Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9B791F92DCC011EF8791C84A762E951A.roa
File: 9B791F92DCC011EF8791C84A762E951A.roa (raw, json)
Hash identifier: hQ1/mtw6GjiM51QCczhgekrdk4qRbSGlQaYN9UdKOIE=
Subject key identifier: 45:E7:75:17:00:2D:47:77:49:1E:B0:85:5E:DD:6E:4E:01:6B:3D:41
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014C31
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9B791F92DCC011EF8791C84A762E951A.roa
Signing time: Mon 27 Jan 2025 15:08:47 +0000
ROA not before: Mon 27 Jan 2025 15:08:44 +0000
ROA not after: Sun 09 Feb 2025 15:08:44 +0000
asID: 5065
IP address blocks: 154.86.104.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85041 (0x14c31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 27 15:08:44 2025 GMT
Not After : Feb 9 15:08:44 2025 GMT
Subject: CN=6797a17f-65b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a7:51:e8:3b:f3:53:d2:c3:95:f0:1c:45:74:
01:b6:ef:cb:3b:7f:b5:9e:e5:4c:d0:55:1e:14:85:
fe:88:a4:08:95:dc:26:29:7e:3a:5d:4e:9c:26:33:
46:94:51:ad:c1:eb:39:dd:4b:58:a9:78:38:a1:a3:
41:ac:cc:64:e4:81:cf:e3:6f:f8:e2:04:a8:ab:26:
d5:ae:83:c6:24:dd:eb:65:fb:8b:92:30:17:3a:85:
65:f1:57:54:91:21:1c:d5:34:84:00:fa:3e:7c:19:
07:24:c6:dd:ae:76:0a:17:3f:11:ab:65:ce:b5:6d:
28:e0:3a:8f:5e:fc:12:ed:05:40:db:ff:1b:46:50:
ea:d4:f2:b2:fe:be:2a:98:73:70:3a:44:b6:94:cc:
fc:34:51:a7:33:89:e3:42:df:e2:58:28:c4:d0:f2:
02:87:46:b8:68:ec:75:73:4a:ca:57:97:0f:d1:02:
ba:ac:bf:84:64:c6:00:ef:df:b2:55:a8:a2:94:d8:
9e:c7:38:fd:1e:32:67:ae:93:f8:3e:22:8d:5d:9c:
8f:c8:6c:5e:b0:66:f3:f0:01:92:d9:4b:74:fe:5f:
33:5d:b3:27:81:aa:ed:7d:d3:c9:6e:7b:18:c0:db:
2d:4e:07:b5:e7:7e:05:d7:f5:a9:c5:94:75:95:d4:
21:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:E7:75:17:00:2D:47:77:49:1E:B0:85:5E:DD:6E:4E:01:6B:3D:41
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9B791F92DCC011EF8791C84A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.104.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:f1:7c:9c:cf:2c:fd:7b:fc:2f:52:a1:2d:cd:75:f3:eb:b7:
23:02:aa:a5:f5:64:10:a7:c4:8c:41:7c:1e:3a:59:ac:57:95:
ec:16:fb:63:71:05:83:89:ec:35:58:d2:e1:96:8c:5c:a0:3b:
87:1c:cc:b6:d8:7e:54:28:f0:ae:d6:a2:a5:00:95:5b:ff:e7:
b4:ab:67:56:0e:35:ab:71:6d:42:69:2b:c8:21:b7:21:87:b8:
fe:74:b6:a1:9c:37:ab:62:83:64:fb:cc:67:a4:b8:be:dd:76:
7b:be:0e:79:f2:89:64:32:35:ca:0a:4a:8a:bd:cf:8c:cf:c2:
95:c7:03:3d:66:b6:69:52:ad:a4:e1:e7:b0:e0:f7:de:9c:ad:
e3:d6:2b:4c:cc:7e:1e:cf:dd:12:f5:f7:b8:b8:de:12:6c:35:
4f:38:b7:72:99:3f:c4:fe:da:f7:0e:bc:97:ae:9f:23:59:e2:
47:fb:81:a6:72:b5:c1:98:20:94:6e:f3:8f:1e:99:27:82:12:
13:60:12:0a:3e:de:c6:e6:38:38:ac:cb:54:0d:5e:80:7a:82:
af:1d:20:bc:8a:cc:b0:37:5d:1c:23:1e:2d:13:1d:9a:4e:59:
bb:5f:dd:75:44:1c:6e:5e:36:53:42:47:9a:58:5b:d6:26:f4:
03:8a:b4:a0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUwxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI3MTUwODQ0WhcNMjUwMjA5MTUwODQ0WjAYMRYw
FAYDVQQDEw02Nzk3YTE3Zi02NWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwKdR6DvzU9LDlfAcRXQBtu/LO3+1nuVM0FUeFIX+iKQIldwmKX46XU6c
JjNGlFGtwes53UtYqXg4oaNBrMxk5IHP42/44gSoqybVroPGJN3rZfuLkjAXOoVl
8VdUkSEc1TSEAPo+fBkHJMbdrnYKFz8Rq2XOtW0o4DqPXvwS7QVA2/8bRlDq1PKy
/r4qmHNwOkS2lMz8NFGnM4njQt/iWCjE0PICh0a4aOx1c0rKV5cP0QK6rL+EZMYA
79+yVaiilNiexzj9HjJnrpP4PiKNXZyPyGxesGbz8AGS2Ut0/l8zXbMngartfdPJ
bnsYwNstTge1534F1/WpxZR1ldQhhwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEXn
dRcALUd3SR6whV7dbk4Baz1BMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85Qjc5MUY5MkRDQzAxMUVGODc5MUM4NEE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlZoMA0GCSqGSIb3DQEB
CwUAA4IBAQDQ8Xyczyz9e/wvUqEtzXXz67cjAqql9WQQp8SMQXweOlmsV5XsFvtj
cQWDiew1WNLhloxcoDuHHMy22H5UKPCu1qKlAJVb/+e0q2dWDjWrcW1CaSvIIbch
h7j+dLahnDerYoNk+8xnpLi+3XZ7vg558olkMjXKCkqKvc+Mz8KVxwM9ZrZpUq2k
4eew4PfenK3j1itMzH4ez90S9fe4uN4SbDVPOLdymT/E/tr3DryXrp8jWeJH+4Gm
crXBmCCUbvOPHpknghITYBIKPt7G5jg4rMtUDV6AeoKvHSC8isywN10cIx4tEx2a
Tlm7X911RBxuXjZTQkeaWFvWJvQDirSg
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:22:52 2025 by rpki-client