Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5BFBCF2D3FA11EFA9390083762E951A.roa
File: D5BFBCF2D3FA11EFA9390083762E951A.roa (raw, json)
Hash identifier: jQtyLZ+W+lQmejZ7iyyoKRT6ECfXQD2XcMojgG2/wT0=
Subject key identifier: C2:E7:D2:DA:0C:AE:6C:F9:A1:6A:24:EB:9D:FC:78:1B:F2:67:71:D1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013BE4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5BFBCF2D3FA11EFA9390083762E951A.roa
Signing time: Thu 16 Jan 2025 11:12:55 +0000
ROA not before: Thu 16 Jan 2025 11:12:52 +0000
ROA not after: Sun 16 Mar 2025 11:12:52 +0000
asID: 17561
IP address blocks: 154.213.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80868 (0x13be4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 16 11:12:52 2025 GMT
Not After : Mar 16 11:12:52 2025 GMT
Subject: CN=6788e9b7-9907
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1c:7b:f1:81:54:96:94:b8:4a:98:01:7f:b3:
52:20:f7:63:b6:20:94:b6:a8:47:b5:2c:96:2a:f6:
d6:cb:bc:19:e8:16:ae:ae:1d:b0:01:cc:3e:6b:83:
18:d6:e2:9f:bf:cd:3f:fa:f5:ff:1b:6e:d7:75:47:
90:67:a1:fc:ae:00:17:15:84:5e:73:7f:c9:a3:46:
4c:28:75:62:c1:4c:15:be:1d:de:57:58:77:bc:ac:
d9:b6:4a:2d:7c:26:c7:1a:48:2d:6a:48:39:3f:54:
f6:2d:e1:b9:9d:fb:35:f2:82:dc:82:58:22:97:7f:
c6:a9:dc:bc:b5:58:3c:06:85:ca:37:ab:2a:13:0e:
28:39:e2:55:90:e9:7f:ef:da:ac:1c:a7:f0:b2:cc:
b5:26:a2:3f:36:c4:e7:6f:ea:07:de:c8:fb:44:ac:
12:57:65:da:05:c5:7f:23:07:67:d1:94:24:ac:e0:
7c:c0:40:5e:1e:5a:70:3f:bd:52:df:72:9a:7a:88:
64:05:ae:e1:49:c7:80:90:6f:7b:6d:e7:9a:fd:99:
e6:c6:13:ee:35:71:d0:39:20:2f:c3:78:5b:f5:1a:
85:6a:6e:ab:02:ad:ce:71:eb:53:59:c0:b2:22:c3:
c4:bc:65:3b:e6:03:9c:d1:ec:7e:fa:a3:19:d3:8b:
48:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:E7:D2:DA:0C:AE:6C:F9:A1:6A:24:EB:9D:FC:78:1B:F2:67:71:D1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5BFBCF2D3FA11EFA9390083762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.20.0/24
Signature Algorithm: sha256WithRSAEncryption
79:d4:3b:bd:2d:09:aa:77:4e:30:a3:a9:06:da:bf:10:96:06:
b3:cc:fb:e5:0c:72:66:22:f7:0f:ab:e8:27:2f:1c:3b:b9:b4:
35:12:06:8e:67:7a:ea:0e:40:ec:98:15:90:08:43:56:71:08:
44:26:16:7b:34:2f:61:25:3d:dd:18:73:0f:88:66:e8:73:52:
d9:68:15:9a:15:9a:62:a1:b6:7d:a2:74:fe:3d:e0:49:0f:8a:
9e:67:a0:a1:4e:3a:20:95:4d:de:52:09:97:43:ed:25:ae:d8:
50:8b:df:96:89:0e:29:4f:e0:36:05:9c:20:35:85:b2:b0:a1:
08:e9:68:c9:56:81:df:cf:e1:21:a5:7e:97:4e:ca:9d:a2:66:
6c:bf:04:ad:6e:31:c6:14:5c:55:00:db:60:4a:bc:89:06:af:
8a:12:86:21:cc:37:8d:6c:5e:aa:66:f1:84:3e:17:ff:fb:b2:
fc:49:df:46:96:b0:80:0f:9c:c8:85:51:94:87:bf:f5:01:ae:
49:a4:10:59:ca:34:2d:f5:f0:03:35:43:3c:98:ad:e9:42:0b:
68:b9:ab:a5:2f:83:64:64:cb:a4:be:0c:0d:e4:1f:ca:50:df:
60:ad:bc:5f:1c:67:41:31:c1:56:d5:1f:c2:b9:b5:fd:61:08:
76:79:bc:d3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATvkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE2MTExMjUyWhcNMjUwMzE2MTExMjUyWjAYMRYw
FAYDVQQDEw02Nzg4ZTliNy05OTA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArhx78YFUlpS4SpgBf7NSIPdjtiCUtqhHtSyWKvbWy7wZ6Baurh2wAcw+
a4MY1uKfv80/+vX/G27XdUeQZ6H8rgAXFYRec3/Jo0ZMKHViwUwVvh3eV1h3vKzZ
tkotfCbHGkgtakg5P1T2LeG5nfs18oLcglgil3/Gqdy8tVg8BoXKN6sqEw4oOeJV
kOl/79qsHKfwssy1JqI/NsTnb+oH3sj7RKwSV2XaBcV/Iwdn0ZQkrOB8wEBeHlpw
P71S33KaeohkBa7hSceAkG97beea/ZnmxhPuNXHQOSAvw3hb9RqFam6rAq3OcetT
WcCyIsPEvGU75gOc0ex++qMZ04tIzwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMLn
0toMrmz5oWok6538eBvyZ3HRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENUJGQkNGMkQzRkExMUVGQTkzOTAwODM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtUUMA0GCSqGSIb3DQEB
CwUAA4IBAQB51Du9LQmqd04wo6kG2r8QlgazzPvlDHJmIvcPq+gnLxw7ubQ1EgaO
Z3rqDkDsmBWQCENWcQhEJhZ7NC9hJT3dGHMPiGboc1LZaBWaFZpiobZ9onT+PeBJ
D4qeZ6ChTjoglU3eUgmXQ+0lrthQi9+WiQ4pT+A2BZwgNYWysKEI6WjJVoHfz+Eh
pX6XTsqdomZsvwStbjHGFFxVANtgSryJBq+KEoYhzDeNbF6qZvGEPhf/+7L8Sd9G
lrCAD5zIhVGUh7/1Aa5JpBBZyjQt9fADNUM8mK3pQgtouaulL4NkZMukvgwN5B/K
UN9grbxfHGdBMcFW1R/CubX9YQh2ebzT
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:45:23 2025 by rpki-client