Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B6D20F20D57611EF94201541762E951A.roa
File: B6D20F20D57611EF94201541762E951A.roa (raw, json)
Hash identifier: 3DQBQ2smbj/oRUeogmAdd8X3ho8DCclDmvKyFiMKNEI=
Subject key identifier: 41:C1:83:A6:B0:E7:A4:35:47:94:1C:9B:BA:6A:EA:0B:E5:C5:40:D3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013DCE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B6D20F20D57611EF94201541762E951A.roa
Signing time: Sat 18 Jan 2025 08:32:12 +0000
ROA not before: Sat 18 Jan 2025 08:32:09 +0000
ROA not after: Sat 22 Feb 2025 08:32:09 +0000
asID: 18013
IP address blocks: 154.89.144.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81358 (0x13dce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 18 08:32:09 2025 GMT
Not After : Feb 22 08:32:09 2025 GMT
Subject: CN=678b670c-d9ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c4:51:3a:72:02:a8:6d:e1:77:70:43:98:f4:
94:5a:eb:6d:a9:15:79:62:50:31:7a:4c:8d:d6:29:
12:79:59:6f:3a:0b:d0:49:33:f8:f0:d1:ae:77:97:
71:b5:d6:25:94:e3:86:8f:5e:97:d9:d4:c3:22:41:
32:0e:ca:5e:d2:c2:92:55:f0:f8:b4:39:6a:8a:12:
c1:f5:27:6f:91:10:83:03:01:36:36:22:db:6d:62:
7f:b4:74:8d:56:7a:be:89:e0:f7:ac:03:9a:70:c1:
f4:e4:f5:a3:30:96:ab:a5:b9:03:d1:ef:bd:ef:f9:
c6:3f:68:c8:e7:f3:d3:7c:12:8c:43:6e:89:dd:99:
26:d5:08:82:47:19:36:47:da:60:f9:f5:1a:9e:8b:
ec:84:80:9e:a4:08:b7:16:c6:07:da:17:24:36:be:
42:f3:28:c3:6c:fe:5a:c6:eb:c0:34:fb:b3:22:59:
a6:61:8e:28:79:77:ba:80:e3:34:d6:1a:5a:87:55:
ad:ae:24:4f:f8:0d:47:a8:08:9c:7f:bd:99:a5:21:
29:b1:e0:1d:51:d3:00:41:d6:69:a6:0a:aa:40:52:
09:ce:3f:45:37:19:a4:01:58:00:3f:24:97:f2:f3:
eb:58:0a:52:d3:68:56:38:a9:f2:87:2c:b8:82:b8:
5b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:C1:83:A6:B0:E7:A4:35:47:94:1C:9B:BA:6A:EA:0B:E5:C5:40:D3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B6D20F20D57611EF94201541762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.144.0/20
Signature Algorithm: sha256WithRSAEncryption
4f:aa:1e:71:b7:04:46:64:43:7b:5f:8d:46:52:1f:8e:96:b0:
c6:b1:f8:6f:ff:48:66:66:72:97:a7:a2:d6:c2:d8:4e:c2:c3:
77:f8:2f:e8:f5:5a:6e:46:5f:2b:38:d9:0a:2f:95:a4:4d:21:
1b:d8:3a:ab:75:68:da:4e:19:a5:c5:bc:bc:4e:c3:d7:a6:af:
be:f2:42:59:e4:74:5e:21:07:87:0d:83:49:f2:17:8f:40:d4:
05:b5:a1:e7:82:da:93:e9:70:56:11:de:28:b0:84:e0:c1:75:
33:bf:ba:6d:4d:fb:1b:d6:8b:e8:76:a8:ff:1f:a0:48:59:ab:
1a:2b:9e:95:3e:ff:ce:34:6f:31:c8:70:01:6e:c3:0d:86:e2:
89:cf:73:2d:cf:40:e8:90:4a:32:b7:6f:30:41:c9:da:c2:85:
f5:c4:48:43:98:1d:b0:59:85:88:f7:28:81:99:07:1d:7d:fe:
83:72:1a:3d:61:10:63:3b:da:80:4b:76:d8:43:5e:1a:df:7b:
0a:b0:76:c0:57:36:c3:8f:f5:7d:15:83:81:b8:5e:83:6a:9d:
c9:78:6d:a4:cf:a9:b2:86:fe:6b:c6:dd:a5:59:ec:a6:b5:bf:
b2:5c:d8:db:9e:3c:a3:d7:4c:53:2a:ec:f5:74:14:67:4f:5d:
06:44:7f:63
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT3OMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE4MDgzMjA5WhcNMjUwMjIyMDgzMjA5WjAYMRYw
FAYDVQQDEw02NzhiNjcwYy1kOWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxsRROnICqG3hd3BDmPSUWuttqRV5YlAxekyN1ikSeVlvOgvQSTP48NGu
d5dxtdYllOOGj16X2dTDIkEyDspe0sKSVfD4tDlqihLB9SdvkRCDAwE2NiLbbWJ/
tHSNVnq+ieD3rAOacMH05PWjMJarpbkD0e+97/nGP2jI5/PTfBKMQ26J3Zkm1QiC
Rxk2R9pg+fUanovshICepAi3FsYH2hckNr5C8yjDbP5axuvANPuzIlmmYY4oeXe6
gOM01hpah1WtriRP+A1HqAicf72ZpSEpseAdUdMAQdZppgqqQFIJzj9FNxmkAVgA
PySX8vPrWApS02hWOKnyhyy4grhbBwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEHB
g6aw56Q1R5Qcm7pq6gvlxUDTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNkQyMEYyMEQ1NzYxMUVGOTQyMDE1NDE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmlmQMA0GCSqGSIb3DQEB
CwUAA4IBAQBPqh5xtwRGZEN7X41GUh+OlrDGsfhv/0hmZnKXp6LWwthOwsN3+C/o
9VpuRl8rONkKL5WkTSEb2DqrdWjaThmlxby8TsPXpq++8kJZ5HReIQeHDYNJ8heP
QNQFtaHngtqT6XBWEd4osITgwXUzv7ptTfsb1ovodqj/H6BIWasaK56VPv/ONG8x
yHABbsMNhuKJz3Mtz0DokEoyt28wQcnawoX1xEhDmB2wWYWI9yiBmQcdff6Dcho9
YRBjO9qAS3bYQ14a33sKsHbAVzbDj/V9FYOBuF6Dap3JeG2kz6myhv5rxt2lWeym
tb+yXNjbnjyj10xTKuz1dBRnT10GRH9j
-----END CERTIFICATE-----
Generated at Sun Apr 27 13:15:13 2025 by rpki-client