Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D6D8133ACC2C11EFBEE62F69762E951A.roa
File: D6D8133ACC2C11EFBEE62F69762E951A.roa (raw, json)
Hash identifier: OCX6ztDtHNfitRx7E0YTW2D5hBTMioe17xgRCCthMmw=
Subject key identifier: D0:1F:65:25:04:94:AB:2C:DF:C1:C2:FB:39:21:7D:B1:A6:F3:94:19
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013628
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D6D8133ACC2C11EFBEE62F69762E951A.roa
Signing time: Mon 06 Jan 2025 12:50:43 +0000
ROA not before: Mon 06 Jan 2025 12:50:39 +0000
ROA not after: Thu 06 Feb 2025 12:50:39 +0000
asID: 151800
IP address blocks: 154.197.94.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79400 (0x13628)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 6 12:50:39 2025 GMT
Not After : Feb 6 12:50:39 2025 GMT
Subject: CN=677bd1a3-ea5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:bc:11:8e:f9:51:66:3d:54:44:a2:5d:6d:e6:
44:1a:bf:33:a2:61:a0:78:60:4a:ca:9d:56:79:65:
49:13:90:4a:1e:3c:c4:1d:8e:95:b3:cf:59:c2:92:
58:68:a4:2a:00:87:a4:a8:11:ba:cb:f4:15:43:93:
64:cf:a6:63:c8:98:9f:20:4e:49:7c:b3:30:29:19:
85:36:88:30:13:4c:77:1e:c3:b3:d5:4f:54:b6:17:
f1:22:0a:ff:b6:f8:5c:7a:50:30:9a:46:15:bf:aa:
d3:28:16:bd:67:f4:eb:ee:ce:fb:5a:a8:d3:2a:18:
54:3a:96:87:76:f1:6c:14:c9:8c:ed:2d:24:a7:0f:
e8:f7:80:de:d2:12:5d:54:9c:ee:00:9f:00:56:d0:
6b:3a:29:74:30:00:c0:4a:46:3a:2a:f0:02:44:10:
72:5f:64:11:7d:a5:51:65:65:7e:55:7f:5a:18:83:
b0:d7:4a:49:a4:72:79:28:0c:da:0e:9a:71:79:11:
cb:a4:16:a2:91:06:ce:ac:df:41:88:ee:b7:3e:a9:
39:b8:b9:e7:86:b8:72:6d:89:c9:07:80:35:fc:a7:
53:a3:ad:68:c7:63:05:d1:6a:28:fb:04:f0:b3:22:
08:9d:63:34:db:e6:ef:0e:67:73:af:65:10:1c:9b:
58:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:1F:65:25:04:94:AB:2C:DF:C1:C2:FB:39:21:7D:B1:A6:F3:94:19
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D6D8133ACC2C11EFBEE62F69762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.94.0/23
Signature Algorithm: sha256WithRSAEncryption
78:de:f1:a7:fe:42:7e:91:6f:ea:f9:1c:0c:2b:41:d6:d1:a2:
8d:05:17:8a:da:a2:d9:14:19:96:63:68:76:32:4b:67:5d:95:
ad:1e:6d:8e:a6:da:b2:77:94:f0:bf:24:49:d0:44:4c:de:93:
00:8b:4b:60:7f:cc:49:36:78:3c:d3:6e:08:a4:e3:a4:2e:34:
6c:55:05:78:7a:8c:02:f1:63:63:df:1d:03:80:f5:d2:5e:2a:
3b:2a:c1:4b:4b:3b:02:3d:69:37:41:89:b2:2b:c1:12:db:4f:
7d:fb:06:ca:c2:fa:fa:40:55:9e:04:57:44:17:0e:a7:ee:ee:
e6:55:0a:79:73:34:cb:2d:41:77:03:28:b8:63:c9:4a:4b:39:
56:f2:30:84:8a:3e:65:e3:e6:0f:03:0a:88:c0:46:a9:eb:6b:
46:e0:54:cc:63:9b:b2:8b:81:3a:e5:17:1b:3e:19:fb:dd:4b:
36:c6:d7:7b:bf:3d:c7:f6:34:85:f4:d9:7d:e7:e8:2a:b8:22:
dd:40:06:4d:d1:de:8f:23:9b:f3:95:12:b2:0e:ec:c3:01:9b:
97:10:03:d9:e0:da:47:6c:eb:d4:e9:60:3b:f6:5a:8e:f5:80:
0f:42:0f:ef:95:b7:f6:d2:23:22:9c:0d:19:2b:bf:ae:4f:30:
0f:9f:51:74
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATYoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA2MTI1MDM5WhcNMjUwMjA2MTI1MDM5WjAYMRYw
FAYDVQQDEw02NzdiZDFhMy1lYTVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA07wRjvlRZj1URKJdbeZEGr8zomGgeGBKyp1WeWVJE5BKHjzEHY6Vs89Z
wpJYaKQqAIekqBG6y/QVQ5Nkz6ZjyJifIE5JfLMwKRmFNogwE0x3HsOz1U9Uthfx
Igr/tvhcelAwmkYVv6rTKBa9Z/Tr7s77WqjTKhhUOpaHdvFsFMmM7S0kpw/o94De
0hJdVJzuAJ8AVtBrOil0MADASkY6KvACRBByX2QRfaVRZWV+VX9aGIOw10pJpHJ5
KAzaDppxeRHLpBaikQbOrN9BiO63Pqk5uLnnhrhybYnJB4A1/KdTo61ox2MF0Woo
+wTwsyIInWM02+bvDmdzr2UQHJtY6wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNAf
ZSUElKss38HC+zkhfbGm85QZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENkQ4MTMzQUNDMkMxMUVGQkVFNjJGNjk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsVeMA0GCSqGSIb3DQEB
CwUAA4IBAQB43vGn/kJ+kW/q+RwMK0HW0aKNBReK2qLZFBmWY2h2MktnXZWtHm2O
ptqyd5TwvyRJ0ERM3pMAi0tgf8xJNng8024IpOOkLjRsVQV4eowC8WNj3x0DgPXS
Xio7KsFLSzsCPWk3QYmyK8ES2099+wbKwvr6QFWeBFdEFw6n7u7mVQp5czTLLUF3
Ayi4Y8lKSzlW8jCEij5l4+YPAwqIwEap62tG4FTMY5uyi4E65RcbPhn73Us2xtd7
vz3H9jSF9Nl95+gquCLdQAZN0d6PI5vzlRKyDuzDAZuXEAPZ4NpHbOvU6WA79lqO
9YAPQg/vlbf20iMinA0ZK7+uTzAPn1F0
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:47:48 2025 by rpki-client