Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A65BF056DB3511EFBEA4CD64762E951A.roa
File: A65BF056DB3511EFBEA4CD64762E951A.roa (raw, json)
Hash identifier: EUD5rVu1C2uaGl6A5+VipCQfcfHWcbOEiVguWqxDIVk=
Subject key identifier: 0F:6B:0C:87:DC:89:FD:01:60:21:D9:88:79:C3:59:21:26:D2:1A:C8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014A1C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A65BF056DB3511EFBEA4CD64762E951A.roa
Signing time: Sat 25 Jan 2025 16:01:34 +0000
ROA not before: Sat 25 Jan 2025 16:01:31 +0000
ROA not after: Fri 07 Mar 2025 16:01:31 +0000
asID: 138915
IP address blocks: 154.223.49.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84508 (0x14a1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 25 16:01:31 2025 GMT
Not After : Mar 7 16:01:31 2025 GMT
Subject: CN=67950ade-53f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6d:f6:50:61:97:61:68:66:f8:2f:10:13:66:
06:ad:72:8d:92:89:c2:2c:33:16:d6:9e:de:2d:97:
71:9b:5d:d5:cf:f7:05:03:c5:e9:9b:74:a2:d2:23:
e8:7b:42:3a:49:f6:4b:74:99:c1:d6:77:37:98:f3:
14:b9:3f:7c:58:9e:0e:43:a0:17:6e:93:8a:2e:83:
61:e7:e1:c3:09:1d:45:be:69:0d:98:2e:44:d5:85:
a4:0a:16:1c:11:a4:41:42:0d:2f:f8:f6:0f:b1:c0:
f6:0a:4d:f4:d9:cc:05:29:34:dd:e4:36:6a:23:6e:
5e:e9:cd:8b:d9:37:49:03:9a:c9:fc:a9:31:3f:9f:
e3:8a:bf:52:9d:a4:37:db:0a:f8:8c:f0:9d:bf:4f:
94:69:fe:85:27:3c:dd:ca:cc:5e:9e:87:12:ea:e4:
60:43:73:51:b1:e5:cc:19:19:30:aa:51:5a:80:86:
49:e3:e6:61:7d:b8:c9:69:3a:62:1e:f7:1b:f4:87:
d1:dc:a1:0c:78:a1:a8:9d:7c:99:5d:55:c9:54:87:
bb:bc:99:e3:fe:a9:fa:ae:97:d6:c7:cd:d8:ce:e0:
91:da:fd:29:6e:f2:60:6e:3f:f6:34:6a:6e:af:db:
69:fb:2b:50:18:bd:15:14:49:b0:bf:de:02:be:90:
99:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:6B:0C:87:DC:89:FD:01:60:21:D9:88:79:C3:59:21:26:D2:1A:C8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A65BF056DB3511EFBEA4CD64762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.49.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:84:7e:65:3b:5a:22:04:53:64:3a:c8:00:46:01:58:da:b7:
48:8f:be:d6:01:1f:00:18:70:1d:ab:db:ef:da:9d:dc:f4:4d:
70:13:04:07:41:0b:d2:2d:c4:02:1a:9b:72:17:6d:2c:4e:10:
1d:95:81:da:90:cc:e7:53:e3:8a:0b:28:29:fb:00:e6:3a:24:
5f:bb:c9:87:d4:cd:73:0f:de:9f:8f:21:79:81:08:3c:60:7f:
b6:7d:fd:b8:64:d1:c5:3a:a9:01:5b:8e:b5:3a:da:61:6a:04:
02:e7:cb:ba:b3:a0:73:61:1d:16:a3:ac:a7:82:60:7e:3b:24:
ec:14:fd:b6:9d:bf:76:ea:02:f1:48:58:2a:69:bf:95:72:56:
e3:ba:0b:a6:c6:39:41:ba:d0:43:00:fb:f8:60:83:cb:8b:3f:
90:39:00:29:af:18:3d:f1:07:d5:f7:43:52:ef:91:d3:f4:a7:
3c:2e:9a:42:36:58:55:ac:45:45:16:dd:bf:a6:be:bb:8d:a7:
28:0d:0c:97:cc:75:b7:1d:d4:65:98:72:f1:7c:0e:c7:be:56:
92:db:71:cc:04:56:92:d1:5d:dd:02:c6:01:2f:7b:dd:6f:43:
92:9e:b3:eb:45:52:f6:4e:16:0d:8c:21:28:1c:b3:53:c3:59:
36:4c:4b:d6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUocMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI1MTYwMTMxWhcNMjUwMzA3MTYwMTMxWjAYMRYw
FAYDVQQDEw02Nzk1MGFkZS01M2Y0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqm32UGGXYWhm+C8QE2YGrXKNkonCLDMW1p7eLZdxm13Vz/cFA8Xpm3Si
0iPoe0I6SfZLdJnB1nc3mPMUuT98WJ4OQ6AXbpOKLoNh5+HDCR1FvmkNmC5E1YWk
ChYcEaRBQg0v+PYPscD2Ck302cwFKTTd5DZqI25e6c2L2TdJA5rJ/KkxP5/jir9S
naQ32wr4jPCdv0+Uaf6FJzzdysxenocS6uRgQ3NRseXMGRkwqlFagIZJ4+ZhfbjJ
aTpiHvcb9IfR3KEMeKGonXyZXVXJVIe7vJnj/qn6rpfWx83YzuCR2v0pbvJgbj/2
NGpur9tp+ytQGL0VFEmwv94CvpCZ3wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFA9r
DIfcif0BYCHZiHnDWSEm0hrIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BNjVCRjA1NkRCMzUxMUVGQkVBNENENjQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt8xMA0GCSqGSIb3DQEB
CwUAA4IBAQCahH5lO1oiBFNkOsgARgFY2rdIj77WAR8AGHAdq9vv2p3c9E1wEwQH
QQvSLcQCGptyF20sThAdlYHakMznU+OKCygp+wDmOiRfu8mH1M1zD96fjyF5gQg8
YH+2ff24ZNHFOqkBW461OtphagQC58u6s6BzYR0Wo6yngmB+OyTsFP22nb926gLx
SFgqab+VclbjugumxjlButBDAPv4YIPLiz+QOQAprxg98QfV90NS75HT9Kc8LppC
NlhVrEVFFt2/pr67jacoDQyXzHW3HdRlmHLxfA7HvlaS23HMBFaS0V3dAsYBL3vd
b0OSnrPrRVL2ThYNjCEoHLNTw1k2TEvW
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:05:29 2025 by rpki-client