Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9BAAB54AD73211EFA886E294762E951A.roa
File: 9BAAB54AD73211EFA886E294762E951A.roa (raw, json)
Hash identifier: YSo480Jy97n8MUTK+/E3xY+GSOWdP2g1ErtX0HsZvC4=
Subject key identifier: F4:42:EB:7B:8D:A7:30:69:90:72:24:19:C1:40:D5:4C:5A:E5:E3:03
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013E4C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9BAAB54AD73211EFA886E294762E951A.roa
Signing time: Mon 20 Jan 2025 13:29:43 +0000
ROA not before: Mon 20 Jan 2025 13:29:39 +0000
ROA not after: Wed 05 Feb 2025 13:29:39 +0000
asID: 135097
IP address blocks: 154.212.176.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81484 (0x13e4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 20 13:29:39 2025 GMT
Not After : Feb 5 13:29:39 2025 GMT
Subject: CN=678e4fc7-9e55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:13:09:33:97:ec:86:d6:90:0a:30:04:be:6c:
b9:b2:5c:29:32:40:f8:bb:75:33:38:6e:5f:86:52:
08:f2:6f:eb:2e:15:a7:af:c4:3b:72:d0:e4:d3:30:
44:a6:6a:67:40:21:79:4b:c8:09:4d:72:ae:bd:68:
58:e7:c4:95:e6:34:89:a5:ad:ec:46:d7:08:5b:e7:
9f:70:f1:be:ba:1b:7c:54:4a:27:f1:5c:f4:1a:f7:
ad:ed:21:d9:4b:43:90:c7:86:23:93:62:23:9b:66:
39:98:d5:05:be:07:b0:ee:5d:91:93:8a:df:61:ba:
1b:37:f4:f2:a7:2f:24:a5:99:44:a9:67:88:e5:b6:
53:ef:7c:70:a7:b9:60:a6:1a:ac:4d:17:da:2c:0a:
6c:23:74:b5:b7:c9:2f:b7:df:3e:c8:a0:6a:3b:38:
d2:b0:3c:d5:28:d3:53:44:9a:55:51:bf:60:42:79:
27:64:19:bc:ff:7a:d5:ba:e2:14:25:cc:0e:da:ba:
14:a9:bc:0f:45:03:05:95:16:c7:c5:61:ae:05:4f:
56:2e:97:28:26:70:e5:91:b7:a8:42:82:40:ab:9b:
8f:e2:64:c6:c8:c2:af:81:fe:b9:e3:a6:b7:98:67:
f6:ad:56:51:ac:e7:a0:1b:96:1b:63:64:72:6c:f3:
97:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:42:EB:7B:8D:A7:30:69:90:72:24:19:C1:40:D5:4C:5A:E5:E3:03
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9BAAB54AD73211EFA886E294762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.176.0/20
Signature Algorithm: sha256WithRSAEncryption
79:05:19:af:6f:e8:69:32:6a:cb:55:90:5e:30:19:a5:87:10:
cd:da:b1:3a:5e:02:eb:f3:36:a8:d9:59:df:e2:16:ac:b0:7e:
53:32:7e:c4:73:55:18:e0:7a:56:d7:b6:be:1b:32:ca:72:18:
e9:a2:a9:58:5f:fb:d7:ed:a3:28:87:a6:8d:3f:6b:69:fa:12:
41:11:ae:74:ae:aa:3d:25:88:33:32:61:59:fa:01:e8:6f:aa:
03:b8:1b:33:4a:e3:cd:35:16:79:35:64:3b:82:3f:ef:65:d2:
29:6e:8b:46:74:09:fc:21:41:4b:af:4b:ea:ca:d4:15:63:a7:
2b:74:1b:15:16:32:ca:7a:37:55:49:d4:f6:e1:3f:40:f0:3f:
77:86:e9:ef:a6:4e:93:c3:bd:1d:f7:b2:e6:44:ad:07:be:0d:
c5:8d:79:94:72:fb:b9:10:09:a0:09:bd:f9:b4:33:54:db:53:
10:9f:4c:e6:14:a3:71:a1:8f:65:c0:45:92:d0:45:14:af:c7:
81:13:eb:80:5d:3e:db:91:99:bf:e8:a7:7f:67:4f:9b:e0:8b:
5a:6d:8f:7b:c8:37:fb:1e:f4:b9:12:fd:5e:dd:c1:44:07:cc:
64:c8:a0:af:b6:3c:fa:26:be:09:6b:a6:38:25:8d:b9:31:29:
04:70:78:25
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT5MMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIwMTMyOTM5WhcNMjUwMjA1MTMyOTM5WjAYMRYw
FAYDVQQDEw02NzhlNGZjNy05ZTU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxRMJM5fshtaQCjAEvmy5slwpMkD4u3UzOG5fhlII8m/rLhWnr8Q7ctDk
0zBEpmpnQCF5S8gJTXKuvWhY58SV5jSJpa3sRtcIW+efcPG+uht8VEon8Vz0Gvet
7SHZS0OQx4Yjk2Ijm2Y5mNUFvgew7l2Rk4rfYbobN/Typy8kpZlEqWeI5bZT73xw
p7lgphqsTRfaLApsI3S1t8kvt98+yKBqOzjSsDzVKNNTRJpVUb9gQnknZBm8/3rV
uuIUJcwO2roUqbwPRQMFlRbHxWGuBU9WLpcoJnDlkbeoQoJAq5uP4mTGyMKvgf65
46a3mGf2rVZRrOegG5YbY2RybPOX8wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPRC
63uNpzBpkHIkGcFA1Uxa5eMDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QkFBQjU0QUQ3MzIxMUVGQTg4NkUyOTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtSwMA0GCSqGSIb3DQEB
CwUAA4IBAQB5BRmvb+hpMmrLVZBeMBmlhxDN2rE6XgLr8zao2Vnf4hassH5TMn7E
c1UY4HpW17a+GzLKchjpoqlYX/vX7aMoh6aNP2tp+hJBEa50rqo9JYgzMmFZ+gHo
b6oDuBszSuPNNRZ5NWQ7gj/vZdIpbotGdAn8IUFLr0vqytQVY6crdBsVFjLKejdV
SdT24T9A8D93hunvpk6Tw70d97LmRK0Hvg3FjXmUcvu5EAmgCb35tDNU21MQn0zm
FKNxoY9lwEWS0EUUr8eBE+uAXT7bkZm/6Kd/Z0+b4ItabY97yDf7HvS5Ev1e3cFE
B8xkyKCvtjz6Jr4Ja6Y4JY25MSkEcHgl
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:50:49 2025 by rpki-client