Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AE827C94D9D411EF80BCE785762E951A.roa
File: AE827C94D9D411EF80BCE785762E951A.roa (raw, json)
Hash identifier: wZbOSesiPobOGCR49FeNIpEOBRKyEkU37bwpx9PxLLE=
Subject key identifier: 78:1A:A3:E2:52:F3:B0:EF:E4:B6:9D:C4:EC:E0:93:EC:A2:50:1B:39
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01432B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AE827C94D9D411EF80BCE785762E951A.roa
Signing time: Thu 23 Jan 2025 21:54:56 +0000
ROA not before: Fri 24 Jan 2025 21:54:52 +0000
ROA not after: Fri 28 Feb 2025 21:54:52 +0000
asID: 62240
IP address blocks: 154.194.85.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82731 (0x1432b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 21:54:52 2025 GMT
Not After : Feb 28 21:54:52 2025 GMT
Subject: CN=6792baaf-7e18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d7:68:34:8b:3a:b6:02:92:03:48:b5:8a:dd:
bf:a1:11:58:d7:29:f7:d0:60:37:4e:c3:3a:a3:e3:
fe:3e:60:a5:11:b8:aa:58:e3:8c:fe:4a:62:db:f0:
31:50:1a:42:ae:52:ef:d6:fd:fb:ab:17:a0:a1:9b:
fe:87:d8:b8:6e:b7:96:9f:9c:bf:6e:ef:32:d7:26:
46:50:37:df:dc:42:b9:c5:5a:ac:7f:52:d6:89:6a:
4b:0e:9c:83:7c:68:e6:a4:8d:f2:b0:02:29:a0:7d:
4c:2a:39:a5:f0:e1:6a:da:2c:4a:f1:4f:51:92:b7:
55:2c:53:7f:2a:e9:ca:a6:90:13:81:d1:92:bc:a0:
46:97:4d:8b:bb:61:7b:b5:02:4f:61:57:d5:a1:ca:
11:87:52:a0:97:f7:60:cc:11:fe:72:fa:29:af:f9:
11:9b:69:ae:6f:3e:51:cd:ed:c5:03:6d:5a:8d:83:
af:e1:23:5e:54:22:a9:d7:6e:63:f3:43:af:49:12:
bb:7f:6d:8a:85:74:20:0f:dd:dd:9a:6a:56:25:d5:
fd:e9:58:ff:62:e3:3c:fd:6c:7f:81:15:40:c7:6a:
aa:95:d5:eb:64:fd:d9:d0:5e:df:b3:89:3c:77:6e:
54:93:59:c4:e0:35:bb:68:e3:d8:4b:61:50:ee:3f:
74:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:1A:A3:E2:52:F3:B0:EF:E4:B6:9D:C4:EC:E0:93:EC:A2:50:1B:39
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AE827C94D9D411EF80BCE785762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.85.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:d1:91:7e:ec:7b:1f:5b:5c:bb:99:4a:24:ed:1d:52:6e:ba:
5d:52:7a:d3:e6:61:27:ed:0a:24:f1:a3:9c:91:7c:a4:f3:75:
97:2a:f7:0e:6b:63:e9:dd:f7:62:9e:28:f2:fe:05:c1:57:94:
a1:62:a0:93:87:bc:01:a8:c8:bb:80:5f:e1:f4:21:ac:f2:1f:
cb:c3:bc:1e:7d:51:ff:93:f2:ea:84:4f:e2:8b:7e:86:ed:6e:
23:4c:17:ae:17:c7:9c:b6:d8:b5:f0:cf:d9:9e:76:47:a7:e4:
8f:f7:c8:5f:3a:2c:cc:19:90:a1:1c:8b:d9:d1:26:0f:43:10:
1d:06:55:20:de:16:3b:55:6c:b0:a1:ff:37:43:fe:18:88:06:
4b:fe:7e:cb:4d:db:44:b9:61:74:ba:99:66:1f:3c:ea:60:07:
57:1d:f5:10:d2:32:e1:f9:a9:63:69:82:61:1e:46:54:3e:c1:
93:2f:ab:bd:94:86:ef:7e:4e:11:41:60:41:4f:a1:8a:b2:bd:
44:b7:01:a9:73:d8:18:07:ff:f5:82:24:f9:db:87:a0:06:63:
6e:d0:70:6d:16:47:32:a9:e0:31:43:8c:49:b7:21:dd:e2:78:
42:bc:7d:d1:c1:20:cd:13:96:09:94:21:97:c7:1a:d2:cd:56:
09:a5:68:2b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUMrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MjE1NDUyWhcNMjUwMjI4MjE1NDUyWjAYMRYw
FAYDVQQDEw02NzkyYmFhZi03ZTE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0NdoNIs6tgKSA0i1it2/oRFY1yn30GA3TsM6o+P+PmClEbiqWOOM/kpi
2/AxUBpCrlLv1v37qxegoZv+h9i4breWn5y/bu8y1yZGUDff3EK5xVqsf1LWiWpL
DpyDfGjmpI3ysAIpoH1MKjml8OFq2ixK8U9RkrdVLFN/KunKppATgdGSvKBGl02L
u2F7tQJPYVfVocoRh1Kgl/dgzBH+cvopr/kRm2mubz5Rze3FA21ajYOv4SNeVCKp
125j80OvSRK7f22KhXQgD93dmmpWJdX96Vj/YuM8/Wx/gRVAx2qqldXrZP3Z0F7f
s4k8d25Uk1nE4DW7aOPYS2FQ7j900QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHga
o+JS87Dv5LadxOzgk+yiUBs5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRTgyN0M5NEQ5RDQxMUVGODBCQ0U3ODU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsJVMA0GCSqGSIb3DQEB
CwUAA4IBAQDD0ZF+7HsfW1y7mUok7R1SbrpdUnrT5mEn7Qok8aOckXyk83WXKvcO
a2Pp3fdinijy/gXBV5ShYqCTh7wBqMi7gF/h9CGs8h/Lw7wefVH/k/LqhE/ii36G
7W4jTBeuF8ectti18M/ZnnZHp+SP98hfOizMGZChHIvZ0SYPQxAdBlUg3hY7VWyw
of83Q/4YiAZL/n7LTdtEuWF0uplmHzzqYAdXHfUQ0jLh+aljaYJhHkZUPsGTL6u9
lIbvfk4RQWBBT6GKsr1EtwGpc9gYB//1giT524egBmNu0HBtFkcyqeAxQ4xJtyHd
4nhCvH3RwSDNE5YJlCGXxxrSzVYJpWgr
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:43:19 2025 by rpki-client