Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8E8C5D82DB3811EF98A0B679762E951A.roa
File: 8E8C5D82DB3811EF98A0B679762E951A.roa (raw, json)
Hash identifier: K/kK0SwA5D1zWk5p2rEP8SOyGFU377nbH7jbsvYxn1c=
Subject key identifier: 9D:D1:20:F4:B0:04:3A:1B:CA:E1:43:72:FF:A0:55:DE:B2:0C:31:F6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014A2E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8E8C5D82DB3811EF98A0B679762E951A.roa
Signing time: Sat 25 Jan 2025 16:22:23 +0000
ROA not before: Sat 25 Jan 2025 16:22:19 +0000
ROA not after: Fri 07 Mar 2025 16:22:19 +0000
asID: 138915
IP address blocks: 154.223.78.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84526 (0x14a2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 25 16:22:19 2025 GMT
Not After : Mar 7 16:22:19 2025 GMT
Subject: CN=67950fbf-a3ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a6:e5:4d:ab:a2:04:4b:89:08:79:04:2d:a9:
44:2b:81:e1:e7:bd:7a:db:d7:61:0b:c6:dd:cb:11:
86:a9:32:d1:cf:31:f9:69:7a:d0:03:9d:bc:da:f4:
fb:1c:53:6b:bd:bd:cd:8f:2a:28:0f:0d:0c:b7:8d:
1a:a9:7e:41:f8:b3:f5:4c:47:14:b7:b3:46:9b:aa:
2b:73:bf:ed:8a:b8:38:33:c7:e2:7f:3a:31:51:53:
b2:b6:c8:3f:02:ce:a2:49:b6:af:a3:af:0f:57:2b:
c6:c8:5e:81:d5:ea:96:43:63:b1:62:e8:72:59:90:
00:95:82:84:b1:82:6c:52:d4:95:17:ba:88:21:d2:
79:dc:3d:2b:a8:cc:39:d1:35:ab:fd:b1:6f:16:59:
c2:8a:5b:00:ea:d7:62:1e:10:00:ec:0e:11:cf:35:
35:fa:43:c1:2f:c3:23:cb:d7:ec:87:39:82:c7:db:
72:d7:da:4b:10:1a:8b:3c:75:66:ad:c5:ce:87:07:
ba:05:58:b4:74:79:40:f0:11:fc:73:3c:1a:71:e8:
90:49:35:50:88:50:69:e7:61:68:d8:7f:f7:93:42:
f1:0e:b8:eb:0f:91:98:43:8e:89:06:c3:7d:a1:2c:
b9:16:b6:80:1c:ed:54:16:51:6d:5b:ee:28:52:f9:
28:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D1:20:F4:B0:04:3A:1B:CA:E1:43:72:FF:A0:55:DE:B2:0C:31:F6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8E8C5D82DB3811EF98A0B679762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.78.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:0c:b5:89:28:8c:bd:07:4c:6e:c4:92:e3:ab:fb:08:85:d2:
1c:8e:08:61:bf:2b:88:6e:83:77:fc:b1:c2:a4:ac:f2:25:6d:
ed:f0:21:26:ec:90:05:88:f7:b1:3a:c8:3d:1e:70:6b:56:8d:
54:e9:3a:65:32:a4:80:0f:f0:43:33:75:64:40:e8:74:d2:02:
11:99:5a:de:28:e3:b1:c9:0a:54:d6:7b:6c:ed:6e:19:0e:e0:
2a:de:5a:d5:d6:4c:19:ed:99:4b:6f:23:c1:44:7c:68:42:b2:
46:94:ca:ee:66:d6:76:25:28:ec:fd:da:9a:4d:a5:e4:94:47:
72:1a:b7:ee:5f:4c:75:95:3c:d3:60:5a:05:f0:6e:bd:08:d0:
5f:23:cf:c1:34:82:39:61:22:44:90:15:69:40:d7:df:73:45:
ab:10:aa:43:4e:63:64:4e:35:00:5f:60:13:5d:b6:86:82:25:
8b:df:bb:a3:78:01:2c:7c:74:6b:10:07:89:62:54:47:cd:f1:
42:e1:41:55:cc:e2:bb:18:04:bb:3c:6f:6c:8d:d0:23:90:24:
32:f9:7a:5b:d8:cc:3d:62:df:7d:9d:5e:1c:e1:d4:44:6a:5d:
fe:ba:04:04:45:fe:20:b7:03:1f:4c:5b:d1:18:f6:fc:af:06:
4c:cc:e2:73
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUouMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI1MTYyMjE5WhcNMjUwMzA3MTYyMjE5WjAYMRYw
FAYDVQQDEw02Nzk1MGZiZi1hM2VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy6blTauiBEuJCHkELalEK4Hh571629dhC8bdyxGGqTLRzzH5aXrQA528
2vT7HFNrvb3NjyooDw0Mt40aqX5B+LP1TEcUt7NGm6orc7/tirg4M8fifzoxUVOy
tsg/As6iSbavo68PVyvGyF6B1eqWQ2OxYuhyWZAAlYKEsYJsUtSVF7qIIdJ53D0r
qMw50TWr/bFvFlnCilsA6tdiHhAA7A4RzzU1+kPBL8Mjy9fshzmCx9ty19pLEBqL
PHVmrcXOhwe6BVi0dHlA8BH8czwaceiQSTVQiFBp52Fo2H/3k0LxDrjrD5GYQ46J
BsN9oSy5FraAHO1UFlFtW+4oUvkoLwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJ3R
IPSwBDobyuFDcv+gVd6yDDH2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RThDNUQ4MkRCMzgxMUVGOThBMEI2Nzk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmt9OMA0GCSqGSIb3DQEB
CwUAA4IBAQBfDLWJKIy9B0xuxJLjq/sIhdIcjghhvyuIboN3/LHCpKzyJW3t8CEm
7JAFiPexOsg9HnBrVo1U6TplMqSAD/BDM3VkQOh00gIRmVreKOOxyQpU1nts7W4Z
DuAq3lrV1kwZ7ZlLbyPBRHxoQrJGlMruZtZ2JSjs/dqaTaXklEdyGrfuX0x1lTzT
YFoF8G69CNBfI8/BNII5YSJEkBVpQNffc0WrEKpDTmNkTjUAX2ATXbaGgiWL37uj
eAEsfHRrEAeJYlRHzfFC4UFVzOK7GAS7PG9sjdAjkCQy+Xpb2Mw9Yt99nV4c4dRE
al3+ugQERf4gtwMfTFvRGPb8rwZMzOJz
-----END CERTIFICATE-----
Generated at Sun Apr 27 07:40:21 2025 by rpki-client