Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5FA4448DB2111EFB6CADE5F762E951A.roa
File: D5FA4448DB2111EFB6CADE5F762E951A.roa (raw, json)
Hash identifier: RYK5PUQ59yD7PGm/DwvrxLShCRzF8xMd4fAzpIiFuRM=
Subject key identifier: AA:E2:59:8A:34:49:77:FB:0A:CA:30:67:6A:2B:C6:7E:2B:C5:D7:FD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01499A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5FA4448DB2111EFB6CADE5F762E951A.roa
Signing time: Sat 25 Jan 2025 13:39:44 +0000
ROA not before: Sat 25 Jan 2025 13:39:40 +0000
ROA not after: Tue 04 Feb 2025 13:39:40 +0000
asID: 395793
IP address blocks: 154.193.109.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84378 (0x1499a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 25 13:39:40 2025 GMT
Not After : Feb 4 13:39:40 2025 GMT
Subject: CN=6794e9a0-fcb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:71:89:34:0f:78:b9:67:f0:70:36:7b:eb:b5:
fd:d4:6f:ca:9e:e6:77:4b:04:36:c0:26:9a:a0:cc:
4e:7b:a2:c4:c7:e8:ef:73:94:bb:48:3e:80:ac:3a:
45:be:ba:0e:63:d5:b8:a7:cf:e8:20:dc:1e:8b:91:
42:bb:cf:43:dc:a4:d9:c2:21:ad:c4:2a:40:d0:94:
30:09:a6:0d:3c:73:8c:87:e8:a6:11:0e:b2:81:80:
ee:25:50:6d:ac:b5:d9:23:0f:4f:44:c8:7b:70:0c:
34:b5:d5:6d:72:c9:e3:07:c7:93:fe:b7:01:9a:bf:
b5:35:36:1a:d8:82:81:32:89:73:bd:a0:0c:dd:d9:
ef:52:0a:0e:6a:c9:5e:d9:15:e9:73:a3:5c:db:d8:
6e:87:a7:1a:94:53:d0:bc:05:b9:4d:6d:99:0b:85:
64:08:44:37:aa:5a:02:f0:38:1b:96:7e:1e:e0:3f:
87:c0:bf:0b:9f:16:6c:4b:b1:f4:14:78:d7:f2:ce:
3d:15:69:9f:45:da:04:c7:85:f4:9b:3f:70:55:54:
71:f8:fd:9e:85:d7:2f:c4:d4:95:b1:4b:10:80:ab:
d2:6d:ca:66:12:fb:c1:32:20:2e:62:f2:52:62:79:
6e:95:84:87:ff:89:50:21:24:9d:99:22:c1:aa:4e:
ca:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:E2:59:8A:34:49:77:FB:0A:CA:30:67:6A:2B:C6:7E:2B:C5:D7:FD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5FA4448DB2111EFB6CADE5F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.109.0/24
Signature Algorithm: sha256WithRSAEncryption
53:e2:48:0e:26:5f:f7:5b:70:77:7d:05:58:4c:92:dc:99:9c:
74:44:17:b2:f4:09:38:ec:ae:39:d9:57:66:c0:48:be:39:ce:
63:30:d0:22:f0:d4:e6:b6:7c:28:ee:19:99:90:73:d7:ee:a9:
71:51:e5:ad:72:1f:79:14:41:1d:7c:45:31:f0:ec:f5:28:ee:
d0:ec:38:57:e5:fe:bf:34:c2:ed:d6:77:e0:64:a2:7d:cd:11:
cc:a2:08:e2:8c:7e:a0:ee:a0:9c:78:5b:2e:df:7c:a0:39:98:
d9:81:35:63:ce:38:66:02:86:29:c3:be:bb:b9:8e:f1:ef:cf:
37:1f:2d:ec:c8:b3:e4:fa:e6:13:71:49:4b:a1:de:59:22:36:
fc:81:5c:64:8b:ef:b4:10:71:63:24:38:ea:e3:81:fe:e9:88:
b5:7f:d6:94:84:c9:c4:ef:f6:38:b6:e8:8d:5f:ef:24:bb:85:
9a:fd:bb:78:17:30:a4:11:8a:92:cd:c6:53:5b:62:93:ae:3f:
88:36:3f:12:da:2f:fc:60:91:45:de:a9:33:66:6a:68:a3:e7:
23:20:10:9c:dc:de:16:aa:ef:35:fb:47:68:0a:f1:27:6a:9d:
96:f2:a8:aa:11:dc:b6:71:4b:35:b9:10:b9:67:f8:2d:74:0e:
2f:a7:7c:f5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUmaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI1MTMzOTQwWhcNMjUwMjA0MTMzOTQwWjAYMRYw
FAYDVQQDEw02Nzk0ZTlhMC1mY2I0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2nGJNA94uWfwcDZ767X91G/KnuZ3SwQ2wCaaoMxOe6LEx+jvc5S7SD6A
rDpFvroOY9W4p8/oINwei5FCu89D3KTZwiGtxCpA0JQwCaYNPHOMh+imEQ6ygYDu
JVBtrLXZIw9PRMh7cAw0tdVtcsnjB8eT/rcBmr+1NTYa2IKBMolzvaAM3dnvUgoO
asle2RXpc6Nc29huh6calFPQvAW5TW2ZC4VkCEQ3qloC8Dgbln4e4D+HwL8LnxZs
S7H0FHjX8s49FWmfRdoEx4X0mz9wVVRx+P2ehdcvxNSVsUsQgKvSbcpmEvvBMiAu
YvJSYnlulYSH/4lQISSdmSLBqk7KKQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKri
WYo0SXf7CsowZ2orxn4rxdf9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENUZBNDQ0OERCMjExMUVGQjZDQURFNUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsFtMA0GCSqGSIb3DQEB
CwUAA4IBAQBT4kgOJl/3W3B3fQVYTJLcmZx0RBey9Ak47K452VdmwEi+Oc5jMNAi
8NTmtnwo7hmZkHPX7qlxUeWtch95FEEdfEUx8Oz1KO7Q7DhX5f6/NMLt1nfgZKJ9
zRHMogjijH6g7qCceFsu33ygOZjZgTVjzjhmAoYpw767uY7x7883Hy3syLPk+uYT
cUlLod5ZIjb8gVxki++0EHFjJDjq44H+6Yi1f9aUhMnE7/Y4tuiNX+8ku4Wa/bt4
FzCkEYqSzcZTW2KTrj+INj8S2i/8YJFF3qkzZmpoo+cjIBCc3N4Wqu81+0doCvEn
ap2W8qiqEdy2cUs1uRC5Z/gtdA4vp3z1
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:11:25 2025 by rpki-client