Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/91E969E0DCC111EF8170EE4F762E951A.roa
File: 91E969E0DCC111EF8170EE4F762E951A.roa (raw, json)
Hash identifier: PH7vnfVA1Hej3HELre4h/qs6+ni3hfM/D+5uZnhMntA=
Subject key identifier: 20:2C:3A:BD:7C:36:5D:CA:90:F7:91:5B:5D:65:C3:30:F5:91:2B:B7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014C37
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/91E969E0DCC111EF8170EE4F762E951A.roa
Signing time: Mon 27 Jan 2025 15:15:41 +0000
ROA not before: Mon 27 Jan 2025 15:15:37 +0000
ROA not after: Sun 09 Feb 2025 15:15:37 +0000
asID: 5065
IP address blocks: 154.86.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85047 (0x14c37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 27 15:15:37 2025 GMT
Not After : Feb 9 15:15:37 2025 GMT
Subject: CN=6797a31d-d1bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0c:43:a6:b7:a9:2a:9a:30:e8:15:b4:c8:90:
93:fe:15:fc:71:dc:6a:47:d5:dd:9f:98:aa:a1:54:
29:44:39:a3:ce:eb:df:f2:a6:99:12:d1:4c:45:4a:
09:f9:0e:07:7e:4d:97:21:13:6f:20:5a:ad:f1:d0:
ef:68:3c:97:45:76:60:d4:53:c6:fe:94:f6:95:c2:
6b:bd:aa:2c:b4:07:d9:05:df:95:29:df:e9:71:e2:
25:1a:a4:79:29:51:16:46:0c:7f:9c:89:59:e0:d3:
49:49:fb:cf:28:a5:c2:b5:8e:8f:bc:47:45:e5:99:
c8:8f:83:4c:d3:b5:07:37:bb:07:6a:ff:3c:c1:97:
99:3b:76:ec:e7:29:2e:70:52:ff:d5:31:6f:9a:72:
0f:5f:14:ff:1c:f7:ed:b7:b1:5f:f4:14:f7:73:d8:
d1:f7:9a:5b:dd:0a:dd:5d:0b:6b:29:9e:2e:3d:4e:
ff:09:e6:d1:ff:4c:9d:1b:a2:0a:45:71:51:e8:18:
93:59:c5:14:3a:83:ac:e2:3f:5e:20:49:66:4a:05:
95:be:a7:d1:84:e8:e1:ed:0d:0d:5a:88:23:51:63:
18:39:05:42:4c:aa:be:27:ac:45:4b:eb:54:a8:2c:
f3:d2:94:f8:56:ff:69:05:3f:7f:79:46:2d:ad:79:
76:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:2C:3A:BD:7C:36:5D:CA:90:F7:91:5B:5D:65:C3:30:F5:91:2B:B7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/91E969E0DCC111EF8170EE4F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.107.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:db:ce:7b:03:27:e9:f4:0f:a3:a0:c3:4a:a9:ba:8b:6e:57:
f4:2b:19:81:96:35:8a:e5:f4:3b:60:a6:1f:a8:e5:40:87:38:
b3:dc:f1:c2:a6:e3:6c:52:8c:d6:88:4f:f4:a5:31:22:c1:24:
15:a0:6d:b3:5f:7f:79:25:a6:31:80:53:fb:8c:5d:a6:1d:62:
26:e9:0d:a4:23:9c:36:5e:fa:84:2b:77:e8:e4:c2:b2:a3:c2:
86:94:39:2a:d2:b1:dc:58:c5:19:31:73:3c:72:7b:77:d5:a0:
9a:31:a0:f7:f3:e8:44:88:12:52:51:86:e3:a8:8f:98:a5:7f:
3e:9d:d7:ac:b9:01:13:5a:e5:49:fc:2f:43:38:6e:46:ed:45:
f0:7b:39:84:3c:1c:d1:df:37:05:47:3b:12:ee:43:08:d1:ec:
a5:cf:a1:23:b3:73:0c:6f:16:fa:01:75:64:77:73:19:f1:97:
93:66:ed:1e:f9:ca:a4:9c:31:2b:c9:52:9f:b4:f5:2e:46:08:
86:16:63:f7:1f:30:1b:4d:30:03:c4:c9:2f:20:b6:62:f1:54:
7e:48:12:f8:dd:6d:67:51:17:c6:1b:9b:80:02:37:e1:96:6a:
16:66:c3:0c:86:cc:4b:8e:31:5d:a1:f1:97:5b:50:25:7d:b7:
16:33:ce:ff
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUw3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI3MTUxNTM3WhcNMjUwMjA5MTUxNTM3WjAYMRYw
FAYDVQQDEw02Nzk3YTMxZC1kMWJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwAxDprepKpow6BW0yJCT/hX8cdxqR9Xdn5iqoVQpRDmjzuvf8qaZEtFM
RUoJ+Q4Hfk2XIRNvIFqt8dDvaDyXRXZg1FPG/pT2lcJrvaostAfZBd+VKd/pceIl
GqR5KVEWRgx/nIlZ4NNJSfvPKKXCtY6PvEdF5ZnIj4NM07UHN7sHav88wZeZO3bs
5ykucFL/1TFvmnIPXxT/HPftt7Ff9BT3c9jR95pb3QrdXQtrKZ4uPU7/CebR/0yd
G6IKRXFR6BiTWcUUOoOs4j9eIElmSgWVvqfRhOjh7Q0NWogjUWMYOQVCTKq+J6xF
S+tUqCzz0pT4Vv9pBT9/eUYtrXl2lwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCAs
Or18Nl3KkPeRW11lwzD1kSu3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MUU5NjlFMERDQzExMUVGODE3MEVFNEY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlZrMA0GCSqGSIb3DQEB
CwUAA4IBAQCK2857Ayfp9A+joMNKqbqLblf0KxmBljWK5fQ7YKYfqOVAhziz3PHC
puNsUozWiE/0pTEiwSQVoG2zX395JaYxgFP7jF2mHWIm6Q2kI5w2XvqEK3fo5MKy
o8KGlDkq0rHcWMUZMXM8cnt31aCaMaD38+hEiBJSUYbjqI+YpX8+ndesuQETWuVJ
/C9DOG5G7UXwezmEPBzR3zcFRzsS7kMI0eylz6Ejs3MMbxb6AXVkd3MZ8ZeTZu0e
+cqknDEryVKftPUuRgiGFmP3HzAbTTADxMkvILZi8VR+SBL43W1nURfGG5uAAjfh
lmoWZsMMhsxLjjFdofGXW1AlfbcWM87/
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:11:05 2025 by rpki-client