Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BBEABDC4D51511EFBE2A8EB7762E951A.roa
File: BBEABDC4D51511EFBE2A8EB7762E951A.roa (raw, json)
Hash identifier: 7a+b6woHAoPrYciOh90VurodW06fo8fsCxGnPA5tjC4=
Subject key identifier: AC:F8:66:28:F9:F8:27:8E:83:33:7D:DD:DA:03:84:F5:A2:38:E4:3C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013D4B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BBEABDC4D51511EFBE2A8EB7762E951A.roa
Signing time: Fri 17 Jan 2025 20:57:59 +0000
ROA not before: Fri 17 Jan 2025 20:57:56 +0000
ROA not after: Sat 01 Feb 2025 20:57:56 +0000
asID: 139646
IP address blocks: 154.91.224.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81227 (0x13d4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 17 20:57:56 2025 GMT
Not After : Feb 1 20:57:56 2025 GMT
Subject: CN=678ac457-dc58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fb:27:3c:5b:3c:66:5a:f0:b8:5f:61:31:f3:
62:a2:27:d9:c1:7a:8f:75:cb:f0:8a:0a:11:73:24:
58:97:d2:4c:a9:9c:ec:d8:7b:ba:aa:e8:3b:76:08:
6e:76:a2:fa:b6:f5:9a:a3:2a:af:20:ab:d0:5c:e9:
ce:ba:d6:0b:ac:f1:31:9b:49:b5:51:20:f8:0c:9c:
ca:17:c6:28:3b:2d:4d:3d:aa:29:c5:6e:53:0a:94:
5e:7f:36:02:07:fa:7b:70:e5:69:f1:4d:04:52:a2:
26:81:b0:c6:58:4d:2f:ce:46:ac:44:0e:dd:77:2b:
db:61:81:b3:c1:58:0c:c9:7b:d4:10:44:da:14:83:
c4:50:db:8b:f2:8e:ce:65:be:74:21:bb:a9:65:53:
10:85:f5:db:e3:77:a5:25:5f:96:ed:5b:98:21:21:
be:7f:78:c9:a7:58:c8:1e:42:f5:61:6c:b4:8a:11:
95:8d:fc:c4:c7:cd:b3:41:85:32:3b:24:af:62:61:
30:69:11:96:8e:1c:06:4f:18:c6:a8:2a:80:c7:0c:
aa:30:4e:3a:02:e3:3b:3b:b6:d2:7a:60:07:bc:8f:
2e:b4:a7:94:4f:57:72:75:59:e8:89:ba:6e:ac:b8:
50:9b:cd:de:fb:01:26:9e:a2:e9:9f:7c:83:5d:98:
51:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:F8:66:28:F9:F8:27:8E:83:33:7D:DD:DA:03:84:F5:A2:38:E4:3C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BBEABDC4D51511EFBE2A8EB7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.224.0/19
Signature Algorithm: sha256WithRSAEncryption
33:34:fe:01:c3:e3:82:59:6e:3a:09:a9:34:ce:94:33:ed:50:
c9:58:93:25:7b:0d:91:4a:4e:4b:0d:01:0d:9f:86:7f:a9:8c:
86:89:49:b9:eb:ea:c6:17:9a:0e:15:af:f3:55:a9:3c:f0:2c:
1b:01:4e:ab:48:66:4d:00:77:29:61:86:bf:ef:b6:92:a8:1b:
e8:7d:74:7c:ab:61:c3:93:de:3c:7d:e6:62:92:b7:ec:b9:dd:
8a:18:b6:02:db:7d:31:0b:99:4a:cb:31:c1:3d:10:ad:df:95:
92:00:a2:9b:3d:18:46:cc:5c:b8:58:2d:00:22:51:7b:2d:a8:
04:ad:94:19:3b:2d:d1:9c:9f:2f:c0:e4:b3:4e:f7:16:68:b3:
be:a6:97:ee:78:fa:67:97:e8:1d:b1:c6:d0:53:47:9b:30:24:
e8:cd:b9:4e:74:48:c8:cf:39:7b:69:4b:1f:46:7b:72:7d:d6:
cf:e6:ca:0a:c6:c1:25:93:f2:9d:e4:e8:6f:c7:92:69:9d:46:
72:8b:b2:30:41:09:06:66:5b:c1:21:30:96:d4:ea:c1:75:bf:
4a:eb:d8:5f:de:6d:b8:96:a4:09:86:c5:2b:37:61:7e:19:18:
9e:92:8d:27:33:ff:a6:cf:f3:07:2c:f3:86:ad:a1:2b:00:f7:
0c:c7:0e:4b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT1LMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE3MjA1NzU2WhcNMjUwMjAxMjA1NzU2WjAYMRYw
FAYDVQQDEw02NzhhYzQ1Ny1kYzU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn/snPFs8ZlrwuF9hMfNioifZwXqPdcvwigoRcyRYl9JMqZzs2Hu6qug7
dghudqL6tvWaoyqvIKvQXOnOutYLrPExm0m1USD4DJzKF8YoOy1NPaopxW5TCpRe
fzYCB/p7cOVp8U0EUqImgbDGWE0vzkasRA7ddyvbYYGzwVgMyXvUEETaFIPEUNuL
8o7OZb50IbupZVMQhfXb43elJV+W7VuYISG+f3jJp1jIHkL1YWy0ihGVjfzEx82z
QYUyOySvYmEwaRGWjhwGTxjGqCqAxwyqME46AuM7O7bSemAHvI8utKeUT1dydVno
ibpurLhQm83e+wEmnqLpn3yDXZhRuwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKz4
Zij5+CeOgzN93doDhPWiOOQ8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQkVBQkRDNEQ1MTUxMUVGQkUyQThFQjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlvgMA0GCSqGSIb3DQEB
CwUAA4IBAQAzNP4Bw+OCWW46Cak0zpQz7VDJWJMlew2RSk5LDQENn4Z/qYyGiUm5
6+rGF5oOFa/zVak88CwbAU6rSGZNAHcpYYa/77aSqBvofXR8q2HDk948feZikrfs
ud2KGLYC230xC5lKyzHBPRCt35WSAKKbPRhGzFy4WC0AIlF7LagErZQZOy3RnJ8v
wOSzTvcWaLO+ppfuePpnl+gdscbQU0ebMCTozblOdEjIzzl7aUsfRntyfdbP5soK
xsElk/Kd5Ohvx5JpnUZyi7IwQQkGZlvBITCW1OrBdb9K69hf3m24lqQJhsUrN2F+
GRieko0nM/+mz/MHLPOGraErAPcMxw5L
-----END CERTIFICATE-----
Generated at Sun Apr 27 07:22:02 2025 by rpki-client