Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9EB420ADCBC11EF9595F6AF762E951A.roa
File: C9EB420ADCBC11EF9595F6AF762E951A.roa (raw, json)
Hash identifier: V8Yd6uQj4qvKY4pWPWVAciul/QREaTYMHHTopHe1DcU=
Subject key identifier: 31:4F:8C:B8:5F:7F:51:97:64:F9:1B:58:FE:AE:FA:F7:B3:54:43:59
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014C1D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9EB420ADCBC11EF9595F6AF762E951A.roa
Signing time: Mon 27 Jan 2025 14:41:27 +0000
ROA not before: Mon 27 Jan 2025 14:41:23 +0000
ROA not after: Sat 08 Feb 2025 14:41:23 +0000
asID: 133180
IP address blocks: 154.194.128.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85021 (0x14c1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 27 14:41:23 2025 GMT
Not After : Feb 8 14:41:23 2025 GMT
Subject: CN=67979b17-9a3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f6:d2:70:3f:e0:97:2f:9f:27:bd:88:25:8d:
4b:86:5a:68:f0:1b:6b:70:40:22:c8:bb:01:48:a2:
5c:be:2b:8e:e3:a1:e9:6c:57:2f:eb:39:30:f6:e7:
3d:3f:70:e8:b4:ea:4f:e5:5c:54:81:30:21:ad:12:
64:ef:e1:5c:bd:82:44:79:08:54:c8:9d:22:b3:50:
56:03:8c:7d:48:c2:8f:7c:50:e8:b3:8c:9d:1f:68:
3c:52:12:a3:93:53:2c:a7:3a:b8:f9:29:6d:75:75:
9d:46:57:5b:a5:5f:21:14:9f:c4:51:14:b2:26:cf:
3d:92:a8:71:62:6f:65:05:67:03:dc:84:33:27:62:
bc:24:a0:5a:7b:8f:7d:bd:6a:90:3e:19:2c:43:36:
04:de:a2:f3:ba:cf:4f:3c:cf:62:96:a4:66:fb:af:
0f:a6:f4:7d:fd:33:5c:99:0f:4a:80:c6:2d:a6:6e:
3f:d9:59:34:3f:68:d3:bd:45:1e:c5:ea:0b:90:bd:
e7:3a:a5:c0:8c:08:e6:e2:a4:62:f1:81:94:a3:d3:
30:98:4b:18:54:74:b6:65:d6:0a:31:45:bd:4e:38:
ec:26:2f:ed:25:49:6b:a4:71:00:16:0a:d7:51:c8:
52:07:0f:61:52:e8:de:9e:77:d7:ed:d4:2f:25:8f:
bb:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:4F:8C:B8:5F:7F:51:97:64:F9:1B:58:FE:AE:FA:F7:B3:54:43:59
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9EB420ADCBC11EF9595F6AF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.128.0/18
Signature Algorithm: sha256WithRSAEncryption
59:73:4c:70:f5:06:f5:70:a3:3f:1d:b3:8d:d5:2e:27:86:5d:
03:a9:de:d3:5e:36:8b:c8:5e:41:09:b5:2d:9a:51:85:d6:19:
62:c0:ec:51:8c:da:97:7e:21:43:18:90:bb:b9:ae:83:9b:0a:
a4:d0:98:1f:30:32:d2:81:53:ce:4a:4e:aa:57:6f:44:0b:dc:
42:ad:07:81:d6:39:d5:62:b9:31:1b:4b:38:04:cd:06:d1:c3:
b7:03:b4:ff:60:10:72:24:22:8e:e1:26:8a:99:71:df:0c:3e:
ce:e7:ac:11:eb:b5:55:1f:a0:3a:6d:d7:ca:03:04:eb:e5:3d:
c3:40:92:d1:3c:49:97:cd:b7:97:6c:26:22:7b:c1:e2:26:af:
bf:f4:fa:f4:9b:06:7a:bd:de:67:8a:b2:d2:ec:1c:47:38:83:
2c:fd:ab:74:2e:1c:70:60:3b:00:53:b7:ef:35:f3:e1:7b:60:
12:cf:94:39:13:2a:3c:48:25:9b:a2:63:f5:1d:42:2d:fa:86:
19:66:c0:4c:f3:45:f1:88:32:68:62:6d:6d:ae:d5:b7:96:25:
f2:8b:5c:27:92:de:f8:ee:c9:ed:72:95:eb:09:62:ab:f7:33:
9e:2c:8d:ab:0b:47:40:e5:84:2a:0f:04:ee:78:60:49:9d:4f:
12:68:c3:dd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUwdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI3MTQ0MTIzWhcNMjUwMjA4MTQ0MTIzWjAYMRYw
FAYDVQQDEw02Nzk3OWIxNy05YTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr/bScD/gly+fJ72IJY1Lhlpo8BtrcEAiyLsBSKJcviuO46HpbFcv6zkw
9uc9P3DotOpP5VxUgTAhrRJk7+FcvYJEeQhUyJ0is1BWA4x9SMKPfFDos4ydH2g8
UhKjk1Mspzq4+SltdXWdRldbpV8hFJ/EURSyJs89kqhxYm9lBWcD3IQzJ2K8JKBa
e499vWqQPhksQzYE3qLzus9PPM9ilqRm+68PpvR9/TNcmQ9KgMYtpm4/2Vk0P2jT
vUUexeoLkL3nOqXAjAjm4qRi8YGUo9MwmEsYVHS2ZdYKMUW9TjjsJi/tJUlrpHEA
FgrXUchSBw9hUujennfX7dQvJY+75QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDFP
jLhff1GXZPkbWP6u+vezVENZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DOUVCNDIwQURDQkMxMUVGOTU5NUY2QUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmsKAMA0GCSqGSIb3DQEB
CwUAA4IBAQBZc0xw9Qb1cKM/HbON1S4nhl0Dqd7TXjaLyF5BCbUtmlGF1hliwOxR
jNqXfiFDGJC7ua6Dmwqk0JgfMDLSgVPOSk6qV29EC9xCrQeB1jnVYrkxG0s4BM0G
0cO3A7T/YBByJCKO4SaKmXHfDD7O56wR67VVH6A6bdfKAwTr5T3DQJLRPEmXzbeX
bCYie8HiJq+/9Pr0mwZ6vd5nirLS7BxHOIMs/at0LhxwYDsAU7fvNfPhe2ASz5Q5
Eyo8SCWbomP1HUIt+oYZZsBM80XxiDJoYm1trtW3liXyi1wnkt747sntcpXrCWKr
9zOeLI2rC0dA5YQqDwTueGBJnU8SaMPd
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:42:17 2025 by rpki-client