Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D50BAB7ED51F11EFBA71D27A762E951A.roa
File: D50BAB7ED51F11EFBA71D27A762E951A.roa (raw, json)
Hash identifier: MmmhCk1OWHnnOePokhdO/7ZCOm6nUYNPvEhlfhn4kh4=
Subject key identifier: 25:4E:52:E6:6F:70:A8:39:CE:2E:B5:4E:B1:8F:94:B2:3B:48:CD:D8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013D5F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D50BAB7ED51F11EFBA71D27A762E951A.roa
Signing time: Fri 17 Jan 2025 22:10:17 +0000
ROA not before: Fri 17 Jan 2025 22:10:13 +0000
ROA not after: Sat 22 Feb 2025 22:10:13 +0000
asID: 139646
IP address blocks: 154.208.16.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81247 (0x13d5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 17 22:10:13 2025 GMT
Not After : Feb 22 22:10:13 2025 GMT
Subject: CN=678ad549-ce60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:da:b8:ca:b8:4a:3b:4b:ef:3c:46:98:ae:a5:
6f:e5:2b:56:bd:74:b0:6d:85:65:4b:17:a2:71:96:
4d:ea:13:db:37:2d:b2:bf:b9:25:c7:0f:20:44:d0:
ca:47:0f:69:ee:5f:0e:a4:3f:84:98:e4:c0:15:2e:
b8:eb:62:70:b8:cf:93:8d:b3:13:22:b3:d2:0b:52:
3e:ec:ff:1a:52:41:ea:90:25:d3:59:49:cf:32:0c:
68:4a:db:cd:0a:aa:d5:50:f7:b3:27:cf:b7:6f:a0:
4c:d1:da:1d:4a:12:e7:fb:06:12:ab:27:d0:9e:eb:
eb:7d:49:7c:c2:50:cd:e5:03:35:b5:4a:48:8b:c4:
24:17:07:a6:4b:c3:c2:fe:80:4c:f6:b7:33:b4:ce:
f2:aa:7f:b9:90:19:71:3a:7e:39:10:c3:e3:63:b1:
27:ac:23:4c:85:43:7b:7c:9c:58:66:2a:d1:fa:fc:
65:fb:bb:c9:15:9c:f5:c7:25:83:b2:fc:27:d7:e7:
30:75:95:f0:44:23:c6:6d:45:8a:b6:b7:72:41:5c:
b6:97:d4:7b:05:1b:c1:06:46:ef:ee:ed:0e:33:5e:
19:5d:de:36:8a:82:36:20:4b:d3:28:41:06:bb:a9:
3d:b1:8e:39:01:3a:7e:ac:5c:c0:d4:7d:ed:59:19:
a2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:4E:52:E6:6F:70:A8:39:CE:2E:B5:4E:B1:8F:94:B2:3B:48:CD:D8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D50BAB7ED51F11EFBA71D27A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.16.0/20
Signature Algorithm: sha256WithRSAEncryption
ae:31:af:d9:63:f6:15:60:65:ed:d4:ae:0d:61:b0:39:20:a6:
9c:f3:39:cf:d4:e5:b4:1a:48:c3:8f:a4:35:97:34:db:8a:d0:
ea:47:48:a0:23:4c:ea:db:4b:55:82:56:7e:f6:9c:69:71:69:
47:0c:98:eb:58:99:15:8d:99:c7:51:cc:d4:0e:d6:50:6d:12:
61:3f:49:29:33:ec:ed:45:d3:2c:b1:25:06:48:a6:34:2b:fb:
7b:b8:ab:f9:ef:ad:1b:cc:c8:a1:50:75:d1:81:44:cb:9e:8b:
92:06:b8:b4:c0:16:10:d0:e8:3a:6f:fd:ca:52:04:5f:22:10:
9a:3f:0a:f4:9f:1c:22:82:c7:96:28:83:4d:87:9b:17:6e:18:
7b:70:2e:3e:8d:68:ab:16:16:29:08:32:67:1b:ef:1f:74:55:
81:ff:75:37:6f:7a:5c:d3:4b:92:f3:31:c9:be:9b:38:5a:01:
aa:16:4e:a6:e4:0d:2c:a5:fd:ee:82:8f:dc:91:eb:7f:fd:60:
cf:ff:a0:f6:fd:f5:c1:68:8e:3b:9a:f0:32:1c:d2:59:b0:64:
a5:19:8a:1d:43:eb:90:25:e5:6c:30:39:eb:a1:10:20:94:0d:
ae:5f:f7:73:fc:59:81:90:b5:e2:64:88:51:72:80:12:5e:bf:
8d:82:51:2a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT1fMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE3MjIxMDEzWhcNMjUwMjIyMjIxMDEzWjAYMRYw
FAYDVQQDEw02NzhhZDU0OS1jZTYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxdq4yrhKO0vvPEaYrqVv5StWvXSwbYVlSxeicZZN6hPbNy2yv7klxw8g
RNDKRw9p7l8OpD+EmOTAFS6462JwuM+TjbMTIrPSC1I+7P8aUkHqkCXTWUnPMgxo
StvNCqrVUPezJ8+3b6BM0dodShLn+wYSqyfQnuvrfUl8wlDN5QM1tUpIi8QkFwem
S8PC/oBM9rcztM7yqn+5kBlxOn45EMPjY7EnrCNMhUN7fJxYZirR+vxl+7vJFZz1
xyWDsvwn1+cwdZXwRCPGbUWKtrdyQVy2l9R7BRvBBkbv7u0OM14ZXd42ioI2IEvT
KEEGu6k9sY45ATp+rFzA1H3tWRmiAQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCVO
UuZvcKg5zi61TrGPlLI7SM3YMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENTBCQUI3RUQ1MUYxMUVGQkE3MUQyN0E3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtAQMA0GCSqGSIb3DQEB
CwUAA4IBAQCuMa/ZY/YVYGXt1K4NYbA5IKac8znP1OW0GkjDj6Q1lzTbitDqR0ig
I0zq20tVglZ+9pxpcWlHDJjrWJkVjZnHUczUDtZQbRJhP0kpM+ztRdMssSUGSKY0
K/t7uKv5760bzMihUHXRgUTLnouSBri0wBYQ0Og6b/3KUgRfIhCaPwr0nxwigseW
KINNh5sXbhh7cC4+jWirFhYpCDJnG+8fdFWB/3U3b3pc00uS8zHJvps4WgGqFk6m
5A0spf3ugo/cket//WDP/6D2/fXBaI47mvAyHNJZsGSlGYodQ+uQJeVsMDnroRAg
lA2uX/dz/FmBkLXiZIhRcoASXr+NglEq
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:11:33 2025 by rpki-client