Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B5EF8C9ED98211EFA53B436B762E951A.roa
File: B5EF8C9ED98211EFA53B436B762E951A.roa (raw, json)
Hash identifier: xYXlXt9U8NBoQH3LtgZYBIpR4+NAVxCXgBwymlfWzTY=
Subject key identifier: 85:D7:DC:59:12:24:0B:73:D1:A6:DA:7A:80:6A:44:FC:DD:62:19:F5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0141EF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B5EF8C9ED98211EFA53B436B762E951A.roa
Signing time: Thu 23 Jan 2025 12:08:09 +0000
ROA not before: Thu 23 Jan 2025 12:08:05 +0000
ROA not after: Thu 13 Mar 2025 12:08:05 +0000
asID: 138915
IP address blocks: 154.203.157.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82415 (0x141ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 23 12:08:05 2025 GMT
Not After : Mar 13 12:08:05 2025 GMT
Subject: CN=67923129-ed98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:33:78:21:59:c6:4a:ac:56:d2:c8:53:21:59:
e3:86:6b:7e:44:b9:8f:4d:dc:53:97:d6:39:65:da:
3d:68:3e:03:ad:2e:6a:e4:0d:aa:14:a7:09:2b:f0:
c1:53:e0:15:4a:de:47:44:58:6e:99:13:2c:49:23:
3a:08:d7:bc:d2:3a:a9:0c:92:18:27:f3:15:ef:0a:
57:ba:17:69:c6:0d:4d:39:6c:78:c1:b3:f1:6c:c8:
b0:79:a7:af:f2:0c:be:45:d5:e0:e7:9b:c6:a6:1d:
b7:0a:95:9c:8b:89:33:b2:b2:4f:db:cc:ba:93:82:
5c:91:3f:e4:7b:59:61:8f:2e:70:fb:12:eb:85:9f:
96:d5:ab:34:c0:30:b4:07:fc:a9:3c:61:38:49:25:
f5:9f:e9:01:15:ad:09:c2:aa:ed:f8:8e:96:7a:8e:
f7:2c:55:c5:2e:9e:94:79:f0:d3:4e:7d:f5:34:20:
71:dd:da:a4:8a:f2:95:57:8b:b8:6d:e2:b1:f0:8b:
83:92:5f:de:e1:2e:97:74:d0:1d:51:f4:a0:ef:d9:
02:02:60:a6:83:a7:59:c5:95:30:c3:46:d8:db:48:
84:d2:74:20:4c:4d:3a:14:c0:8c:83:ee:8a:3d:b0:
6d:d0:05:b6:13:e0:82:09:a9:e0:95:11:75:e5:c8:
bb:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:D7:DC:59:12:24:0B:73:D1:A6:DA:7A:80:6A:44:FC:DD:62:19:F5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B5EF8C9ED98211EFA53B436B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.157.0/24
Signature Algorithm: sha256WithRSAEncryption
25:07:d3:f9:e5:a4:34:76:c3:d8:16:2d:d9:ec:bc:ae:f4:ce:
f7:88:fe:de:dc:fb:14:b6:1f:02:79:65:d6:70:c0:89:53:b4:
c5:74:14:25:66:7d:56:6e:1d:9b:56:4c:c3:f9:8b:a5:b0:72:
33:91:29:82:72:f7:92:9c:89:ff:c1:af:d0:d7:f2:a4:85:60:
7a:68:4c:03:fd:18:fd:e1:64:2c:98:7e:50:75:e3:d9:c2:78:
58:a9:dc:74:53:3d:b7:be:82:5f:e4:d3:c5:d8:6a:d2:99:d7:
b7:8d:7a:3a:83:4a:ab:36:32:cd:6d:5c:15:4e:33:98:0f:81:
a0:5d:b9:a1:b8:58:64:b3:df:8b:b4:34:30:b5:64:c8:4f:65:
a2:9e:0b:db:1e:22:bb:03:ea:ad:e7:d3:73:8f:87:08:76:b2:
1f:7e:a8:2f:22:a9:f7:f5:18:be:f6:62:d1:d6:0d:06:6a:2b:
de:28:b9:23:97:50:dd:d3:0c:7b:1a:2b:e7:06:bf:08:26:9d:
f3:bb:1b:e7:f6:0f:1c:73:6a:bf:d5:bc:fb:c5:d9:11:ec:b4:
7e:21:32:57:d2:1d:5b:e3:89:0e:ce:83:04:b8:b2:b8:2a:a6:
d3:ee:cd:8d:b8:fe:4c:c0:22:33:6c:8b:45:ac:17:39:6a:b4:
6a:61:25:13
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUHvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMTIwODA1WhcNMjUwMzEzMTIwODA1WjAYMRYw
FAYDVQQDEw02NzkyMzEyOS1lZDk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwDN4IVnGSqxW0shTIVnjhmt+RLmPTdxTl9Y5Zdo9aD4DrS5q5A2qFKcJ
K/DBU+AVSt5HRFhumRMsSSM6CNe80jqpDJIYJ/MV7wpXuhdpxg1NOWx4wbPxbMiw
eaev8gy+RdXg55vGph23CpWci4kzsrJP28y6k4JckT/ke1lhjy5w+xLrhZ+W1as0
wDC0B/ypPGE4SSX1n+kBFa0Jwqrt+I6Weo73LFXFLp6UefDTTn31NCBx3dqkivKV
V4u4beKx8IuDkl/e4S6XdNAdUfSg79kCAmCmg6dZxZUww0bY20iE0nQgTE06FMCM
g+6KPbBt0AW2E+CCCanglRF15ci7swIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIXX
3FkSJAtz0abaeoBqRPzdYhn1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNUVGOEM5RUQ5ODIxMUVGQTUzQjQzNkI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsudMA0GCSqGSIb3DQEB
CwUAA4IBAQAlB9P55aQ0dsPYFi3Z7Lyu9M73iP7e3PsUth8CeWXWcMCJU7TFdBQl
Zn1Wbh2bVkzD+YulsHIzkSmCcveSnIn/wa/Q1/KkhWB6aEwD/Rj94WQsmH5QdePZ
wnhYqdx0Uz23voJf5NPF2GrSmde3jXo6g0qrNjLNbVwVTjOYD4GgXbmhuFhks9+L
tDQwtWTIT2WingvbHiK7A+qt59Nzj4cIdrIffqgvIqn39Ri+9mLR1g0GaiveKLkj
l1Dd0wx7GivnBr8IJp3zuxvn9g8cc2q/1bz7xdkR7LR+ITJX0h1b44kOzoMEuLK4
KqbT7s2NuP5MwCIzbItFrBc5arRqYSUT
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:42:28 2025 by rpki-client