Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF928FC8DA6711EFA43BA476762E951A.roa
File: AF928FC8DA6711EFA43BA476762E951A.roa (raw, json)
Hash identifier: sHsQkgz5+3wGeVCVMXA86HsVDUurq+fZ16a3HolZmb8=
Subject key identifier: 7E:E9:07:48:4B:F1:87:CB:C8:3B:9E:73:2F:8F:1F:B9:3A:6D:33:E2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0148A6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF928FC8DA6711EFA43BA476762E951A.roa
Signing time: Fri 24 Jan 2025 15:27:13 +0000
ROA not before: Fri 24 Jan 2025 15:27:10 +0000
ROA not after: Sat 01 Mar 2025 15:27:10 +0000
asID: 18779
IP address blocks: 154.206.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84134 (0x148a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 15:27:10 2025 GMT
Not After : Mar 1 15:27:10 2025 GMT
Subject: CN=6793b151-fe56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:bf:1f:be:12:33:14:86:d5:78:0e:21:5a:b9:
e3:6f:16:cf:4e:e6:c0:ec:ee:86:16:b7:e2:df:fa:
7e:46:0d:15:5e:ff:fa:6c:eb:c2:4d:c3:8f:df:02:
29:c4:5d:2f:9c:27:41:88:80:5d:02:ea:bf:71:b3:
b0:b3:6b:4d:e9:d4:4f:64:11:bd:c6:cf:37:28:f7:
ee:45:da:f0:4c:f7:f6:0c:c7:d8:f9:cb:99:3f:cc:
93:dd:72:ae:1d:10:a3:b0:6e:96:f2:45:3b:9c:4d:
4e:99:05:60:a4:76:97:46:9e:5d:f5:f6:97:5c:13:
df:89:f9:a7:9d:90:58:ab:82:51:94:0e:e2:c9:4b:
d5:b7:a0:8f:92:89:78:c0:7e:af:19:bc:88:07:31:
7e:a6:19:d8:d3:d0:ab:19:01:9a:6d:70:98:38:6d:
dd:b1:c1:ff:d6:53:61:4c:fc:c4:b4:f7:cb:01:64:
12:2c:27:cc:d5:67:6c:91:bd:95:5e:3f:62:e5:ee:
1b:e6:0a:1d:b6:8b:b5:3d:97:15:50:6b:ec:5d:b5:
94:bd:45:e8:12:c6:e9:34:25:ce:aa:a0:ff:43:a0:
40:2b:ee:0a:88:a4:06:86:a4:3a:33:86:58:6e:17:
89:cb:34:36:fa:e2:21:e2:3a:5d:ee:e3:e7:e1:71:
a9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:E9:07:48:4B:F1:87:CB:C8:3B:9E:73:2F:8F:1F:B9:3A:6D:33:E2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF928FC8DA6711EFA43BA476762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.20.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:51:3e:53:92:70:4d:19:4b:2a:ee:33:68:18:99:17:d7:c4:
9e:6e:2f:52:fe:02:a3:dd:0c:b7:1e:9d:9d:c8:df:7f:df:c2:
c6:1e:51:6b:07:be:09:3f:9c:c7:b6:1e:f4:eb:72:cf:63:7f:
13:5f:f8:1d:c7:06:7b:0b:78:b7:2c:2f:73:fb:e9:36:9b:ef:
81:25:bd:30:f2:9c:55:07:41:09:b8:33:5e:69:2c:87:86:95:
6a:a6:8c:d7:3b:0f:0e:58:e1:d0:05:e6:6e:c9:30:7c:94:28:
1e:b8:10:bf:f9:10:af:93:d0:a1:d3:17:7a:3e:9f:b3:98:22:
ad:39:20:a5:ba:68:81:fb:ce:46:54:da:fb:ab:f9:8f:78:8a:
13:67:2f:25:2e:16:11:5e:8e:9a:c7:29:3e:52:27:8f:eb:f8:
4c:48:73:56:d0:d3:ff:2c:3e:84:b2:dc:ab:e5:a8:89:ce:61:
09:af:97:e8:aa:d8:ee:62:10:d5:6c:fb:8b:27:d1:9e:ac:ad:
20:0f:fa:14:36:9c:5e:c6:72:83:cf:82:34:bd:31:3c:bc:17:
96:21:8a:de:1b:b2:5c:22:32:9d:0a:45:11:97:e7:f8:f7:c1:
0b:fe:b5:a8:5b:bb:68:ab:6d:85:45:fe:cb:5e:e9:8f:94:29:
12:70:50:36
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUimMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTUyNzEwWhcNMjUwMzAxMTUyNzEwWjAYMRYw
FAYDVQQDEw02NzkzYjE1MS1mZTU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3r8fvhIzFIbVeA4hWrnjbxbPTubA7O6GFrfi3/p+Rg0VXv/6bOvCTcOP
3wIpxF0vnCdBiIBdAuq/cbOws2tN6dRPZBG9xs83KPfuRdrwTPf2DMfY+cuZP8yT
3XKuHRCjsG6W8kU7nE1OmQVgpHaXRp5d9faXXBPfifmnnZBYq4JRlA7iyUvVt6CP
kol4wH6vGbyIBzF+phnY09CrGQGabXCYOG3dscH/1lNhTPzEtPfLAWQSLCfM1Wds
kb2VXj9i5e4b5godtou1PZcVUGvsXbWUvUXoEsbpNCXOqqD/Q6BAK+4KiKQGhqQ6
M4ZYbheJyzQ2+uIh4jpd7uPn4XGpTwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH7p
B0hL8YfLyDuecy+PH7k6bTPiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRjkyOEZDOERBNjcxMUVGQTQzQkE0NzY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms4UMA0GCSqGSIb3DQEB
CwUAA4IBAQBKUT5TknBNGUsq7jNoGJkX18Sebi9S/gKj3Qy3Hp2dyN9/38LGHlFr
B74JP5zHth7063LPY38TX/gdxwZ7C3i3LC9z++k2m++BJb0w8pxVB0EJuDNeaSyH
hpVqpozXOw8OWOHQBeZuyTB8lCgeuBC/+RCvk9Ch0xd6Pp+zmCKtOSClumiB+85G
VNr7q/mPeIoTZy8lLhYRXo6axyk+UieP6/hMSHNW0NP/LD6Estyr5aiJzmEJr5fo
qtjuYhDVbPuLJ9GerK0gD/oUNpxexnKDz4I0vTE8vBeWIYreG7JcIjKdCkURl+f4
98EL/rWoW7toq22FRf7LXumPlCkScFA2
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:41:27 2025 by rpki-client