Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF7636A6C29E11EFA2EBEAB4762E951A.roa
File: AF7636A6C29E11EFA2EBEAB4762E951A.roa (raw, json)
Hash identifier: xszvZHq1maTa1G8aQfHQ+vceVYjaMQ7CAbKKNrZ0MJE=
Subject key identifier: A6:FF:4B:5A:A3:CD:70:C6:BE:6A:21:47:F1:E8:F5:46:7E:8A:2A:04
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012522
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF7636A6C29E11EFA2EBEAB4762E951A.roa
Signing time: Wed 25 Dec 2024 09:00:28 +0000
ROA not before: Wed 25 Dec 2024 09:00:24 +0000
ROA not after: Sun 09 Feb 2025 09:00:24 +0000
asID: 138915
IP address blocks: 154.223.16.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75042 (0x12522)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Dec 25 09:00:24 2024 GMT
Not After : Feb 9 09:00:24 2025 GMT
Subject: CN=676bc9ab-4bb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:8a:b3:b1:2d:cf:7d:00:95:37:6b:9d:09:53:
4e:de:88:0d:f0:75:e2:2e:0e:19:81:7a:a2:ef:81:
54:0b:73:3e:ff:c0:c1:ff:52:2a:5b:bb:ee:c7:4d:
e6:f8:d6:73:53:51:54:09:91:e3:a7:fd:30:90:fe:
6e:b4:df:5a:a5:d7:e2:5d:da:42:7b:c3:d7:59:66:
c3:cd:09:82:58:5a:a3:54:94:eb:d1:c5:1e:9a:08:
5d:d8:56:06:c5:7b:01:df:e3:a0:77:2f:eb:62:a2:
2b:5f:7f:a0:55:ab:f9:98:2b:3b:3f:ea:3c:21:53:
bf:b3:6f:cf:46:55:81:e1:ce:ad:58:a9:1f:32:45:
cd:52:2f:54:9b:67:88:4b:6f:f3:3c:13:c5:1d:8c:
49:04:92:82:fc:a8:e0:cf:36:d1:2a:d5:ec:af:70:
44:90:b0:b6:10:03:fc:06:df:66:d7:e2:1b:5d:6d:
c0:3b:0a:55:51:af:1d:49:06:b7:b4:ac:c3:8e:0e:
4f:f6:51:3c:d1:6f:0d:de:a2:6e:84:82:55:ec:26:
58:8b:d5:f7:60:01:79:c8:32:c8:8d:d9:0e:f4:47:
3a:c9:5b:36:65:66:42:70:f1:9b:50:e8:b1:15:a6:
25:52:a9:9d:c4:69:bf:51:ae:20:f2:e4:3d:ac:ac:
24:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:FF:4B:5A:A3:CD:70:C6:BE:6A:21:47:F1:E8:F5:46:7E:8A:2A:04
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF7636A6C29E11EFA2EBEAB4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.16.0/21
Signature Algorithm: sha256WithRSAEncryption
30:7a:06:d7:80:3a:a4:cf:8b:05:82:4e:b4:4d:71:5c:41:84:
48:1d:cb:22:41:38:6c:ac:4a:69:af:30:92:5e:d7:3e:6e:3d:
d2:d6:7b:08:f3:ca:12:cb:a1:a7:6d:6f:65:35:60:8d:3a:d7:
0f:49:6e:8e:26:be:13:b6:2d:9d:69:de:e6:9d:e3:08:e6:fa:
1f:73:2d:33:b1:44:aa:9a:4d:05:d5:cc:94:31:c8:01:fb:a5:
3f:ee:aa:9d:2f:ed:e7:d4:07:41:19:1a:4d:fa:d8:14:5e:d6:
1e:5d:2b:db:f1:d9:9e:c5:3d:0f:ea:ff:ce:1d:f9:43:9d:e7:
5f:b6:ba:03:b1:d0:1b:49:d9:65:53:f1:15:d9:7e:95:3d:8f:
09:78:47:44:ff:94:d8:36:26:c3:66:a1:6a:d2:17:62:33:8e:
27:64:25:e7:b9:42:21:eb:39:2e:15:26:8c:32:c3:d2:47:ec:
0f:92:4b:4a:d5:ce:0e:a8:81:aa:bf:60:05:12:6c:9a:dd:9f:
3f:31:f3:36:fa:8b:10:e4:2d:5a:41:37:73:31:69:dc:c5:1c:
c0:23:90:b8:c3:bb:c1:57:0a:c5:71:55:7a:ee:ba:79:02:83:
ac:76:fc:62:16:33:5e:fe:19:e5:30:82:04:fa:8f:fd:f8:91:
b2:06:58:fe
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASUiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDkwMDI0WhcNMjUwMjA5MDkwMDI0WjAYMRYw
FAYDVQQDEw02NzZiYzlhYi00YmI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5YqzsS3PfQCVN2udCVNO3ogN8HXiLg4ZgXqi74FUC3M+/8DB/1IqW7vu
x03m+NZzU1FUCZHjp/0wkP5utN9apdfiXdpCe8PXWWbDzQmCWFqjVJTr0cUemghd
2FYGxXsB3+Ogdy/rYqIrX3+gVav5mCs7P+o8IVO/s2/PRlWB4c6tWKkfMkXNUi9U
m2eIS2/zPBPFHYxJBJKC/KjgzzbRKtXsr3BEkLC2EAP8Bt9m1+IbXW3AOwpVUa8d
SQa3tKzDjg5P9lE80W8N3qJuhIJV7CZYi9X3YAF5yDLIjdkO9Ec6yVs2ZWZCcPGb
UOixFaYlUqmdxGm/Ua4g8uQ9rKwkRQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKb/
S1qjzXDGvmohR/Ho9UZ+iioEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRjc2MzZBNkMyOUUxMUVGQTJFQkVBQjQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmt8QMA0GCSqGSIb3DQEB
CwUAA4IBAQAwegbXgDqkz4sFgk60TXFcQYRIHcsiQThsrEpprzCSXtc+bj3S1nsI
88oSy6GnbW9lNWCNOtcPSW6OJr4Tti2dad7mneMI5vofcy0zsUSqmk0F1cyUMcgB
+6U/7qqdL+3n1AdBGRpN+tgUXtYeXSvb8dmexT0P6v/OHflDnedftroDsdAbSdll
U/EV2X6VPY8JeEdE/5TYNibDZqFq0hdiM44nZCXnuUIh6zkuFSaMMsPSR+wPkktK
1c4OqIGqv2AFEmya3Z8/MfM2+osQ5C1aQTdzMWncxRzAI5C4w7vBVwrFcVV67rp5
AoOsdvxiFjNe/hnlMIIE+o/9+JGyBlj+
-----END CERTIFICATE-----
Generated at Sat Apr 26 02:16:03 2025 by rpki-client