Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF861F58DB6211EF8CCE4A8F762E951A.roa
File: AF861F58DB6211EF8CCE4A8F762E951A.roa (raw, json)
Hash identifier: gV1H4YnbtnpKxIfnJ97+eF4+w3rphmaA2/MTHcZSR/E=
Subject key identifier: 5A:D4:72:DE:46:5B:37:4D:D8:63:30:2F:83:73:0D:9F:E9:FB:A8:DB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014A66
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF861F58DB6211EF8CCE4A8F762E951A.roa
Signing time: Sat 25 Jan 2025 21:23:57 +0000
ROA not before: Sat 25 Jan 2025 21:23:53 +0000
ROA not after: Wed 19 Mar 2025 21:23:53 +0000
asID: 138915
IP address blocks: 154.90.58.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84582 (0x14a66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 25 21:23:53 2025 GMT
Not After : Mar 19 21:23:53 2025 GMT
Subject: CN=6795566d-ced8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:27:38:87:17:46:1b:4e:5e:53:b3:52:cc:18:
85:ae:93:af:67:8f:30:c3:79:93:53:d5:f6:62:3f:
a7:40:71:48:28:d8:ea:ac:9e:74:df:51:ed:73:bb:
96:cd:51:9c:e0:95:33:0f:5e:e3:8b:d1:f9:09:d1:
96:cf:b7:e8:6e:28:be:8b:36:d4:d6:c4:eb:4b:a5:
56:8d:5d:bd:aa:f0:66:0c:3d:58:4d:ad:ce:ba:69:
1b:60:6e:cc:1f:8b:60:45:01:20:c9:96:54:38:c7:
a5:36:cd:0c:c9:69:7e:04:99:0e:0a:b1:c8:65:b1:
27:6f:d0:ce:0f:c5:7f:c9:83:98:66:46:58:91:97:
8f:11:f1:7a:d2:cf:95:0b:60:02:20:3c:3e:8a:d7:
80:5d:11:07:e9:e7:50:44:16:1b:a3:85:9c:22:d2:
86:20:f8:eb:ac:8e:dd:88:da:ec:1c:bc:29:71:25:
4f:19:d5:53:cf:88:22:19:30:df:e0:6f:3f:dc:1e:
b1:46:f7:cb:83:bc:81:6a:2a:30:a3:cd:86:98:58:
67:08:ed:bd:e4:25:de:9b:9b:a7:3a:d1:36:d4:f7:
c8:48:dc:da:4b:08:1f:f2:77:9d:90:c3:63:bd:9c:
43:f3:74:ad:09:0a:69:23:cd:ce:f9:3c:58:85:43:
b2:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:D4:72:DE:46:5B:37:4D:D8:63:30:2F:83:73:0D:9F:E9:FB:A8:DB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF861F58DB6211EF8CCE4A8F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.58.0/23
Signature Algorithm: sha256WithRSAEncryption
07:e6:51:33:da:82:8b:5c:19:f3:22:cc:24:c6:1c:03:4e:a9:
12:72:29:63:cc:ec:66:b9:87:44:a2:40:06:5a:a8:68:77:5c:
49:62:1a:e6:d8:4a:9e:18:76:3c:59:12:12:52:67:9c:b6:56:
25:eb:de:2a:d1:93:b1:ac:01:09:1e:c4:9c:80:39:b4:e6:25:
95:36:6a:2d:69:88:ef:ef:60:20:a9:c0:3a:70:a1:cc:84:7c:
7c:75:91:e4:71:8b:57:1c:60:7f:08:3c:94:db:96:54:3a:11:
f2:78:42:4c:44:7d:77:cb:5f:0d:a5:8f:7f:7f:2a:04:dd:bb:
20:24:d8:cf:00:65:2d:fd:5d:69:d1:9f:9a:e4:e7:10:cd:ef:
24:02:b8:bf:84:93:c2:fa:cb:23:67:89:7c:19:9e:14:d3:6a:
ad:8f:51:a8:4e:51:19:41:be:10:80:2e:45:23:54:68:35:0f:
a7:5a:63:3e:41:d2:13:5d:ca:47:97:8c:ca:aa:08:a6:87:c1:
ed:6f:fd:cc:a2:8c:8f:c6:5e:bc:ac:0f:c7:88:43:ef:cb:a7:
af:59:d6:a1:77:24:52:0f:90:0d:a1:62:56:d9:28:c6:87:b2:
0b:e3:9c:d3:d5:74:6c:32:cd:6f:5d:71:db:f5:fc:86:f7:b1:
8b:3f:d5:54
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUpmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI1MjEyMzUzWhcNMjUwMzE5MjEyMzUzWjAYMRYw
FAYDVQQDEw02Nzk1NTY2ZC1jZWQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAric4hxdGG05eU7NSzBiFrpOvZ48ww3mTU9X2Yj+nQHFIKNjqrJ5031Ht
c7uWzVGc4JUzD17ji9H5CdGWz7fobii+izbU1sTrS6VWjV29qvBmDD1YTa3Oumkb
YG7MH4tgRQEgyZZUOMelNs0MyWl+BJkOCrHIZbEnb9DOD8V/yYOYZkZYkZePEfF6
0s+VC2ACIDw+iteAXREH6edQRBYbo4WcItKGIPjrrI7diNrsHLwpcSVPGdVTz4gi
GTDf4G8/3B6xRvfLg7yBaiowo82GmFhnCO295CXem5unOtE21PfISNzaSwgf8ned
kMNjvZxD83StCQppI83O+TxYhUOyFwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFrU
ct5GWzdN2GMwL4NzDZ/p+6jbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRjg2MUY1OERCNjIxMUVGOENDRTRBOEY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlo6MA0GCSqGSIb3DQEB
CwUAA4IBAQAH5lEz2oKLXBnzIswkxhwDTqkSciljzOxmuYdEokAGWqhod1xJYhrm
2EqeGHY8WRISUmectlYl694q0ZOxrAEJHsScgDm05iWVNmotaYjv72AgqcA6cKHM
hHx8dZHkcYtXHGB/CDyU25ZUOhHyeEJMRH13y18NpY9/fyoE3bsgJNjPAGUt/V1p
0Z+a5OcQze8kAri/hJPC+ssjZ4l8GZ4U02qtj1GoTlEZQb4QgC5FI1RoNQ+nWmM+
QdITXcpHl4zKqgimh8Htb/3MooyPxl68rA/HiEPvy6evWdahdyRSD5ANoWJW2SjG
h7IL45zT1XRsMs1vXXHb9fyG97GLP9VU
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:06:41 2025 by rpki-client