Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B6F1D886DE2311EFA096FBAB762E951A.roa
File: B6F1D886DE2311EFA096FBAB762E951A.roa (raw, json)
Hash identifier: eauhjwkIHt7W2Ez9uR6d5w1UBLmhiwnNpGA+omLrk4c=
Subject key identifier: 95:51:C9:49:18:21:A4:95:FE:29:C6:DA:3C:F6:29:FA:AE:7D:44:6C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014D64
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B6F1D886DE2311EFA096FBAB762E951A.roa
Signing time: Wed 29 Jan 2025 09:30:45 +0000
ROA not before: Wed 29 Jan 2025 09:30:41 +0000
ROA not after: Wed 05 Mar 2025 09:30:41 +0000
asID: 203020
IP address blocks: 154.207.240.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85348 (0x14d64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 29 09:30:41 2025 GMT
Not After : Mar 5 09:30:41 2025 GMT
Subject: CN=6799f545-4901
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:69:3b:e4:d9:a8:00:12:24:48:05:37:49:79:
cf:26:e6:01:67:4f:2f:2f:7c:7e:f4:ea:d5:c6:fd:
90:f3:2e:82:a2:c9:58:e4:e7:7d:1b:d7:55:d3:40:
45:0b:c4:57:e9:2d:08:7d:18:bb:04:55:34:53:0b:
a5:3c:3c:5a:9f:be:4a:6d:1f:8e:cd:31:bf:48:eb:
22:41:f4:dd:fc:99:bd:a4:1f:b5:e0:3b:c4:3b:67:
bf:42:8a:dc:fa:88:c9:c3:66:5c:b0:67:44:7b:ac:
6b:5c:f5:fd:e4:d9:33:97:c8:6d:25:00:af:cc:6a:
a7:ed:43:fe:41:3a:f0:18:b1:ed:da:42:5a:f0:ca:
f2:08:05:50:ce:a0:c5:37:35:fb:77:01:ea:0d:aa:
ac:e9:9f:27:56:af:bc:6b:c0:05:fc:6a:1b:c3:9e:
87:d1:65:18:0e:0d:93:ab:1a:ae:0c:d3:30:61:d2:
41:7d:3f:4c:3b:00:63:cb:0a:e1:da:3a:32:ae:74:
6e:26:ff:44:3e:79:3d:5f:11:fe:bb:6b:b0:e7:2d:
31:d8:34:ba:b7:5e:8c:87:9e:17:16:fc:30:89:16:
22:29:66:7e:24:43:fe:ef:73:f7:79:68:48:15:0d:
f6:7a:d8:82:65:fb:48:18:17:02:2b:76:f4:35:b8:
2b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:51:C9:49:18:21:A4:95:FE:29:C6:DA:3C:F6:29:FA:AE:7D:44:6C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B6F1D886DE2311EFA096FBAB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.240.0/21
Signature Algorithm: sha256WithRSAEncryption
0e:f1:47:ad:b5:48:fa:a0:df:7b:31:af:b0:9c:43:fa:2d:e0:
3d:d4:12:85:44:64:40:f9:28:61:b6:a9:31:1c:19:16:17:44:
5c:25:2f:68:cc:ff:4e:d8:bb:d0:f4:bf:43:67:f3:05:39:f0:
1c:56:5b:c4:03:d7:35:43:1e:b6:55:0b:a3:81:a6:28:89:88:
42:56:12:62:45:46:2e:70:1a:6f:99:1c:a9:5a:bc:60:c7:7c:
8b:5f:a5:dd:bb:43:ad:b6:29:ab:fd:0f:6a:cd:86:0c:ac:d9:
6c:8e:60:17:dd:df:84:1a:18:1b:3a:a6:df:6b:42:fc:eb:ec:
f5:62:d0:cb:d7:1b:95:5c:53:7e:c5:a6:c9:9c:f9:90:78:0d:
a2:1b:51:db:4c:d2:75:ee:a3:36:6d:b3:75:7a:0a:60:f6:13:
b9:b6:97:9f:f8:b0:0c:88:72:ad:10:a4:a4:58:d0:15:ab:55:
bf:a9:0d:5f:92:d1:84:b9:3d:cc:b7:3a:0e:c6:72:be:84:86:
f5:43:2c:ec:8a:50:57:4a:98:89:bf:ee:c0:7f:94:d4:28:74:
d4:94:9e:93:b2:78:56:cf:0d:43:5a:75:82:f0:80:92:af:68:
7d:e4:ee:0f:f9:ba:cd:0f:0f:53:53:ec:ee:f0:53:46:ae:af:
22:97:36:da
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAU1kMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI5MDkzMDQxWhcNMjUwMzA1MDkzMDQxWjAYMRYw
FAYDVQQDEw02Nzk5ZjU0NS00OTAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx2k75NmoABIkSAU3SXnPJuYBZ08vL3x+9OrVxv2Q8y6CoslY5Od9G9dV
00BFC8RX6S0IfRi7BFU0UwulPDxan75KbR+OzTG/SOsiQfTd/Jm9pB+14DvEO2e/
Qorc+ojJw2ZcsGdEe6xrXPX95Nkzl8htJQCvzGqn7UP+QTrwGLHt2kJa8MryCAVQ
zqDFNzX7dwHqDaqs6Z8nVq+8a8AF/Gobw56H0WUYDg2TqxquDNMwYdJBfT9MOwBj
ywrh2joyrnRuJv9EPnk9XxH+u2uw5y0x2DS6t16Mh54XFvwwiRYiKWZ+JEP+73P3
eWhIFQ32etiCZftIGBcCK3b0NbgrcQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJVR
yUkYIaSV/inG2jz2KfqufURsMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNkYxRDg4NkRFMjMxMUVGQTA5NkZCQUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDms/wMA0GCSqGSIb3DQEB
CwUAA4IBAQAO8UettUj6oN97Ma+wnEP6LeA91BKFRGRA+ShhtqkxHBkWF0RcJS9o
zP9O2LvQ9L9DZ/MFOfAcVlvEA9c1Qx62VQujgaYoiYhCVhJiRUYucBpvmRypWrxg
x3yLX6Xdu0Ottimr/Q9qzYYMrNlsjmAX3d+EGhgbOqbfa0L86+z1YtDL1xuVXFN+
xabJnPmQeA2iG1HbTNJ17qM2bbN1egpg9hO5tpef+LAMiHKtEKSkWNAVq1W/qQ1f
ktGEuT3MtzoOxnK+hIb1QyzsilBXSpiJv+7Af5TUKHTUlJ6TsnhWzw1DWnWC8ICS
r2h95O4P+brNDw9TU+zu8FNGrq8ilzba
-----END CERTIFICATE-----
Generated at Fri Apr 25 17:03:53 2025 by rpki-client