Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9AE3C76DCA311EF988AA189762E951A.roa
File: B9AE3C76DCA311EF988AA189762E951A.roa (raw, json)
Hash identifier: nN7IYJ0n33Sz49SvFqGQexjluMLDB1kn2V0G4L2MdHo=
Subject key identifier: 60:42:A6:30:F0:E8:51:AE:BF:F1:9C:D4:06:A9:BE:0B:35:EB:A8:75
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014BDF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9AE3C76DCA311EF988AA189762E951A.roa
Signing time: Mon 27 Jan 2025 11:42:03 +0000
ROA not before: Mon 27 Jan 2025 11:41:48 +0000
ROA not after: Sat 08 Feb 2025 11:41:48 +0000
asID: 7018
IP address blocks: 154.198.16.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84959 (0x14bdf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 27 11:41:48 2025 GMT
Not After : Feb 8 11:41:48 2025 GMT
Subject: CN=6797710b-52d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:df:12:34:36:ed:d4:5e:2c:4a:12:ac:6d:a8:
4d:cd:6d:7f:75:ae:e1:3d:fc:d6:ac:58:eb:67:3e:
15:91:5f:3b:de:70:1e:26:5e:63:78:e8:dc:99:27:
5d:c4:24:f4:ab:eb:df:3d:ed:7d:12:43:be:13:7e:
26:06:d0:74:e1:ca:b7:82:08:77:8b:a8:9d:45:64:
8c:d0:39:bc:90:97:a7:40:04:f1:e1:9e:3a:b3:98:
df:ca:9c:5b:94:7a:c4:13:05:33:cd:e2:81:d4:f3:
86:8d:d5:e7:08:53:81:58:53:45:16:c5:95:82:d3:
5f:e7:e4:51:d4:84:43:26:0e:2d:f0:fe:3c:93:e1:
eb:42:f2:a0:89:32:f4:07:2a:5d:33:9b:d4:7b:65:
fe:c6:70:c2:57:77:bf:62:0e:e8:97:9f:53:78:a5:
87:33:df:aa:bc:14:a9:76:75:94:00:58:b1:69:22:
cf:8c:e1:98:b8:89:5c:dc:1a:93:07:f4:0d:bc:85:
c7:0f:cb:71:65:51:3c:c9:f0:ea:9e:96:e6:d6:30:
41:79:df:3f:5b:e3:f0:bc:ac:92:f9:c6:bb:54:80:
4b:b7:96:92:b0:a0:9d:14:16:0f:a4:78:94:71:3d:
a5:58:31:37:38:87:18:bc:0c:07:bb:5e:53:ed:e5:
4a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:42:A6:30:F0:E8:51:AE:BF:F1:9C:D4:06:A9:BE:0B:35:EB:A8:75
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9AE3C76DCA311EF988AA189762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.16.0/20
Signature Algorithm: sha256WithRSAEncryption
52:55:c8:09:29:0b:e6:77:15:ec:76:01:bc:b9:ca:eb:23:62:
67:5a:9b:40:32:7d:98:20:ac:bc:db:b4:58:d8:83:44:03:67:
e8:fa:0a:e1:bf:0d:a8:61:28:a0:3a:7a:e3:5d:7a:6d:e2:bd:
6b:e4:9b:3e:be:31:94:73:e8:97:95:0e:56:db:fb:e7:5f:5f:
b7:b2:96:56:e7:55:ef:09:37:e9:33:08:d0:f7:2a:51:2e:a6:
b4:54:43:2b:7f:5e:60:90:ec:7f:63:29:06:08:f6:7b:fb:27:
b2:9e:0d:c3:a0:1d:15:0b:b1:d5:a7:5b:fd:0c:f8:7e:b3:c2:
f6:be:03:2f:8a:96:72:85:11:4d:b4:f8:ad:d6:67:10:90:7a:
ce:ab:e2:7e:1e:20:99:37:4b:1b:7f:38:b7:46:f1:2d:b3:de:
69:f0:cf:c6:b9:c9:ea:f4:80:76:24:24:48:25:8a:89:68:c6:
39:36:ce:4c:ee:25:29:ac:6d:83:65:90:d1:5e:4f:cf:25:67:
61:97:af:9f:09:24:3e:ee:d6:65:ee:57:f4:ff:89:07:76:b6:
dd:65:f4:55:74:98:3e:f8:9a:28:3e:8b:7b:b3:07:d7:50:9b:
87:74:7f:e7:75:79:c6:a0:52:e3:e1:de:cb:1c:ab:51:46:b9:
65:23:da:42
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUvfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI3MTE0MTQ4WhcNMjUwMjA4MTE0MTQ4WjAYMRYw
FAYDVQQDEw02Nzk3NzEwYi01MmQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwd8SNDbt1F4sShKsbahNzW1/da7hPfzWrFjrZz4VkV873nAeJl5jeOjc
mSddxCT0q+vfPe19EkO+E34mBtB04cq3ggh3i6idRWSM0Dm8kJenQATx4Z46s5jf
ypxblHrEEwUzzeKB1POGjdXnCFOBWFNFFsWVgtNf5+RR1IRDJg4t8P48k+HrQvKg
iTL0BypdM5vUe2X+xnDCV3e/Yg7ol59TeKWHM9+qvBSpdnWUAFixaSLPjOGYuIlc
3BqTB/QNvIXHD8txZVE8yfDqnpbm1jBBed8/W+PwvKyS+ca7VIBLt5aSsKCdFBYP
pHiUcT2lWDE3OIcYvAwHu15T7eVKNQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGBC
pjDw6FGuv/Gc1Aapvgs166h1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9COUFFM0M3NkRDQTMxMUVGOTg4QUExODk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmsYQMA0GCSqGSIb3DQEB
CwUAA4IBAQBSVcgJKQvmdxXsdgG8ucrrI2JnWptAMn2YIKy827RY2INEA2fo+grh
vw2oYSigOnrjXXpt4r1r5Js+vjGUc+iXlQ5W2/vnX1+3spZW51XvCTfpMwjQ9ypR
Lqa0VEMrf15gkOx/YykGCPZ7+yeyng3DoB0VC7HVp1v9DPh+s8L2vgMvipZyhRFN
tPit1mcQkHrOq+J+HiCZN0sbfzi3RvEts95p8M/Gucnq9IB2JCRIJYqJaMY5Ns5M
7iUprG2DZZDRXk/PJWdhl6+fCSQ+7tZl7lf0/4kHdrbdZfRVdJg++JooPot7swfX
UJuHdH/ndXnGoFLj4d7LHKtRRrllI9pC
-----END CERTIFICATE-----
Generated at Fri Apr 25 15:37:18 2025 by rpki-client