Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0D5B592BB7811EF8C69799A762E951A.roa
File: D0D5B592BB7811EF8C69799A762E951A.roa (raw, json)
Hash identifier: AuAaoTWQlVtHTdrXIVEGM8IPqBn2/iGi0oPLza72YV8=
Subject key identifier: 7C:13:89:6A:99:E3:86:09:18:4D:F7:72:82:C5:79:AB:4D:BE:77:3C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011B9A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0D5B592BB7811EF8C69799A762E951A.roa
Signing time: Mon 16 Dec 2024 06:41:45 +0000
ROA not before: Mon 16 Dec 2024 06:41:41 +0000
ROA not after: Tue 04 Mar 2025 06:41:41 +0000
asID: 138152
IP address blocks: 154.94.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72602 (0x11b9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Dec 16 06:41:41 2024 GMT
Not After : Mar 4 06:41:41 2025 GMT
Subject: CN=675fcba8-b1f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:5b:35:44:4a:18:eb:c9:f6:fb:6e:e2:53:98:
90:5a:1f:40:f7:e3:07:fe:d3:b7:f9:ab:75:a7:36:
1d:ce:bb:44:f9:67:1b:49:ae:c1:45:5c:3b:f7:9c:
de:02:21:12:c2:34:db:75:eb:64:f6:64:3e:91:51:
98:e8:11:3c:46:9f:8c:01:c4:bd:7c:99:c7:82:f5:
bb:4a:69:7c:4d:3a:30:a3:29:c7:5b:81:b5:a7:5e:
09:e2:e5:19:dd:ec:38:29:35:3a:72:4e:00:c9:49:
72:83:db:5c:5c:84:db:7c:00:05:d2:fa:c0:97:07:
ff:94:66:7b:da:52:c6:9f:14:3b:90:22:f1:f4:b1:
fe:30:05:2e:ec:3f:b9:49:09:e1:92:cf:9e:72:01:
3f:e8:27:4c:cf:7f:66:29:d4:4a:c2:53:3e:b9:71:
b0:8b:2d:21:1d:01:a4:49:95:a3:c2:f7:91:22:b8:
2e:60:a1:0f:bb:ce:12:8c:58:dc:4d:28:42:72:b5:
89:c8:d0:99:00:3d:ed:42:32:db:b8:e1:51:bb:9a:
ad:7a:74:27:f8:90:3a:81:6f:60:22:2c:98:94:87:
fb:43:8a:ab:96:0b:8f:6a:a7:38:ec:d7:05:79:f8:
c3:3d:2e:46:9f:e5:07:d8:c6:88:ff:ae:1b:ed:67:
13:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:13:89:6A:99:E3:86:09:18:4D:F7:72:82:C5:79:AB:4D:BE:77:3C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0D5B592BB7811EF8C69799A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.4.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:02:65:22:7b:c9:3e:ce:f7:50:74:f6:e4:03:3c:25:3c:1f:
d8:1a:1a:70:7a:1c:a2:92:0b:b3:dc:75:a2:b0:37:be:7b:06:
0e:c8:8c:1b:9c:60:00:30:c5:56:51:73:62:08:95:fb:0a:83:
53:1e:1e:91:c6:58:c7:06:ef:f1:45:8e:90:3c:dc:20:e8:db:
8c:ff:f9:8d:50:87:01:9a:60:0c:a2:60:00:68:11:d8:c6:98:
13:55:6f:7f:d1:4a:a6:15:2e:be:1f:6a:26:09:0b:9c:11:36:
96:91:5a:5f:98:15:88:dd:7e:b7:d3:14:39:0a:d5:c6:9d:a2:
d2:ba:e6:17:70:99:e7:58:bf:28:97:40:89:f2:42:ac:f6:66:
f5:19:f6:29:46:c9:86:51:58:a4:46:5b:94:79:ea:fe:8c:fc:
4a:84:23:a3:82:63:f3:e1:8b:50:dc:ae:25:fe:41:2c:53:bf:
76:8b:15:23:19:35:58:7e:9c:80:8f:7f:4d:a3:13:f8:83:ed:
e3:2c:86:8d:b0:d2:f6:26:2e:47:aa:22:6e:04:96:0a:6f:88:
5d:c3:6c:a3:92:d4:42:ec:b9:aa:e4:96:7f:f1:57:91:c1:0f:
26:5e:0a:1f:27:45:44:c2:36:e5:c7:42:03:87:fd:46:15:12:
08:7d:75:de
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARuaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjE2MDY0MTQxWhcNMjUwMzA0MDY0MTQxWjAYMRYw
FAYDVQQDEw02NzVmY2JhOC1iMWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA01s1REoY68n2+27iU5iQWh9A9+MH/tO3+at1pzYdzrtE+WcbSa7BRVw7
95zeAiESwjTbdetk9mQ+kVGY6BE8Rp+MAcS9fJnHgvW7Sml8TTowoynHW4G1p14J
4uUZ3ew4KTU6ck4AyUlyg9tcXITbfAAF0vrAlwf/lGZ72lLGnxQ7kCLx9LH+MAUu
7D+5SQnhks+ecgE/6CdMz39mKdRKwlM+uXGwiy0hHQGkSZWjwveRIrguYKEPu84S
jFjcTShCcrWJyNCZAD3tQjLbuOFRu5qtenQn+JA6gW9gIiyYlIf7Q4qrlguPaqc4
7NcFefjDPS5Gn+UH2MaI/64b7WcTawIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHwT
iWqZ44YJGE33coLFeatNvnc8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMEQ1QjU5MkJCNzgxMUVGOEM2OTc5OUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4EMA0GCSqGSIb3DQEB
CwUAA4IBAQCrAmUie8k+zvdQdPbkAzwlPB/YGhpwehyikguz3HWisDe+ewYOyIwb
nGAAMMVWUXNiCJX7CoNTHh6RxljHBu/xRY6QPNwg6NuM//mNUIcBmmAMomAAaBHY
xpgTVW9/0UqmFS6+H2omCQucETaWkVpfmBWI3X630xQ5CtXGnaLSuuYXcJnnWL8o
l0CJ8kKs9mb1GfYpRsmGUVikRluUeer+jPxKhCOjgmPz4YtQ3K4l/kEsU792ixUj
GTVYfpyAj39NoxP4g+3jLIaNsNL2Ji5HqiJuBJYKb4hdw2yjktRC7Lmq5JZ/8VeR
wQ8mXgofJ0VEwjblx0IDh/1GFRIIfXXe
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:47:35 2025 by rpki-client