Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C6353F90DC8911EFA094FC5B762E951A.roa
File: C6353F90DC8911EFA094FC5B762E951A.roa (raw, json)
Hash identifier: 78XuEisD3nZdooH+rgO/CFlo7BGNY/CNCHfpt0xwkZY=
Subject key identifier: 95:73:E9:7D:6C:C2:FA:36:2E:4A:C5:7D:AB:E4:F6:B7:F4:33:EF:2C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014B6D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C6353F90DC8911EFA094FC5B762E951A.roa
Signing time: Mon 27 Jan 2025 08:36:17 +0000
ROA not before: Mon 27 Jan 2025 08:36:13 +0000
ROA not after: Sat 08 Feb 2025 08:36:13 +0000
asID: 5065
IP address blocks: 154.198.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84845 (0x14b6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 27 08:36:13 2025 GMT
Not After : Feb 8 08:36:13 2025 GMT
Subject: CN=67974581-42fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:54:a1:18:5e:d8:e2:52:3a:23:65:95:2a:09:
3e:02:03:3f:e4:85:f3:c3:71:13:31:f2:a9:51:3e:
a0:b3:01:41:c7:fa:a0:a7:04:62:3b:80:ea:65:99:
32:50:ed:0b:cd:28:28:90:1b:f1:59:d7:0c:35:c9:
c1:60:11:95:be:66:aa:24:f3:64:b1:58:13:5f:98:
5e:41:06:02:1d:9b:49:c6:8f:89:73:e5:60:7c:d5:
79:8e:d2:4a:4c:ff:b0:89:d2:ab:87:33:a2:55:33:
fe:ef:1d:37:c1:7d:e9:ce:43:c7:57:ac:74:48:b5:
c7:7d:c9:d1:3b:6f:f5:41:71:33:d5:3b:0a:6d:67:
7c:d4:07:91:e9:97:c1:d6:c6:ba:23:43:a3:b4:2e:
36:bf:3b:c0:f7:62:bf:8e:e2:86:94:65:8e:f1:d3:
f4:8c:66:2f:90:0c:8e:c6:60:1c:92:c8:48:29:05:
5e:01:ab:ed:27:3d:d6:73:04:77:de:db:1e:c9:2a:
fa:f6:28:1f:a5:19:e3:96:16:68:5b:1b:c5:28:aa:
18:9c:b4:bb:d7:14:ac:0d:5c:09:41:18:15:6b:85:
69:b9:83:ac:4e:5a:2c:10:02:af:fa:d9:9f:8f:58:
90:05:c3:a1:b1:59:b0:c0:34:81:4e:f1:a0:58:52:
6e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:73:E9:7D:6C:C2:FA:36:2E:4A:C5:7D:AB:E4:F6:B7:F4:33:EF:2C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C6353F90DC8911EFA094FC5B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.21.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:cf:47:61:3d:7f:12:29:0a:94:0a:72:2b:1b:a0:cd:58:30:
2e:52:86:3c:d1:65:79:70:5b:9a:59:f1:a2:38:af:33:1b:69:
e5:86:cb:00:f1:df:d7:24:bc:69:f5:25:86:d7:44:7e:57:50:
0d:84:c1:68:51:50:66:5b:86:f3:b1:b9:8c:33:59:fd:f2:b2:
74:bd:20:95:26:4a:24:43:cb:55:84:c4:89:47:aa:c6:0f:3e:
a4:18:ed:87:3d:98:b3:c7:53:a5:05:9a:f6:33:d5:46:2d:7e:
42:b1:b0:da:43:7a:eb:e4:85:57:7a:f3:68:26:de:e7:5e:85:
65:fa:b8:21:c2:e3:85:be:c8:96:c3:b2:50:63:b8:95:e2:0c:
0b:c9:4d:39:11:c0:c2:f9:10:0e:15:de:bd:b0:7f:35:1e:b0:
80:7c:ee:15:00:40:a5:ca:90:26:85:f3:cb:54:f1:a7:bf:4d:
30:0f:44:ef:78:94:43:0d:2c:95:9b:87:cb:c9:09:0d:98:c8:
7d:d2:15:9a:e9:8f:ae:71:0e:f0:de:6e:9d:50:51:54:42:4b:
d4:e3:86:51:ce:57:ef:07:26:c2:f8:4c:05:59:06:ce:7c:9b:
07:91:ed:71:f1:90:20:1d:65:4d:33:a3:42:51:f0:34:fb:46:
00:24:02:08
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUttMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI3MDgzNjEzWhcNMjUwMjA4MDgzNjEzWjAYMRYw
FAYDVQQDEw02Nzk3NDU4MS00MmZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1VShGF7Y4lI6I2WVKgk+AgM/5IXzw3ETMfKpUT6gswFBx/qgpwRiO4Dq
ZZkyUO0LzSgokBvxWdcMNcnBYBGVvmaqJPNksVgTX5heQQYCHZtJxo+Jc+VgfNV5
jtJKTP+widKrhzOiVTP+7x03wX3pzkPHV6x0SLXHfcnRO2/1QXEz1TsKbWd81AeR
6ZfB1sa6I0OjtC42vzvA92K/juKGlGWO8dP0jGYvkAyOxmAckshIKQVeAavtJz3W
cwR33tseySr69igfpRnjlhZoWxvFKKoYnLS71xSsDVwJQRgVa4VpuYOsTlosEAKv
+tmfj1iQBcOhsVmwwDSBTvGgWFJugQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJVz
6X1swvo2LkrFfavk9rf0M+8sMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNjM1M0Y5MERDODkxMUVGQTA5NEZDNUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsYVMA0GCSqGSIb3DQEB
CwUAA4IBAQCtz0dhPX8SKQqUCnIrG6DNWDAuUoY80WV5cFuaWfGiOK8zG2nlhssA
8d/XJLxp9SWG10R+V1ANhMFoUVBmW4bzsbmMM1n98rJ0vSCVJkokQ8tVhMSJR6rG
Dz6kGO2HPZizx1OlBZr2M9VGLX5CsbDaQ3rr5IVXevNoJt7nXoVl+rghwuOFvsiW
w7JQY7iV4gwLyU05EcDC+RAOFd69sH81HrCAfO4VAEClypAmhfPLVPGnv00wD0Tv
eJRDDSyVm4fLyQkNmMh90hWa6Y+ucQ7w3m6dUFFUQkvU44ZRzlfvBybC+EwFWQbO
fJsHke1x8ZAgHWVNM6NCUfA0+0YAJAII
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:18:20 2025 by rpki-client