Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CDA6ECAD73111EFB9D18C8E762E951A.roa
File: 9CDA6ECAD73111EFB9D18C8E762E951A.roa (raw, json)
Hash identifier: jhxIrQYgEF9fc0zfxYmFpmM7U9tqN3NGdDf5id0T/E0=
Subject key identifier: 35:44:E4:50:26:4E:85:FA:18:CD:53:CB:69:1C:72:DC:F9:B8:77:AC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013E44
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CDA6ECAD73111EFB9D18C8E762E951A.roa
Signing time: Mon 20 Jan 2025 13:22:36 +0000
ROA not before: Mon 20 Jan 2025 13:22:32 +0000
ROA not after: Wed 05 Feb 2025 13:22:32 +0000
asID: 135097
IP address blocks: 154.220.16.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81476 (0x13e44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 20 13:22:32 2025 GMT
Not After : Feb 5 13:22:32 2025 GMT
Subject: CN=678e4e1c-f9ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:fa:2d:ef:13:3d:29:13:ba:a7:4f:a8:80:5d:
b3:9d:1a:23:76:f9:ac:5f:2f:6c:ec:4b:5d:4f:82:
9f:82:21:f6:c5:84:42:5a:c8:93:d0:d4:d1:ff:71:
48:b7:43:ab:1b:3b:c5:21:40:ab:f9:2a:83:06:fe:
f0:7d:16:cb:4a:c7:12:fa:4b:53:24:49:79:9b:e2:
27:c4:1f:ca:f6:9c:cb:f2:49:e4:6c:e7:6e:63:01:
ad:f5:7f:e5:45:3f:9c:c4:85:ec:d3:8d:5a:6d:10:
c0:53:c2:8e:c3:28:b5:42:44:54:58:38:2e:6d:a8:
67:f9:7c:6c:a0:c5:06:f2:7c:a4:bc:11:5d:69:27:
f9:d0:ad:b6:72:fb:51:4e:58:e3:53:16:8e:f6:98:
d7:3d:6b:8b:29:c6:fe:f1:77:6b:4e:84:5a:a8:84:
48:2b:c1:5d:6d:69:de:06:d8:6a:19:05:47:f2:11:
b0:7d:2b:18:50:40:33:f7:c5:a9:8f:c2:71:fe:75:
21:d8:4a:14:23:3b:a1:58:46:fc:2d:c9:27:19:a8:
53:04:32:19:95:3a:40:0b:29:69:bd:79:61:84:1d:
e7:7b:c5:91:28:b4:4e:7b:76:5a:54:4f:96:5f:b2:
9c:b6:d5:78:4e:c4:43:b3:d3:63:e3:58:ce:e5:7c:
87:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:44:E4:50:26:4E:85:FA:18:CD:53:CB:69:1C:72:DC:F9:B8:77:AC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CDA6ECAD73111EFB9D18C8E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.16.0/20
Signature Algorithm: sha256WithRSAEncryption
18:e6:4d:f9:8f:9f:81:49:8c:2d:71:10:88:9d:b8:82:ec:98:
47:d5:df:2e:38:54:ad:76:0e:15:68:d0:2c:28:ed:ba:d5:06:
74:66:94:6a:d4:92:9d:ee:38:80:10:72:fb:44:58:87:ec:f5:
c8:30:cd:e9:be:ac:d5:40:f9:65:75:8d:ea:99:33:03:80:a8:
a3:84:db:c3:c9:14:67:e4:dc:e5:0a:30:0c:cc:f9:0b:c1:dc:
be:fd:ac:94:b8:07:6c:6a:92:70:64:e7:81:07:11:45:5c:11:
b3:62:cb:78:c0:c7:06:b3:ae:14:1a:e5:6c:3e:7f:89:f9:b5:
94:99:b8:2e:3e:7b:44:67:a9:e0:5e:8a:69:30:65:8f:45:75:
67:8e:f9:b4:92:6d:0f:72:af:a9:36:de:18:a9:99:74:84:e9:
f7:74:be:4b:50:c0:1f:f3:7e:89:22:ad:ab:7e:3e:ac:f1:4c:
1f:44:92:8e:84:fe:d6:9f:0c:42:1d:66:ce:dc:31:e5:16:a1:
f2:57:19:61:3d:0b:50:d0:5e:3e:8b:02:7d:6e:f7:8b:83:b9:
cc:bc:51:49:eb:61:5f:16:7c:0d:b3:f6:be:b9:78:2b:54:0e:
5c:03:bc:c2:e9:48:33:ae:95:96:9b:27:59:bd:00:84:e2:7d:
a7:4c:4d:1a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT5EMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIwMTMyMjMyWhcNMjUwMjA1MTMyMjMyWjAYMRYw
FAYDVQQDEw02NzhlNGUxYy1mOWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1fot7xM9KRO6p0+ogF2znRojdvmsXy9s7EtdT4KfgiH2xYRCWsiT0NTR
/3FIt0OrGzvFIUCr+SqDBv7wfRbLSscS+ktTJEl5m+InxB/K9pzL8knkbOduYwGt
9X/lRT+cxIXs041abRDAU8KOwyi1QkRUWDgubahn+XxsoMUG8nykvBFdaSf50K22
cvtRTljjUxaO9pjXPWuLKcb+8XdrToRaqIRIK8FdbWneBthqGQVH8hGwfSsYUEAz
98Wpj8Jx/nUh2EoUIzuhWEb8LcknGahTBDIZlTpACylpvXlhhB3ne8WRKLROe3Za
VE+WX7KcttV4TsRDs9Nj41jO5XyHXQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDVE
5FAmToX6GM1Ty2kcctz5uHesMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85Q0RBNkVDQUQ3MzExMUVGQjlEMThDOEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtwQMA0GCSqGSIb3DQEB
CwUAA4IBAQAY5k35j5+BSYwtcRCInbiC7JhH1d8uOFStdg4VaNAsKO261QZ0ZpRq
1JKd7jiAEHL7RFiH7PXIMM3pvqzVQPlldY3qmTMDgKijhNvDyRRn5NzlCjAMzPkL
wdy+/ayUuAdsapJwZOeBBxFFXBGzYst4wMcGs64UGuVsPn+J+bWUmbguPntEZ6ng
XoppMGWPRXVnjvm0km0Pcq+pNt4YqZl0hOn3dL5LUMAf836JIq2rfj6s8UwfRJKO
hP7WnwxCHWbO3DHlFqHyVxlhPQtQ0F4+iwJ9bveLg7nMvFFJ62FfFnwNs/a+uXgr
VA5cA7zC6UgzrpWWmydZvQCE4n2nTE0a
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:42:18 2025 by rpki-client