:fa:a1:cc:
dd:0e:b0:b7:b8:e9:89:38:23:1f:4e:aa:13:15:e5:
98:a0:60:23:80:62:63:86:af:f3:ad:b8:ca:3a:f8:
4b:4e:06:65:61:ad:86:d5:f9:c1:78:f8:dd:3b:d6:
53:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:16:4B:39:0C:8E:C2:4F:AD:1C:92:73:84:B0:FE:E2:6B:DF:EC:39
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8CD486BAD8DE11EFB0D5A195762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.112.0/23
Signature Algorithm: sha256WithRSAEncryption
90:d9:ed:b9:0f:9e:34:18:66:7d:9f:e8:05:26:c3:35:9e:ee:
0c:7b:19:e6:ee:30:70:21:b1:88:31:17:b5:19:04:3a:e7:0c:
c9:1d:f9:e6:9a:80:53:0d:53:64:65:86:65:4c:12:82:c4:d5:
ac:79:19:5b:31:22:0d:fa:e1:8a:44:d6:f9:eb:e1:44:a4:f7:
fe:83:b6:b3:da:52:6c:ff:1d:a3:a4:c4:63:00:b2:e0:38:9b:
8d:a5:0c:bb:1d:39:20:61:25:5f:ee:d0:51:cf:60:2c:e6:6d:
87:d9:c4:a1:77:7b:af:4a:ac:7a:73:a8:ea:fc:40:f1:81:7f:
78:1a:27:ba:5a:f6:72:cf:75:36:01:3c:db:e6:10:9c:36:b0:
96:15:66:44:82:71:9c:44:83:5b:9d:f5:76:b7:a6:fc:92:5a:
d0:b3:77:c6:1c:18:0a:79:c1:13:2c:2a:ba:30:37:46:87:e2:
3f:ea:35:6f:e6:83:b6:78:58:16:52:cd:4c:50:ab:a4:2d:b2:
af:04:41:71:1a:18:9b:9c:0a:d7:73:c8:0e:6c:5f:da:4c:3d:
77:42:5d:b2:1f:fa:f4:26:cd:13:68:97:f2:24:0d:05:b3:5e:
88:ef:01:34:21:e7:3e:5d:47:21:4d:8f:ce:88:80:ca:1f:75:
1a:57:3f:3e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT/mMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIyMTYzMjU4WhcNMjUwMzE1MTYzMjU4WjAYMRYw
FAYDVQQDEw02NzkxMWRiZi01ZmI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo3BZ+Nq8ldIRwk9mf8mF/ITWUlL1mdsWVmezH7CsYuTffigyuJdph2Pw
A4ZblL+xokNX1P22htUvVfAGtUF1wRJWP14kqzSs2b/Sp/gcPD99PGx1y9JvZSA7
l/fFxEx+UPGN/5by1JtDuLc01RqfqQNCihSt0fEcfLlCXmNXaJkBbxqK4nNT9vHH
6TSWaG8KI+aQWEeGTfE0irSi6KsOOI07mu8bAPZ88P0uxfUjRL8YKSZY6JJXX0MW
XUs2/zMmzpuMuGIdJbpHsIHWRoj6oczdDrC3uOmJOCMfTqoTFeWYoGAjgGJjhq/z
rbjKOvhLTgZlYa2G1fnBePjdO9ZTwQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAAW
SzkMjsJPrRySc4Sw/uJr3+w5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84Q0Q0ODZCQUQ4REUxMUVGQjBENUExOTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms5wMA0GCSqGSIb3DQEB
CwUAA4IBAQCQ2e25D540GGZ9n+gFJsM1nu4Mexnm7jBwIbGIMRe1GQQ65wzJHfnm
moBTDVNkZYZlTBKCxNWseRlbMSIN+uGKRNb56+FEpPf+g7az2lJs/x2jpMRjALLg
OJuNpQy7HTkgYSVf7tBRz2As5m2H2cShd3uvSqx6c6jq/EDxgX94Gie6WvZyz3U2
ATzb5hCcNrCWFWZEgnGcRINbnfV2t6b8klrQs3fGHBgKecETLCq6MDdGh+I/6jVv
5oO2eFgWUs1MUKukLbKvBEFxGhibnArXc8gObF/aTD13Ql2yH/r0Js0TaJfyJA0F
s16I7wE0Iec+XUchTY/OiIDKH3UaVz8+
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:59:19 2025 by rpki-client