Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9605D528D8DD11EFB0452F8D762E951A.roa
File: 9605D528D8DD11EFB0452F8D762E951A.roa (raw, json)
Hash identifier: WxRSXqlcj/s5F22QHnszn4NGHl2fPEYK5WFWusXOxVs=
Subject key identifier: AA:D0:84:41:50:A6:8D:91:24:70:64:87:EA:C5:01:E2:D2:CB:7C:72
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013FE2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9605D528D8DD11EFB0452F8D762E951A.roa
Signing time: Wed 22 Jan 2025 16:26:09 +0000
ROA not before: Wed 22 Jan 2025 16:26:05 +0000
ROA not after: Sat 15 Mar 2025 16:26:05 +0000
asID: 138915
IP address blocks: 154.206.116.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81890 (0x13fe2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 22 16:26:05 2025 GMT
Not After : Mar 15 16:26:05 2025 GMT
Subject: CN=67911c21-8fbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8c:df:52:7d:9f:3c:df:5d:fd:13:58:10:56:
5a:f7:0a:66:c6:2d:8d:a9:c3:d0:1b:6e:17:95:96:
f2:b8:66:89:fd:7f:05:80:01:a4:6c:4c:ef:06:7a:
d4:75:c6:d0:85:45:32:2e:42:c0:8d:f2:3b:4f:5a:
8c:38:bc:bf:70:8d:1f:f8:b4:34:bc:5f:db:3e:80:
24:a1:2e:23:bf:5e:a0:c0:07:c0:be:e8:e8:9e:76:
bb:c7:44:df:2a:99:22:f6:42:4e:86:27:33:0c:12:
a4:86:cc:a8:57:c8:f5:08:67:0b:f4:84:19:3b:41:
a7:96:e4:07:12:af:e4:e9:8b:96:3a:30:b4:82:dd:
aa:8b:f9:56:66:0b:d5:de:2d:f7:61:a0:d4:27:b9:
58:56:15:66:61:2f:92:cf:10:4e:f5:bd:6e:2c:44:
9c:db:2d:1d:9b:05:3d:a3:83:4d:11:bc:35:57:7e:
dd:66:2d:82:bf:05:c4:9f:1e:e9:be:b2:76:c1:ab:
cc:c8:80:4d:87:13:5e:8d:5e:63:35:84:71:2e:bb:
f8:ca:05:02:a8:7b:fd:36:46:0d:45:7b:65:20:6e:
18:53:7e:fa:ea:81:aa:6b:83:c9:8c:69:7f:67:ba:
47:17:16:56:76:25:a1:08:10:15:6b:9b:c2:d0:fd:
d1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D0:84:41:50:A6:8D:91:24:70:64:87:EA:C5:01:E2:D2:CB:7C:72
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9605D528D8DD11EFB0452F8D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.116.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:51:62:46:1c:63:d9:d1:29:1f:af:4d:fb:c7:5c:26:e3:62:
5d:c2:a3:76:60:42:ad:f4:10:f5:fd:ee:8b:f5:8f:d9:7d:bd:
38:35:70:51:7b:0c:e6:e9:c2:50:dd:d3:04:5c:4c:37:a3:db:
cc:ea:4e:b1:ba:bc:2d:7e:ff:6d:20:68:f5:68:da:b6:a9:62:
7a:45:9e:d1:79:f0:9d:9e:fd:b8:8e:4a:dc:33:94:1f:5b:24:
6a:d5:c4:d3:9b:bf:06:dc:45:bf:20:1f:36:5f:cb:f5:f8:39:
bb:33:a9:66:24:72:cc:2e:ef:eb:44:0f:e7:de:b5:f0:f8:32:
0c:3f:be:85:ea:70:aa:1f:ea:d1:bc:df:9b:1a:82:df:ee:96:
2b:13:d6:c5:52:f5:a4:5d:d5:6e:39:16:82:ce:58:6c:0b:8c:
cb:b6:28:68:23:23:ad:20:8a:2b:78:45:54:c4:9c:3d:0e:7d:
41:e0:d2:81:ad:f6:d1:87:bf:8c:00:fa:4f:fd:8b:de:5a:e0:
cd:86:cc:56:7f:6d:d9:5c:a5:c8:ae:d6:67:66:9c:e6:3e:e5:
cb:e1:b5:bc:e1:fb:aa:f9:4b:3c:ca:c4:ea:b4:28:06:16:63:
c4:d4:46:0c:05:d0:bc:d2:d1:e8:30:ef:f0:48:3a:06:92:9c:
ac:43:77:8a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT/iMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIyMTYyNjA1WhcNMjUwMzE1MTYyNjA1WjAYMRYw
FAYDVQQDEw02NzkxMWMyMS04ZmJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtozfUn2fPN9d/RNYEFZa9wpmxi2NqcPQG24XlZbyuGaJ/X8FgAGkbEzv
BnrUdcbQhUUyLkLAjfI7T1qMOLy/cI0f+LQ0vF/bPoAkoS4jv16gwAfAvujonna7
x0TfKpki9kJOhiczDBKkhsyoV8j1CGcL9IQZO0GnluQHEq/k6YuWOjC0gt2qi/lW
ZgvV3i33YaDUJ7lYVhVmYS+SzxBO9b1uLESc2y0dmwU9o4NNEbw1V37dZi2CvwXE
nx7pvrJ2wavMyIBNhxNejV5jNYRxLrv4ygUCqHv9NkYNRXtlIG4YU3766oGqa4PJ
jGl/Z7pHFxZWdiWhCBAVa5vC0P3RUQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKrQ
hEFQpo2RJHBkh+rFAeLSy3xyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NjA1RDUyOEQ4REQxMUVGQjA0NTJGOEQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms50MA0GCSqGSIb3DQEB
CwUAA4IBAQCaUWJGHGPZ0Skfr037x1wm42JdwqN2YEKt9BD1/e6L9Y/Zfb04NXBR
ewzm6cJQ3dMEXEw3o9vM6k6xurwtfv9tIGj1aNq2qWJ6RZ7RefCdnv24jkrcM5Qf
WyRq1cTTm78G3EW/IB82X8v1+Dm7M6lmJHLMLu/rRA/n3rXw+DIMP76F6nCqH+rR
vN+bGoLf7pYrE9bFUvWkXdVuORaCzlhsC4zLtihoIyOtIIoreEVUxJw9Dn1B4NKB
rfbRh7+MAPpP/YveWuDNhsxWf23ZXKXIrtZnZpzmPuXL4bW84fuq+Us8ysTqtCgG
FmPE1EYMBdC80tHoMO/wSDoGkpysQ3eK
-----END CERTIFICATE-----
Generated at Sat Apr 26 02:16:50 2025 by rpki-client