Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D4EFBD6DD5911EFBE066B57762E951A.roa
File: 9D4EFBD6DD5911EFBE066B57762E951A.roa (raw, json)
Hash identifier: XqpbNwYpcsdZXA36ZZR8yJz7KaAV9cFerhyKfBjM2BM=
Subject key identifier: 71:D8:BD:BA:ED:86:23:94:E5:A6:61:AE:CB:95:E1:47:FF:D7:B5:57
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014C9A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D4EFBD6DD5911EFBE066B57762E951A.roa
Signing time: Tue 28 Jan 2025 09:24:03 +0000
ROA not before: Tue 28 Jan 2025 09:23:58 +0000
ROA not after: Tue 04 Feb 2025 09:23:58 +0000
asID: 5065
IP address blocks: 154.206.34.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85146 (0x14c9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 28 09:23:58 2025 GMT
Not After : Feb 4 09:23:58 2025 GMT
Subject: CN=6798a233-0441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7d:a1:dd:db:6b:28:d5:54:28:40:e2:4a:0c:
dc:3e:70:ea:55:c3:7b:10:9f:4a:98:0b:38:20:4c:
2b:30:3c:a1:cd:a4:61:30:84:fd:d2:3d:af:77:7a:
1a:38:95:20:9f:8d:20:a1:e6:a0:65:14:1d:65:c2:
f3:12:95:93:6f:f1:1d:99:b1:5e:7f:78:6f:18:5c:
8a:77:81:74:45:3a:0a:74:67:f2:7a:a1:ec:44:7b:
24:d5:44:0a:62:c2:0e:30:ac:d7:86:b2:68:9e:89:
9c:e9:cc:d1:49:06:15:77:44:6a:94:a0:05:18:ad:
23:21:1d:5d:d4:5c:e6:4d:c6:fa:61:4a:0f:63:76:
09:95:fc:55:d0:4e:2e:b9:20:2f:d4:d3:d9:b3:00:
d3:06:39:10:7a:91:b6:e7:9c:7a:4b:5f:d0:ae:55:
1d:47:56:35:d0:41:a0:75:a4:59:90:78:e8:8f:52:
05:c7:27:83:37:bb:0c:2d:7c:f5:9d:f9:28:dc:f8:
3b:cb:4b:f8:c7:d9:88:eb:78:41:e5:65:4f:3b:10:
be:22:4c:ca:af:9c:82:ef:b9:b8:a4:94:94:94:a4:
5a:f1:86:aa:44:e2:b8:44:dd:32:78:25:ae:d5:f3:
09:13:41:25:c3:73:ae:d6:d9:1f:88:53:75:7d:e3:
7c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D8:BD:BA:ED:86:23:94:E5:A6:61:AE:CB:95:E1:47:FF:D7:B5:57
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D4EFBD6DD5911EFBE066B57762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.34.0/24
Signature Algorithm: sha256WithRSAEncryption
88:1d:6f:b2:25:bf:77:76:02:f2:fa:3e:f7:d9:37:6a:b2:fd:
75:ee:66:ac:fb:d3:d9:a4:48:33:8c:10:7a:50:95:3d:6b:fd:
94:aa:9a:80:9a:13:2e:f2:54:d1:89:9a:bc:a0:63:9a:c1:03:
f4:b0:ae:60:15:44:ff:ea:30:c2:57:70:13:11:13:b6:35:0f:
59:73:ad:d4:8b:4a:99:8a:ec:2e:13:08:ba:c1:c7:3d:3e:75:
fc:36:c6:4b:74:17:66:b3:45:73:b4:24:57:f9:6e:98:ed:39:
ab:50:59:45:cd:c6:22:80:52:67:e2:1f:57:13:0a:d8:60:bd:
23:61:8d:ec:65:a1:3e:ca:e1:20:7c:5e:4c:df:29:7c:b6:4e:
4c:a6:ee:45:07:80:f4:58:1d:d5:b1:85:63:a6:b6:b8:1c:06:
09:6d:b5:af:5b:65:bb:19:3b:ec:57:d6:0e:d8:e0:71:2c:bb:
53:48:35:86:02:50:b2:c1:6b:3f:7f:aa:99:fe:7e:46:a7:7c:
6c:5d:29:15:c1:f1:6f:73:e4:8d:91:a2:da:64:44:59:b8:66:
7b:09:a2:a6:ed:76:f2:d8:7d:28:fb:f9:81:d7:22:07:be:4b:
38:2f:5c:f6:7b:1a:7b:bb:f6:ae:27:d1:2f:43:d5:c2:dd:0b:
45:d6:e4:1e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUyaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI4MDkyMzU4WhcNMjUwMjA0MDkyMzU4WjAYMRYw
FAYDVQQDEw02Nzk4YTIzMy0wNDQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArH2h3dtrKNVUKEDiSgzcPnDqVcN7EJ9KmAs4IEwrMDyhzaRhMIT90j2v
d3oaOJUgn40goeagZRQdZcLzEpWTb/EdmbFef3hvGFyKd4F0RToKdGfyeqHsRHsk
1UQKYsIOMKzXhrJonomc6czRSQYVd0RqlKAFGK0jIR1d1FzmTcb6YUoPY3YJlfxV
0E4uuSAv1NPZswDTBjkQepG255x6S1/QrlUdR1Y10EGgdaRZkHjoj1IFxyeDN7sM
LXz1nfko3Pg7y0v4x9mI63hB5WVPOxC+IkzKr5yC77m4pJSUlKRa8YaqROK4RN0y
eCWu1fMJE0Elw3Ou1tkfiFN1feN8TQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHHY
vbrthiOU5aZhrsuV4Uf/17VXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85RDRFRkJENkRENTkxMUVGQkUwNjZCNTc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms4iMA0GCSqGSIb3DQEB
CwUAA4IBAQCIHW+yJb93dgLy+j732Tdqsv117mas+9PZpEgzjBB6UJU9a/2UqpqA
mhMu8lTRiZq8oGOawQP0sK5gFUT/6jDCV3ATERO2NQ9Zc63Ui0qZiuwuEwi6wcc9
PnX8NsZLdBdms0VztCRX+W6Y7TmrUFlFzcYigFJn4h9XEwrYYL0jYY3sZaE+yuEg
fF5M3yl8tk5Mpu5FB4D0WB3VsYVjpra4HAYJbbWvW2W7GTvsV9YO2OBxLLtTSDWG
AlCywWs/f6qZ/n5Gp3xsXSkVwfFvc+SNkaLaZERZuGZ7CaKm7Xby2H0o+/mB1yIH
vks4L1z2exp7u/auJ9EvQ9XC3QtF1uQe
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:00:16 2025 by rpki-client