Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9047A35ACAB911EF965DD6B1762E951A.roa
File: 9047A35ACAB911EF965DD6B1762E951A.roa (raw, json)
Hash identifier: zrZ8vsA/58AjpF8FmwIyTJp+kbf1hd6LeukqqMDcR9A=
Subject key identifier: AC:40:BF:32:0A:B4:BA:64:B1:F2:2D:58:6B:0D:79:A4:FF:F1:5E:1A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0134D3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9047A35ACAB911EF965DD6B1762E951A.roa
Signing time: Sat 04 Jan 2025 16:33:01 +0000
ROA not before: Sun 05 Jan 2025 16:32:57 +0000
ROA not after: Tue 04 Feb 2025 16:32:57 +0000
asID: 17557
IP address blocks: 154.198.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79059 (0x134d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 5 16:32:57 2025 GMT
Not After : Feb 4 16:32:57 2025 GMT
Subject: CN=677962bd-3f36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:23:97:f0:e0:3b:b5:59:d8:c3:df:d2:00:3d:
4b:3f:b0:0f:16:c6:57:27:20:63:32:81:39:e2:b0:
f8:78:f4:07:8b:d0:e3:f9:84:74:04:71:91:12:15:
d9:e0:d6:7f:88:ee:96:10:7f:34:ae:0f:8c:40:7d:
30:91:de:4b:b6:30:0a:5e:4b:c7:98:73:65:19:b9:
c2:b8:60:c9:f0:72:d3:74:0b:4b:98:c4:43:9d:c8:
86:52:66:90:f5:fa:1f:d0:c2:ba:44:94:3a:91:92:
3e:56:74:e1:c8:1e:a2:6f:da:ba:2c:4c:67:43:6f:
53:2b:3f:42:15:7f:f7:b8:ce:97:a4:f0:7a:97:0b:
43:00:c5:6b:9b:53:2c:a3:5b:9b:46:cb:25:18:ca:
37:8f:ac:3c:5a:ba:ed:aa:f8:35:0a:98:66:36:93:
11:74:dd:84:4a:84:70:2a:6d:57:77:bf:ba:dc:98:
0c:82:52:d7:25:1e:05:19:19:d4:5f:39:8a:4d:90:
6d:93:3c:78:b5:b7:87:1d:36:80:a3:ac:97:6d:e0:
6b:ce:fa:7f:d8:e9:15:14:46:58:49:30:5b:7f:0b:
b0:5c:f3:a8:46:4c:00:81:f9:32:82:66:ca:46:b8:
4f:79:53:d9:55:35:6d:0d:6f:27:be:3c:2a:af:da:
50:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:40:BF:32:0A:B4:BA:64:B1:F2:2D:58:6B:0D:79:A4:FF:F1:5E:1A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9047A35ACAB911EF965DD6B1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.13.0/24
Signature Algorithm: sha256WithRSAEncryption
08:df:9b:d9:57:e4:9b:72:e0:4a:b1:8a:e9:f7:2f:34:39:a7:
d0:ce:9e:4b:e7:a6:c4:ba:64:03:0e:c9:de:28:54:ec:b1:c0:
fd:5b:96:8c:bd:f8:08:e7:eb:d3:b7:33:99:7d:c3:43:b2:b2:
07:da:e0:fb:a8:25:28:76:fa:82:ba:1d:d6:6f:e5:ca:35:e2:
4d:63:8e:7f:57:0b:11:4c:37:f2:f0:bb:5e:26:c0:15:96:38:
1d:4d:55:a1:4f:4d:3e:44:f5:35:2d:4c:87:02:9b:af:79:67:
4a:87:ca:78:2f:9f:88:56:30:da:8a:9e:19:82:e2:1e:39:c0:
ba:f6:c0:cc:a1:ba:08:d0:85:25:82:84:a3:33:9f:75:da:4e:
df:94:6d:16:5e:fd:7e:c7:62:de:30:ef:33:55:ca:0e:34:e9:
a6:ee:a5:8d:44:ef:33:b7:00:7e:17:ae:71:13:8a:b1:5b:fd:
47:9e:79:47:2f:7b:32:63:8d:3f:3b:3a:09:4b:c4:5b:91:ae:
74:5d:7e:19:36:dc:01:10:68:33:1a:34:01:81:da:b9:66:31:
af:2c:38:d9:95:ce:1b:2c:99:c1:4e:38:fc:63:a8:00:ba:97:
a6:99:bf:20:e8:93:bc:6f:c9:56:58:ee:04:97:d7:b0:f7:7f:
45:3d:36:b7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATTTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA1MTYzMjU3WhcNMjUwMjA0MTYzMjU3WjAYMRYw
FAYDVQQDEw02Nzc5NjJiZC0zZjM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+SOX8OA7tVnYw9/SAD1LP7APFsZXJyBjMoE54rD4ePQHi9Dj+YR0BHGR
EhXZ4NZ/iO6WEH80rg+MQH0wkd5LtjAKXkvHmHNlGbnCuGDJ8HLTdAtLmMRDnciG
UmaQ9fof0MK6RJQ6kZI+VnThyB6ib9q6LExnQ29TKz9CFX/3uM6XpPB6lwtDAMVr
m1Mso1ubRsslGMo3j6w8Wrrtqvg1CphmNpMRdN2ESoRwKm1Xd7+63JgMglLXJR4F
GRnUXzmKTZBtkzx4tbeHHTaAo6yXbeBrzvp/2OkVFEZYSTBbfwuwXPOoRkwAgfky
gmbKRrhPeVPZVTVtDW8nvjwqr9pQsQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKxA
vzIKtLpksfItWGsNeaT/8V4aMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MDQ3QTM1QUNBQjkxMUVGOTY1REQ2QjE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsYNMA0GCSqGSIb3DQEB
CwUAA4IBAQAI35vZV+SbcuBKsYrp9y80OafQzp5L56bEumQDDsneKFTsscD9W5aM
vfgI5+vTtzOZfcNDsrIH2uD7qCUodvqCuh3Wb+XKNeJNY45/VwsRTDfy8LteJsAV
ljgdTVWhT00+RPU1LUyHApuveWdKh8p4L5+IVjDaip4ZguIeOcC69sDMoboI0IUl
goSjM5912k7flG0WXv1+x2LeMO8zVcoONOmm7qWNRO8ztwB+F65xE4qxW/1HnnlH
L3syY40/OzoJS8Rbka50XX4ZNtwBEGgzGjQBgdq5ZjGvLDjZlc4bLJnBTjj8Y6gA
upemmb8g6JO8b8lWWO4El9ew939FPTa3
-----END CERTIFICATE-----
Generated at Tue Apr 29 01:01:00 2025 by rpki-client