Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B491470CDCC511EFAE931F6B762E951A.roa
File: B491470CDCC511EFAE931F6B762E951A.roa (raw, json)
Hash identifier: aw1hC1AS3ndcKvpWsoiuMmpYNWgVbl/gN++DpeuZK/k=
Subject key identifier: F9:3C:56:32:C5:E9:8F:19:9C:B3:D8:40:4E:4D:B9:74:7B:A6:69:36
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014C51
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B491470CDCC511EFAE931F6B762E951A.roa
Signing time: Mon 27 Jan 2025 15:45:17 +0000
ROA not before: Mon 27 Jan 2025 15:45:13 +0000
ROA not after: Thu 13 Feb 2025 15:45:13 +0000
asID: 5065
IP address blocks: 154.207.172.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85073 (0x14c51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 27 15:45:13 2025 GMT
Not After : Feb 13 15:45:13 2025 GMT
Subject: CN=6797aa0d-201d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a1:7e:87:1a:dc:44:6b:b0:07:8a:2a:4a:04:
5c:03:3f:03:c4:b5:ea:42:ec:20:c6:f2:ee:11:5a:
29:f7:00:ba:fe:56:01:3b:5b:fb:99:f3:0e:f2:54:
56:6e:66:31:d4:64:33:57:5e:91:13:0a:b1:89:2c:
1e:1b:82:d7:e6:12:a2:8f:ce:0e:47:bc:fd:c4:b6:
ba:f9:2b:54:ba:e6:6e:f8:f8:17:ec:8d:6e:a2:f5:
e8:b7:36:4c:fc:06:a6:b0:ac:b7:18:98:b0:3e:15:
bf:dc:cf:ca:65:63:f6:65:ed:95:22:29:3b:4e:17:
04:a7:ee:f6:6e:00:9b:52:1e:e9:b9:0e:e4:e0:0f:
e8:67:35:9f:ed:15:e8:e2:05:a3:70:49:0d:53:0c:
ff:eb:b5:36:47:87:94:41:b6:a6:62:ae:9c:06:d6:
cc:2e:9f:6e:fc:de:83:78:60:f8:11:ff:f0:5d:1a:
5d:99:be:2b:ad:a6:49:66:57:ca:22:d8:04:38:29:
a3:a5:7f:c1:99:17:97:4e:64:c3:b3:95:f6:ee:0e:
c2:a2:f0:8f:01:f8:99:ce:23:70:c8:ac:bb:88:8d:
71:8a:8d:41:4c:28:77:d3:b2:77:1f:f3:1b:5a:2a:
96:2a:98:ce:7f:b6:ac:b3:ab:1f:dd:67:8d:72:1b:
89:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:3C:56:32:C5:E9:8F:19:9C:B3:D8:40:4E:4D:B9:74:7B:A6:69:36
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B491470CDCC511EFAE931F6B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.172.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:d2:15:c7:ec:c4:bf:9f:78:0d:ac:91:67:f1:f5:07:cf:31:
f3:51:d5:73:3b:4b:65:bc:47:b4:b0:2e:53:c5:8b:3f:41:7b:
94:36:81:a6:e9:53:8f:ef:f2:bf:12:d5:4c:60:6b:63:8a:6e:
0d:b7:70:c7:d9:18:7b:dd:85:7c:55:dc:07:c1:1b:96:82:69:
7e:55:b1:e1:65:dc:e6:d1:16:88:7e:51:b1:5f:3b:9e:79:d7:
61:a5:83:e5:10:07:da:ab:66:c0:ff:89:3f:21:24:db:ec:0b:
3d:e7:77:8e:eb:64:c0:36:62:7e:fd:d9:c7:cf:93:55:a4:42:
4b:da:3d:8d:da:f0:79:d6:26:56:f5:4c:be:cc:e7:d0:09:2b:
16:75:6d:83:b2:29:f1:d3:d2:b1:d5:61:a6:75:51:ff:ff:71:
f1:34:94:14:2f:72:00:10:5f:55:6d:86:24:76:97:0d:1a:4d:
fe:45:f8:95:a4:8f:a2:da:26:70:cc:d3:4e:06:ba:47:54:6b:
a2:fd:d5:29:6e:31:c3:9a:38:c4:0a:d3:a8:15:d7:47:3e:22:
29:c8:47:f1:bd:7a:5a:29:98:b2:87:eb:5d:d2:ad:67:46:25:
39:ca:05:14:b5:ee:41:b1:37:ef:90:46:c0:91:5c:f6:ea:65:
65:1d:0a:f4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUxRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI3MTU0NTEzWhcNMjUwMjEzMTU0NTEzWjAYMRYw
FAYDVQQDEw02Nzk3YWEwZC0yMDFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz6F+hxrcRGuwB4oqSgRcAz8DxLXqQuwgxvLuEVop9wC6/lYBO1v7mfMO
8lRWbmYx1GQzV16REwqxiSweG4LX5hKij84OR7z9xLa6+StUuuZu+PgX7I1uovXo
tzZM/AamsKy3GJiwPhW/3M/KZWP2Ze2VIik7ThcEp+72bgCbUh7puQ7k4A/oZzWf
7RXo4gWjcEkNUwz/67U2R4eUQbamYq6cBtbMLp9u/N6DeGD4Ef/wXRpdmb4rraZJ
ZlfKItgEOCmjpX/BmReXTmTDs5X27g7CovCPAfiZziNwyKy7iI1xio1BTCh307J3
H/MbWiqWKpjOf7ass6sf3WeNchuJCwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPk8
VjLF6Y8ZnLPYQE5NuXR7pmk2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNDkxNDcwQ0RDQzUxMUVGQUU5MzFGNkI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCms+sMA0GCSqGSIb3DQEB
CwUAA4IBAQAb0hXH7MS/n3gNrJFn8fUHzzHzUdVzO0tlvEe0sC5TxYs/QXuUNoGm
6VOP7/K/EtVMYGtjim4Nt3DH2Rh73YV8VdwHwRuWgml+VbHhZdzm0RaIflGxXzue
eddhpYPlEAfaq2bA/4k/ISTb7As953eO62TANmJ+/dnHz5NVpEJL2j2N2vB51iZW
9Uy+zOfQCSsWdW2Dsinx09Kx1WGmdVH//3HxNJQUL3IAEF9VbYYkdpcNGk3+RfiV
pI+i2iZwzNNOBrpHVGui/dUpbjHDmjjECtOoFddHPiIpyEfxvXpaKZiyh+td0q1n
RiU5ygUUte5BsTfvkEbAkVz26mVlHQr0
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:02:16 2025 by rpki-client