Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/916161DECBE711EF83EC50B7762E951A.roa
File: 916161DECBE711EF83EC50B7762E951A.roa (raw, json)
Hash identifier: hcFFbEofA3gtKAM12qQ5OBtZGOTu03lMo7Q0JRSZyTU=
Subject key identifier: 7E:10:84:93:25:A5:7A:09:6F:3E:F9:45:9C:D4:36:0C:26:9A:74:BD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01358D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/916161DECBE711EF83EC50B7762E951A.roa
Signing time: Mon 06 Jan 2025 04:34:51 +0000
ROA not before: Mon 06 Jan 2025 04:34:46 +0000
ROA not after: Sat 08 Feb 2025 04:34:46 +0000
asID: 203020
IP address blocks: 154.217.136.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79245 (0x1358d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 6 04:34:46 2025 GMT
Not After : Feb 8 04:34:46 2025 GMT
Subject: CN=677b5d6b-b130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:25:46:aa:9c:aa:48:e3:b6:50:6f:52:ad:86:
bf:24:fb:60:8c:3c:6e:b1:3c:7b:ca:48:c2:5d:f1:
3a:a0:8a:ce:9c:f8:38:d9:e3:f1:97:dc:26:f4:08:
52:b6:67:fd:31:6d:96:11:52:6b:50:3d:f6:70:ea:
de:ad:4f:62:72:52:ee:6c:96:58:2a:24:eb:55:fb:
05:4c:4e:63:d6:4f:85:c3:db:b7:8d:37:c3:5d:84:
0b:f3:66:68:5e:b8:f6:9b:3d:4f:6a:7c:3c:b0:38:
c1:47:b2:a6:80:88:e7:0f:79:03:63:8f:d8:bb:d1:
81:0e:1b:a2:53:ed:27:84:1b:f7:03:8d:70:f7:d3:
42:f4:85:73:01:43:be:e9:c3:e4:83:5e:a4:e8:2c:
2e:85:87:0d:69:a7:31:dc:df:b0:9a:b2:f5:ff:80:
17:16:78:3a:0f:55:48:38:fa:9f:98:3b:c9:e4:26:
67:31:a3:a8:f6:d0:df:20:7d:94:43:e4:8d:d8:74:
20:13:d4:b8:b8:91:6a:fe:88:eb:3a:b7:f0:6b:69:
9a:cf:23:3b:d2:50:96:d6:4f:5c:55:5a:4d:5d:22:
da:c4:8f:6c:8b:13:98:dd:ce:9d:e9:5e:e3:8a:4d:
37:e8:6e:cf:06:e1:fc:7b:e2:a3:7b:67:a8:74:b9:
94:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:10:84:93:25:A5:7A:09:6F:3E:F9:45:9C:D4:36:0C:26:9A:74:BD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/916161DECBE711EF83EC50B7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.136.0/22
Signature Algorithm: sha256WithRSAEncryption
83:a0:78:63:8e:db:99:b8:0b:07:0d:f1:33:26:0b:a3:8a:03:
28:8d:97:dd:25:e0:78:f2:c3:a8:5f:4f:02:94:a1:aa:94:97:
c9:d8:02:7b:19:db:fb:be:a0:81:f4:47:e3:96:2c:cc:0f:e5:
18:ab:fc:fa:6f:1f:2e:0f:85:5e:5b:a6:84:99:d6:83:10:6c:
57:0c:c7:bc:b8:b7:3a:d6:ad:39:0e:a0:69:55:55:f4:aa:02:
e0:47:c4:fa:43:c0:5c:7c:28:a2:62:70:2d:39:2e:5b:b0:58:
8c:17:9d:87:1c:6f:c4:bc:66:4e:01:77:9f:fc:9e:e2:18:3b:
41:0a:13:91:ad:f6:dd:c6:0f:d7:3e:9a:05:9f:51:d3:48:e7:
88:20:e6:7b:e9:e7:30:62:59:bb:43:b8:bd:29:4a:21:48:de:
bd:3e:5a:69:1e:43:be:1b:90:f8:7a:f3:c9:9f:cc:97:78:6b:
45:86:c3:6f:0c:f5:3b:d2:8e:33:88:bc:8e:0d:66:d8:4f:94:
72:fb:65:c6:aa:4c:e0:ef:09:d3:1a:f3:e6:11:04:aa:11:e3:
51:55:e2:a3:6a:80:6e:b2:15:d7:91:0d:98:27:92:5f:30:76:
69:38:9b:07:7d:73:21:70:62:63:ec:1c:f7:79:10:dd:54:5a:
2b:21:da:2d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATWNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA2MDQzNDQ2WhcNMjUwMjA4MDQzNDQ2WjAYMRYw
FAYDVQQDEw02NzdiNWQ2Yi1iMTMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1yVGqpyqSOO2UG9SrYa/JPtgjDxusTx7ykjCXfE6oIrOnPg42ePxl9wm
9AhStmf9MW2WEVJrUD32cOrerU9iclLubJZYKiTrVfsFTE5j1k+Fw9u3jTfDXYQL
82ZoXrj2mz1Panw8sDjBR7KmgIjnD3kDY4/Yu9GBDhuiU+0nhBv3A41w99NC9IVz
AUO+6cPkg16k6CwuhYcNaacx3N+wmrL1/4AXFng6D1VIOPqfmDvJ5CZnMaOo9tDf
IH2UQ+SN2HQgE9S4uJFq/ojrOrfwa2mazyM70lCW1k9cVVpNXSLaxI9sixOY3c6d
6V7jik036G7PBuH8e+Kje2eodLmU/QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH4Q
hJMlpXoJbz75RZzUNgwmmnS9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MTYxNjFERUNCRTcxMUVGODNFQzUwQjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtmIMA0GCSqGSIb3DQEB
CwUAA4IBAQCDoHhjjtuZuAsHDfEzJgujigMojZfdJeB48sOoX08ClKGqlJfJ2AJ7
Gdv7vqCB9EfjlizMD+UYq/z6bx8uD4VeW6aEmdaDEGxXDMe8uLc61q05DqBpVVX0
qgLgR8T6Q8BcfCiiYnAtOS5bsFiMF52HHG/EvGZOAXef/J7iGDtBChORrfbdxg/X
PpoFn1HTSOeIIOZ76ecwYlm7Q7i9KUohSN69PlppHkO+G5D4evPJn8yXeGtFhsNv
DPU70o4ziLyODWbYT5Ry+2XGqkzg7wnTGvPmEQSqEeNRVeKjaoBushXXkQ2YJ5Jf
MHZpOJsHfXMhcGJj7Bz3eRDdVForIdot
-----END CERTIFICATE-----
Generated at Fri Apr 25 17:04:05 2025 by rpki-client