Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9EC1F92DC0711EFB92D1F6A762E951A.roa
File: B9EC1F92DC0711EFB92D1F6A762E951A.roa (raw, json)
Hash identifier: p0wZEWG7QsGNHkbEbzfdo1GTK3VeU56zzIOWI2whYMM=
Subject key identifier: 48:AE:CF:2C:CF:CE:48:E5:0B:DA:D7:A3:58:A5:29:33:64:7B:12:02
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014B0C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9EC1F92DC0711EFB92D1F6A762E951A.roa
Signing time: Sun 26 Jan 2025 17:05:21 +0000
ROA not before: Sun 26 Jan 2025 17:05:18 +0000
ROA not after: Thu 20 Feb 2025 17:05:18 +0000
asID: 142062
IP address blocks: 154.86.88.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84748 (0x14b0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 26 17:05:18 2025 GMT
Not After : Feb 20 17:05:18 2025 GMT
Subject: CN=67966b51-534e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:04:50:2b:1d:92:a8:7c:6e:c0:ac:0d:4e:bb:
30:28:3b:c4:93:be:95:fd:14:7a:81:4e:cc:74:5e:
1d:d5:d5:5c:c2:b7:2e:9e:bd:1f:61:3a:ff:56:ba:
ae:45:81:44:93:af:d3:2f:c6:73:f4:c8:3d:c3:ca:
90:de:e3:3f:0d:be:b1:8b:ce:fa:9f:dd:89:85:00:
be:88:f7:29:00:9e:b5:66:00:d7:b4:ce:d9:b6:c8:
fa:30:4e:fe:89:b6:12:0c:db:29:aa:9c:af:6e:35:
45:62:8f:19:4f:20:64:ff:32:e6:5c:d0:c6:7b:90:
b3:13:cb:e4:06:e3:9c:bf:41:3f:cb:68:62:1e:75:
e3:8f:d3:f4:73:bd:28:83:25:42:d4:97:46:c0:5f:
4f:a9:e9:30:27:5d:bd:5c:f0:14:d3:70:b5:f2:12:
18:52:fa:e3:f0:3a:d6:93:42:b6:0f:f5:56:d3:c3:
7e:f3:82:69:90:f7:c0:d7:62:b7:2f:c8:a3:ca:39:
fa:14:a8:11:b6:79:f2:6d:5f:e5:4d:90:4e:e8:9f:
ea:96:59:7e:f7:f3:0e:66:15:bc:1d:1f:9a:ea:7b:
d3:04:a9:ab:a8:b0:6a:71:89:74:fa:ed:e8:31:af:
a9:5a:c9:e6:35:57:bb:0e:2a:83:4d:03:6e:9b:9b:
34:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:AE:CF:2C:CF:CE:48:E5:0B:DA:D7:A3:58:A5:29:33:64:7B:12:02
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9EC1F92DC0711EFB92D1F6A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.88.0/24
Signature Algorithm: sha256WithRSAEncryption
03:84:ce:9e:26:06:bf:3c:e7:16:ec:21:a0:1a:d2:03:fc:e3:
47:2a:b6:4a:93:09:3a:55:ba:0d:9f:a1:cb:7e:ec:53:f7:8e:
b8:bc:7c:33:8a:4e:e0:5d:2f:66:27:fc:46:d2:14:a2:23:64:
fe:66:57:9e:91:76:b1:2d:d8:ec:05:38:ca:dd:2d:6a:8a:62:
3a:ca:60:7c:e9:29:49:18:91:f7:0c:2a:cb:4a:a9:db:26:76:
1d:42:df:1d:6b:89:b5:53:15:01:09:be:f5:e5:b6:35:0e:c4:
3b:23:41:fa:b4:49:b1:7b:8e:7d:3c:b3:69:27:20:50:2e:f8:
c4:51:e7:63:e0:33:e0:e0:35:de:2a:66:10:bb:42:f8:21:ca:
f4:a1:3c:9c:76:ad:65:e9:b7:e5:60:0a:c8:4f:64:75:db:4e:
4d:b8:40:c1:de:25:f8:1e:45:7b:5d:1c:32:31:46:ca:87:ff:
19:ec:ba:3d:f4:ad:a4:53:71:04:f6:75:5b:91:4f:35:e4:32:
cf:a4:e3:28:8a:ef:b1:bc:1b:b2:90:08:b4:40:42:d6:a5:9c:
78:02:1b:aa:5f:9d:38:75:58:f3:2c:03:5b:65:9f:14:ab:c8:
5b:0b:4a:07:fe:9a:4b:60:dc:c7:ef:e4:2e:44:cc:39:58:32:
d3:f9:86:57
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUsMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI2MTcwNTE4WhcNMjUwMjIwMTcwNTE4WjAYMRYw
FAYDVQQDEw02Nzk2NmI1MS01MzRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzQRQKx2SqHxuwKwNTrswKDvEk76V/RR6gU7MdF4d1dVcwrcunr0fYTr/
VrquRYFEk6/TL8Zz9Mg9w8qQ3uM/Db6xi876n92JhQC+iPcpAJ61ZgDXtM7Ztsj6
ME7+ibYSDNspqpyvbjVFYo8ZTyBk/zLmXNDGe5CzE8vkBuOcv0E/y2hiHnXjj9P0
c70ogyVC1JdGwF9PqekwJ129XPAU03C18hIYUvrj8DrWk0K2D/VW08N+84JpkPfA
12K3L8ijyjn6FKgRtnnybV/lTZBO6J/qlll+9/MOZhW8HR+a6nvTBKmrqLBqcYl0
+u3oMa+pWsnmNVe7DiqDTQNum5s0IQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEiu
zyzPzkjlC9rXo1ilKTNkexICMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9COUVDMUY5MkRDMDcxMUVGQjkyRDFGNkE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlZYMA0GCSqGSIb3DQEB
CwUAA4IBAQADhM6eJga/POcW7CGgGtID/ONHKrZKkwk6VboNn6HLfuxT9464vHwz
ik7gXS9mJ/xG0hSiI2T+ZleekXaxLdjsBTjK3S1qimI6ymB86SlJGJH3DCrLSqnb
JnYdQt8da4m1UxUBCb715bY1DsQ7I0H6tEmxe459PLNpJyBQLvjEUedj4DPg4DXe
KmYQu0L4Icr0oTycdq1l6bflYArIT2R1205NuEDB3iX4HkV7XRwyMUbKh/8Z7Lo9
9K2kU3EE9nVbkU815DLPpOMoiu+xvBuykAi0QELWpZx4AhuqX504dVjzLANbZZ8U
q8hbC0oH/ppLYNzH7+QuRMw5WDLT+YZX
-----END CERTIFICATE-----
Generated at Tue Apr 29 00:56:11 2025 by rpki-client