Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA391B58DBD011EFBD17F97B762E951A.roa
File: BA391B58DBD011EFBD17F97B762E951A.roa (raw, json)
Hash identifier: LYZy0iBcxmuCs8bDPCOenh2K9EK0P7ToHZo8M6g8ZII=
Subject key identifier: 83:5E:95:0C:D4:23:7F:76:73:AE:5D:23:5C:A4:A2:D0:F6:DE:3D:E4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014A71
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA391B58DBD011EFBD17F97B762E951A.roa
Signing time: Sun 26 Jan 2025 10:31:40 +0000
ROA not before: Sun 26 Jan 2025 10:31:35 +0000
ROA not after: Sat 22 Feb 2025 10:31:35 +0000
asID: 202736
IP address blocks: 154.88.53.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84593 (0x14a71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 26 10:31:35 2025 GMT
Not After : Feb 22 10:31:35 2025 GMT
Subject: CN=67960f0c-0c4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:54:79:75:8a:4c:aa:c3:1c:24:b6:d0:fb:ae:
62:ab:42:be:bd:71:ff:13:6e:fe:75:b1:53:5c:a4:
0e:1c:12:68:0c:d1:64:63:e1:53:fb:61:c5:ed:0e:
2c:1e:ed:9a:b6:54:1b:81:5e:f4:62:06:4e:43:6c:
4d:74:cb:b0:c7:17:20:98:1e:50:ea:2d:d5:58:4f:
7b:60:07:07:5b:ed:72:b9:87:e5:da:85:37:84:28:
8a:8b:97:da:0c:1d:ad:56:a6:1c:50:6c:9c:f5:6f:
3d:d2:da:a6:8b:0d:c4:08:df:5c:e3:f3:cd:d7:e3:
3a:99:8e:d8:ef:a9:c0:be:cb:95:40:46:8b:99:04:
95:cd:d3:8f:b2:dc:13:23:db:62:4e:9e:6e:1f:5e:
90:d4:a7:b0:c3:35:19:50:e5:03:5b:71:66:66:4d:
43:df:fb:00:97:c9:fe:e9:8c:23:89:81:37:9f:fe:
4d:95:2c:a1:e9:66:e9:dc:a4:26:b6:bb:0f:16:ed:
68:6d:c1:32:84:e4:c1:fa:ab:4b:a8:5c:54:1e:ca:
a3:f5:b4:d3:56:08:ce:27:3a:41:5f:8a:db:cd:a2:
5b:65:2f:e6:45:ee:88:8b:f3:c3:a0:84:f0:1f:6f:
79:5d:35:fe:a8:cb:6f:23:99:6c:0f:87:af:cd:a8:
15:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:5E:95:0C:D4:23:7F:76:73:AE:5D:23:5C:A4:A2:D0:F6:DE:3D:E4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA391B58DBD011EFBD17F97B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.53.0/24
Signature Algorithm: sha256WithRSAEncryption
10:75:0c:3f:f9:da:9b:27:ef:c0:f5:0f:b0:b7:69:0e:bc:fc:
c0:a1:5b:06:c9:e9:47:53:38:3a:be:0f:51:7c:6b:51:2e:53:
e3:7f:e6:ec:f1:e8:02:26:c1:d8:13:01:24:7b:84:c3:e3:a7:
8a:c2:a5:b2:5b:6b:fb:ce:2d:f1:ac:de:50:73:39:db:9e:da:
73:5d:c4:1c:bc:a7:50:a0:d8:34:b9:92:5e:ea:31:03:15:1a:
84:16:08:e5:bb:77:ea:1c:af:e9:00:1c:7b:ca:21:8d:a2:25:
45:42:d9:a7:fb:f7:8d:eb:2f:6f:15:8a:bf:c5:f4:bc:08:7f:
21:5d:f5:99:3b:ad:69:62:19:27:11:8b:86:25:9d:2f:72:3a:
c0:1f:b7:fd:a6:95:1a:75:13:37:9c:15:cc:58:6f:42:70:5e:
41:7d:04:85:38:98:7a:14:96:34:97:15:f3:0f:2b:36:7e:3f:
42:b5:55:45:84:9b:9a:b8:14:96:a0:53:d0:bd:cd:4a:e9:9f:
8e:1a:06:b4:8a:3e:af:4b:8d:55:9e:b3:69:2a:e6:3d:21:f7:
7c:a2:55:68:89:94:cf:bc:ee:d7:e3:dd:74:34:b6:2a:f4:91:
bd:54:81:de:3d:d7:54:02:e2:38:d3:16:c8:48:09:a3:cd:64:
b8:12:2d:c4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUpxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI2MTAzMTM1WhcNMjUwMjIyMTAzMTM1WjAYMRYw
FAYDVQQDEw02Nzk2MGYwYy0wYzRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvVR5dYpMqsMcJLbQ+65iq0K+vXH/E27+dbFTXKQOHBJoDNFkY+FT+2HF
7Q4sHu2atlQbgV70YgZOQ2xNdMuwxxcgmB5Q6i3VWE97YAcHW+1yuYfl2oU3hCiK
i5faDB2tVqYcUGyc9W890tqmiw3ECN9c4/PN1+M6mY7Y76nAvsuVQEaLmQSVzdOP
stwTI9tiTp5uH16Q1KewwzUZUOUDW3FmZk1D3/sAl8n+6YwjiYE3n/5NlSyh6Wbp
3KQmtrsPFu1obcEyhOTB+qtLqFxUHsqj9bTTVgjOJzpBX4rbzaJbZS/mRe6Ii/PD
oITwH295XTX+qMtvI5lsD4evzagVTQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFINe
lQzUI392c65dI1ykotD23j3kMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQTM5MUI1OERCRDAxMUVGQkQxN0Y5N0I3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlg1MA0GCSqGSIb3DQEB
CwUAA4IBAQAQdQw/+dqbJ+/A9Q+wt2kOvPzAoVsGyelHUzg6vg9RfGtRLlPjf+bs
8egCJsHYEwEke4TD46eKwqWyW2v7zi3xrN5QcznbntpzXcQcvKdQoNg0uZJe6jED
FRqEFgjlu3fqHK/pABx7yiGNoiVFQtmn+/eN6y9vFYq/xfS8CH8hXfWZO61pYhkn
EYuGJZ0vcjrAH7f9ppUadRM3nBXMWG9CcF5BfQSFOJh6FJY0lxXzDys2fj9CtVVF
hJuauBSWoFPQvc1K6Z+OGga0ij6vS41VnrNpKuY9Ifd8olVoiZTPvO7X4910NLYq
9JG9VIHePddUAuI40xbISAmjzWS4Ei3E
-----END CERTIFICATE-----
Generated at Tue Apr 29 01:01:31 2025 by rpki-client