Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9FA5EE9CCBE511EF97D8AAAA762E951A.roa
File: 9FA5EE9CCBE511EF97D8AAAA762E951A.roa (raw, json)
Hash identifier: 8rymQZyLt4+pLY3hzk7WTFjVZxOFLyf2G/nyEm68B44=
Subject key identifier: E4:A2:9C:9F:C1:FE:EF:1B:5E:7B:DC:D4:60:7B:63:28:28:4B:49:B6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01357D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9FA5EE9CCBE511EF97D8AAAA762E951A.roa
Signing time: Mon 06 Jan 2025 04:20:56 +0000
ROA not before: Mon 06 Jan 2025 04:20:52 +0000
ROA not after: Sat 08 Feb 2025 04:20:52 +0000
asID: 203020
IP address blocks: 154.217.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79229 (0x1357d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 6 04:20:52 2025 GMT
Not After : Feb 8 04:20:52 2025 GMT
Subject: CN=677b5a28-fa14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:4c:b7:87:c3:42:50:9a:27:c4:7b:91:22:e6:
c0:c8:52:37:65:69:e2:56:b4:58:ce:d3:a4:34:b6:
fb:46:f2:5c:17:63:ba:0f:22:76:d1:96:af:53:7a:
1b:bd:a9:53:04:7b:05:45:83:02:12:76:6b:e3:df:
2a:7a:95:95:31:ad:55:2b:db:89:05:9f:c5:2a:e8:
05:a3:bf:ad:21:52:73:42:c8:0e:28:f1:b5:a5:df:
55:28:37:33:ed:31:06:cf:cb:62:90:b1:84:72:d2:
b2:71:82:14:e6:60:93:62:ff:4e:c1:16:48:79:62:
0e:ae:03:e2:bf:bb:f4:60:aa:00:94:af:7f:2f:f1:
a7:78:9b:52:6a:2a:c5:48:1a:eb:7d:c6:3d:ca:90:
5c:68:01:9c:3a:c2:e0:09:fd:de:8d:3d:a5:ad:38:
24:04:cb:31:25:b7:15:4f:41:1c:7d:6b:8b:3a:dc:
25:24:67:6b:89:a9:96:63:d9:77:5a:51:b5:25:c1:
99:54:42:46:ee:20:57:9b:48:4c:9e:55:0c:47:eb:
74:7d:e0:54:d3:44:7f:47:6e:1c:1e:a9:90:18:d9:
18:4f:6f:99:df:eb:da:2e:76:72:71:48:28:a8:00:
7c:ba:ea:1a:c4:8a:e1:39:58:28:6d:22:c1:0a:12:
2f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:A2:9C:9F:C1:FE:EF:1B:5E:7B:DC:D4:60:7B:63:28:28:4B:49:B6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9FA5EE9CCBE511EF97D8AAAA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.87.0/24
Signature Algorithm: sha256WithRSAEncryption
34:5c:15:94:b7:b9:9d:6b:4a:4b:e6:b4:31:74:20:bc:bc:1e:
83:3c:d2:61:96:00:5d:e2:8f:4f:65:06:8b:d5:b8:db:9b:38:
f1:15:8c:43:6c:6b:be:bc:2b:54:70:0c:f1:4d:a4:a3:da:6e:
ca:b6:ce:dc:3a:53:67:85:88:44:f3:f1:d1:7c:fb:ed:61:bb:
c7:92:59:70:c6:41:d7:2e:c0:b7:ce:e0:85:a4:15:9a:68:c3:
19:14:5b:2e:96:57:a9:e9:99:fd:cf:15:77:01:98:38:0e:f1:
34:d6:11:2a:40:94:4c:22:8c:03:61:ba:2d:cc:73:b1:05:61:
7e:48:8b:81:9d:f7:ba:af:b0:8a:2a:33:d8:db:98:6d:b2:65:
3c:05:5c:71:cc:4f:e7:9f:32:18:37:fd:04:41:1c:59:77:77:
15:32:c8:de:19:4e:75:bd:c4:0e:a6:ed:ea:15:00:bd:40:bc:
b7:17:a7:46:ad:50:79:0a:7b:bd:cd:c2:92:ba:57:9b:54:58:
bc:2c:f7:ef:d3:02:cd:d4:9e:a5:03:ca:78:7e:0f:84:9a:f0:
52:e1:95:bf:26:47:4c:02:33:fa:65:5c:56:8a:d9:8e:7c:e0:
16:48:b8:08:a1:59:4a:2c:ce:2c:8b:bf:5f:3c:87:da:50:c4:
a2:85:e9:b9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATV9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA2MDQyMDUyWhcNMjUwMjA4MDQyMDUyWjAYMRYw
FAYDVQQDEw02NzdiNWEyOC1mYTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4Uy3h8NCUJonxHuRIubAyFI3ZWniVrRYztOkNLb7RvJcF2O6DyJ20Zav
U3obvalTBHsFRYMCEnZr498qepWVMa1VK9uJBZ/FKugFo7+tIVJzQsgOKPG1pd9V
KDcz7TEGz8tikLGEctKycYIU5mCTYv9OwRZIeWIOrgPiv7v0YKoAlK9/L/GneJtS
airFSBrrfcY9ypBcaAGcOsLgCf3ejT2lrTgkBMsxJbcVT0EcfWuLOtwlJGdriamW
Y9l3WlG1JcGZVEJG7iBXm0hMnlUMR+t0feBU00R/R24cHqmQGNkYT2+Z3+vaLnZy
cUgoqAB8uuoaxIrhOVgobSLBChIvMQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOSi
nJ/B/u8bXnvc1GB7YygoS0m2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85RkE1RUU5Q0NCRTUxMUVGOTdEOEFBQUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtlXMA0GCSqGSIb3DQEB
CwUAA4IBAQA0XBWUt7mda0pL5rQxdCC8vB6DPNJhlgBd4o9PZQaL1bjbmzjxFYxD
bGu+vCtUcAzxTaSj2m7Kts7cOlNnhYhE8/HRfPvtYbvHkllwxkHXLsC3zuCFpBWa
aMMZFFsullep6Zn9zxV3AZg4DvE01hEqQJRMIowDYbotzHOxBWF+SIuBnfe6r7CK
KjPY25htsmU8BVxxzE/nnzIYN/0EQRxZd3cVMsjeGU51vcQOpu3qFQC9QLy3F6dG
rVB5Cnu9zcKSulebVFi8LPfv0wLN1J6lA8p4fg+EmvBS4ZW/JkdMAjP6ZVxWitmO
fOAWSLgIoVlKLM4si79fPIfaUMSihem5
-----END CERTIFICATE-----
Generated at Fri Apr 25 16:59:28 2025 by rpki-client