Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB7AB964D50411EFB15AE949762E951A.roa
File: AB7AB964D50411EFB15AE949762E951A.roa (raw, json)
Hash identifier: qBYfH0aJzBQl92Upbf2qVsxZB5jph7XWLxMZeqVCOPE=
Subject key identifier: 43:85:34:18:9F:E2:5D:6B:13:9C:E1:E9:86:2E:72:D7:E8:FE:CB:6D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013D21
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB7AB964D50411EFB15AE949762E951A.roa
Signing time: Fri 17 Jan 2025 18:55:50 +0000
ROA not before: Fri 17 Jan 2025 18:55:47 +0000
ROA not after: Sat 01 Feb 2025 18:55:47 +0000
asID: 54801
IP address blocks: 154.214.32.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81185 (0x13d21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 17 18:55:47 2025 GMT
Not After : Feb 1 18:55:47 2025 GMT
Subject: CN=678aa7b6-a616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:25:3d:a1:03:db:7e:5b:9a:b1:e7:b6:95:01:
8b:b9:9c:9b:d3:8e:10:ae:16:ce:85:79:35:7f:93:
0f:8f:78:de:6d:c5:66:d3:c6:08:40:e1:dc:42:0c:
08:cd:26:33:19:5f:24:9b:32:7d:83:ba:7e:83:62:
7a:7e:95:cb:0e:05:86:2f:9d:2c:e5:bb:c9:bb:b5:
00:85:11:b7:3a:ee:f3:fb:42:5e:c4:76:36:8e:bb:
74:03:b4:86:4d:2e:fc:b5:ca:81:2a:3d:83:12:46:
00:a7:fb:ff:69:f3:ce:f8:c6:0f:2d:7e:6a:25:1a:
c7:7e:bd:d7:0b:25:96:fd:e5:aa:06:3b:b8:fd:c5:
59:1c:c1:47:db:b4:b1:61:3f:d4:29:41:68:d5:91:
50:15:17:a1:20:3f:0e:a5:b3:2a:68:cf:69:b2:5b:
99:77:14:4b:1b:5e:e8:60:d8:bf:6d:72:cd:fa:32:
90:80:48:ea:bd:3a:ad:11:18:2c:a4:71:b0:ec:ab:
37:10:18:21:78:55:19:6c:85:83:3e:d9:44:18:e8:
cd:b7:69:f2:a2:0d:8c:0b:d3:a1:fe:ee:a6:69:ec:
68:3f:b1:cc:30:9a:c1:e5:1e:43:97:ef:4a:9d:00:
4a:5d:eb:27:be:8a:75:3b:62:03:95:bf:d1:4c:b6:
72:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:85:34:18:9F:E2:5D:6B:13:9C:E1:E9:86:2E:72:D7:E8:FE:CB:6D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB7AB964D50411EFB15AE949762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.32.0/19
Signature Algorithm: sha256WithRSAEncryption
5d:7a:5f:8b:e0:e6:cb:4f:76:b5:8e:a4:35:65:42:b4:cd:13:
ff:59:80:c0:18:ce:22:1b:43:1f:e9:da:9a:c6:c5:53:6e:21:
4e:e5:18:5f:6e:62:21:49:dc:51:1c:3e:c7:d2:80:2a:e6:11:
56:b6:96:96:73:02:0c:8c:52:0b:52:1b:22:d5:37:23:0e:57:
2a:17:3a:6b:1a:e5:dc:18:4c:50:c9:69:16:b4:9d:d2:98:55:
83:1d:79:6a:4b:d2:91:93:61:3d:0c:43:b6:13:58:7d:e0:bd:
cd:8a:1d:8f:2d:2f:a4:33:2e:b4:69:11:40:76:55:f1:8f:4d:
1b:5b:21:90:49:79:b9:fb:fb:17:7f:0a:65:04:51:d6:29:5c:
1a:cf:f8:92:d5:2a:ae:89:40:18:64:cf:4a:54:e0:1b:d9:56:
b6:78:b3:a4:10:86:f6:41:65:55:f3:40:10:4d:15:a4:66:21:
7a:7b:17:b4:f7:72:bb:c5:25:5d:1d:bb:a5:fc:8d:f8:92:86:
e2:43:f7:a5:2f:e9:d5:04:01:4e:d4:4e:5a:8f:b3:3a:fa:43:
12:17:4a:fe:b4:90:6e:13:79:fa:78:c6:11:05:0c:13:e3:f1:
ad:9c:04:68:82:20:95:9c:ed:9e:f7:e9:9a:2d:ce:1b:02:cc:
8a:fc:b2:3e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT0hMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE3MTg1NTQ3WhcNMjUwMjAxMTg1NTQ3WjAYMRYw
FAYDVQQDEw02NzhhYTdiNi1hNjE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxyU9oQPbfluasee2lQGLuZyb044QrhbOhXk1f5MPj3jebcVm08YIQOHc
QgwIzSYzGV8kmzJ9g7p+g2J6fpXLDgWGL50s5bvJu7UAhRG3Ou7z+0JexHY2jrt0
A7SGTS78tcqBKj2DEkYAp/v/afPO+MYPLX5qJRrHfr3XCyWW/eWqBju4/cVZHMFH
27SxYT/UKUFo1ZFQFRehID8OpbMqaM9psluZdxRLG17oYNi/bXLN+jKQgEjqvTqt
ERgspHGw7Ks3EBgheFUZbIWDPtlEGOjNt2nyog2MC9Oh/u6maexoP7HMMJrB5R5D
l+9KnQBKXesnvop1O2IDlb/RTLZy7QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEOF
NBif4l1rE5zh6YYuctfo/sttMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQjdBQjk2NEQ1MDQxMUVGQjE1QUU5NDk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmtYgMA0GCSqGSIb3DQEB
CwUAA4IBAQBdel+L4ObLT3a1jqQ1ZUK0zRP/WYDAGM4iG0Mf6dqaxsVTbiFO5Rhf
bmIhSdxRHD7H0oAq5hFWtpaWcwIMjFILUhsi1TcjDlcqFzprGuXcGExQyWkWtJ3S
mFWDHXlqS9KRk2E9DEO2E1h94L3Nih2PLS+kMy60aRFAdlXxj00bWyGQSXm5+/sX
fwplBFHWKVwaz/iS1SquiUAYZM9KVOAb2Va2eLOkEIb2QWVV80AQTRWkZiF6exe0
93K7xSVdHbul/I34kobiQ/elL+nVBAFO1E5aj7M6+kMSF0r+tJBuE3n6eMYRBQwT
4/GtnARogiCVnO2e9+maLc4bAsyK/LI+
-----END CERTIFICATE-----
Generated at Sun Apr 27 06:11:43 2025 by rpki-client