Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5D88464DA5111EF99162F5F762E951A.roa
File: D5D88464DA5111EF99162F5F762E951A.roa (raw, json)
Hash identifier: NeEVXIKUDTfL7pPd7Fs3eil+02CM0yxYkUpIJT/BwZU=
Subject key identifier: 04:90:AD:B0:B9:AE:A6:D1:87:63:7E:69:D8:DB:8A:9A:91:2E:37:33
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01470F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5D88464DA5111EF99162F5F762E951A.roa
Signing time: Fri 24 Jan 2025 12:50:49 +0000
ROA not before: Fri 24 Jan 2025 12:50:45 +0000
ROA not after: Sat 08 Feb 2025 12:50:45 +0000
asID: 18229
IP address blocks: 154.210.169.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83727 (0x1470f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 12:50:45 2025 GMT
Not After : Feb 8 12:50:45 2025 GMT
Subject: CN=67938ca9-b025
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:b5:ea:a4:7d:c1:64:53:9a:33:d6:39:87:22:
c8:fc:06:f1:9f:9f:72:2c:86:24:6c:f9:66:da:fa:
12:10:a3:59:ba:af:ca:7a:96:39:75:a6:7d:07:e4:
18:47:73:7c:5a:33:e3:a8:fa:93:0c:8b:2e:5b:b8:
c8:a8:e2:a3:2d:a0:28:1e:f3:85:a7:92:67:63:51:
dc:71:e0:b5:3e:bb:04:3a:1b:4d:e3:de:be:40:31:
76:be:45:4d:c4:fe:bb:3c:79:bc:74:e0:6d:31:ee:
56:3d:b4:ed:8b:d6:f8:09:f2:6e:d7:9d:1f:60:bc:
f5:1f:85:c1:97:aa:13:bb:d0:09:d5:0c:51:c2:50:
d9:6d:e5:1a:26:7b:de:bb:08:93:90:02:3a:21:ce:
f4:54:65:e8:2a:9e:06:a6:59:05:04:11:9b:17:81:
32:23:7c:bf:27:52:5c:78:80:e5:ce:ed:0b:ae:9a:
6f:81:49:11:ca:9e:ea:0f:4e:53:4a:e3:fe:b0:4e:
fd:76:f3:87:c1:8a:a9:ca:b4:f2:46:44:8f:5e:f2:
29:91:e0:a8:f1:d9:d4:be:f5:d0:9f:69:78:54:0c:
89:d3:81:98:93:a2:4c:9c:f9:48:4b:e4:e9:15:ca:
d0:4f:a5:9e:56:8a:3d:fc:8d:4d:e4:98:0f:42:9b:
b1:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:90:AD:B0:B9:AE:A6:D1:87:63:7E:69:D8:DB:8A:9A:91:2E:37:33
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5D88464DA5111EF99162F5F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.169.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:06:50:4a:20:ba:df:35:d7:76:3f:04:a5:9f:1b:d5:51:29:
16:20:f1:e7:9f:1b:c7:26:7d:9c:b8:7a:e1:c4:55:4f:d8:b0:
4e:e1:14:92:09:1b:96:3f:86:14:b5:43:c8:4b:ed:b5:29:24:
c1:be:8b:f7:fc:35:fb:ad:c8:d8:85:34:9f:88:d6:d0:a4:7f:
7f:3f:fb:3d:a7:ed:80:91:33:a3:55:70:ca:8e:f7:19:a6:f2:
9e:2f:84:e8:c9:3b:13:27:56:45:05:ab:40:e3:89:aa:44:af:
75:ef:66:3e:15:60:a2:3a:32:ab:ef:21:d5:4f:92:5f:01:50:
55:c1:92:98:15:d1:a6:f0:7c:b7:b8:5c:41:dd:b9:5f:3b:39:
bd:34:25:d6:30:22:d8:f3:b9:73:26:f4:e6:6f:c4:a7:91:10:
9e:97:3c:1e:d6:cc:ea:bc:26:80:d2:66:10:c1:9a:73:e1:c8:
9b:18:c1:99:50:ef:4c:2b:fb:57:e6:3a:e3:cc:dd:e9:0c:04:
d0:0c:90:51:31:07:79:f7:4c:12:8a:3c:0a:41:5d:93:92:b8:
df:af:2b:e2:0e:8e:14:51:c5:d5:eb:af:a5:20:8b:24:b1:8d:
32:76:ef:a9:93:80:44:b5:80:6c:42:19:8a:f9:8a:ff:17:aa:
ea:19:6c:11
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUcPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTI1MDQ1WhcNMjUwMjA4MTI1MDQ1WjAYMRYw
FAYDVQQDEw02NzkzOGNhOS1iMDI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9LXqpH3BZFOaM9Y5hyLI/Abxn59yLIYkbPlm2voSEKNZuq/KepY5daZ9
B+QYR3N8WjPjqPqTDIsuW7jIqOKjLaAoHvOFp5JnY1HcceC1PrsEOhtN496+QDF2
vkVNxP67PHm8dOBtMe5WPbTti9b4CfJu150fYLz1H4XBl6oTu9AJ1QxRwlDZbeUa
JnveuwiTkAI6Ic70VGXoKp4GplkFBBGbF4EyI3y/J1JceIDlzu0LrppvgUkRyp7q
D05TSuP+sE79dvOHwYqpyrTyRkSPXvIpkeCo8dnUvvXQn2l4VAyJ04GYk6JMnPlI
S+TpFcrQT6WeVoo9/I1N5JgPQpuxZwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFASQ
rbC5rqbRh2N+adjbipqRLjczMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENUQ4ODQ2NERBNTExMUVGOTkxNjJGNUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtKpMA0GCSqGSIb3DQEB
CwUAA4IBAQCsBlBKILrfNdd2PwSlnxvVUSkWIPHnnxvHJn2cuHrhxFVP2LBO4RSS
CRuWP4YUtUPIS+21KSTBvov3/DX7rcjYhTSfiNbQpH9/P/s9p+2AkTOjVXDKjvcZ
pvKeL4ToyTsTJ1ZFBatA44mqRK9172Y+FWCiOjKr7yHVT5JfAVBVwZKYFdGm8Hy3
uFxB3blfOzm9NCXWMCLY87lzJvTmb8SnkRCelzwe1szqvCaA0mYQwZpz4cibGMGZ
UO9MK/tX5jrjzN3pDATQDJBRMQd590wSijwKQV2TkrjfryviDo4UUcXV66+lIIsk
sY0ydu+pk4BEtYBsQhmK+Yr/F6rqGWwR
-----END CERTIFICATE-----
Generated at Sun Apr 27 14:14:44 2025 by rpki-client