Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D7E1B0A0CC0A11EF91188D92762E951A.roa
File: D7E1B0A0CC0A11EF91188D92762E951A.roa (raw, json)
Hash identifier: JmKWvo0BamFM7pyZ4BLvBQGRr5EvEObiYf9qq1QuITU=
Subject key identifier: 25:DD:07:38:EB:6F:9E:92:2D:78:E1:98:31:E8:49:C3:69:6F:B9:94
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0135BE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D7E1B0A0CC0A11EF91188D92762E951A.roa
Signing time: Mon 06 Jan 2025 08:47:21 +0000
ROA not before: Mon 06 Jan 2025 08:47:18 +0000
ROA not after: Thu 06 Feb 2025 08:47:18 +0000
asID: 200373
IP address blocks: 154.91.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79294 (0x135be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 6 08:47:18 2025 GMT
Not After : Feb 6 08:47:18 2025 GMT
Subject: CN=677b9899-b1d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:74:18:75:78:7d:98:e6:76:1a:2b:84:b3:18:
64:1e:aa:53:dd:c6:16:fc:2e:7a:28:39:cc:65:66:
15:41:af:fb:c6:c8:57:63:f6:df:e2:3b:3e:28:c5:
47:9c:a8:c3:c6:8c:e7:5d:b9:68:24:89:2b:18:6a:
72:d4:0c:92:b9:8b:9d:31:2e:1a:9d:77:88:30:d3:
b6:50:a4:f7:ac:e3:ca:17:f8:3e:a0:55:ea:f3:e8:
50:c6:dd:d0:c3:47:be:ab:31:eb:27:47:7a:f6:aa:
71:e9:98:26:1d:8d:dd:cd:58:32:ab:96:7b:48:56:
54:8b:7c:de:c1:a3:1c:11:19:dc:24:af:22:1d:b0:
73:c6:2c:78:12:3a:1b:2c:64:96:d4:04:57:96:93:
94:a2:41:d3:79:90:09:91:ab:af:4b:5f:7f:81:61:
57:62:bb:ed:3a:47:7f:8a:48:04:c2:98:36:e4:e7:
7e:c1:f4:12:f4:de:86:53:5b:d3:8a:10:0c:c2:96:
6e:e8:63:7d:1d:4c:cb:3b:e2:43:cb:2f:da:52:2e:
0b:f8:12:eb:a1:56:7d:ad:51:00:e1:2f:93:96:c0:
76:d4:0c:93:5b:3a:4e:97:47:db:47:6a:0d:38:d5:
9f:78:0e:9c:d1:f3:91:19:3a:5c:1b:a1:2a:b7:00:
54:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:DD:07:38:EB:6F:9E:92:2D:78:E1:98:31:E8:49:C3:69:6F:B9:94
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D7E1B0A0CC0A11EF91188D92762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.171.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:44:e4:5a:b0:09:b0:34:13:28:99:41:85:a6:1c:60:52:4c:
80:7c:11:37:dc:43:56:9c:19:c6:22:73:06:ed:e8:9b:32:38:
cf:84:39:87:9e:22:3d:3b:f3:e2:9f:fc:e7:19:31:ec:2d:9a:
12:8a:8c:39:32:9f:46:ab:05:0b:87:60:39:9a:b1:f1:2b:99:
49:a0:21:36:17:7c:5b:ec:f8:65:a0:35:84:95:3f:0e:01:15:
9c:db:4d:a3:e5:a3:28:6f:49:b3:d0:a5:5a:06:e4:0e:39:3a:
02:b1:72:00:39:37:7d:28:ae:80:dd:d4:db:68:d3:97:a2:9c:
26:9c:d2:a2:9f:c8:96:61:7d:73:a1:ca:72:50:e1:e1:54:ab:
95:27:0f:3a:55:49:4c:9d:99:4f:ca:f6:6d:6f:37:8a:da:bc:
3e:59:4c:03:dd:a8:17:4d:c0:dd:57:5a:34:89:c2:3b:f1:eb:
ba:3f:04:f1:bc:df:50:d8:c1:2c:50:77:b6:51:e2:42:c9:a0:
6c:ff:04:f7:6a:3d:95:a7:34:7c:80:d0:1e:e9:30:95:0e:be:
38:85:d1:9c:c6:99:46:41:cf:72:5b:21:d0:a2:3e:40:63:cb:
5a:10:dc:9d:68:c5:43:df:1e:f8:55:12:99:26:f7:df:d5:59:
c6:8d:3c:a5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATW+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA2MDg0NzE4WhcNMjUwMjA2MDg0NzE4WjAYMRYw
FAYDVQQDEw02NzdiOTg5OS1iMWQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7HQYdXh9mOZ2GiuEsxhkHqpT3cYW/C56KDnMZWYVQa/7xshXY/bf4js+
KMVHnKjDxoznXbloJIkrGGpy1AySuYudMS4anXeIMNO2UKT3rOPKF/g+oFXq8+hQ
xt3Qw0e+qzHrJ0d69qpx6ZgmHY3dzVgyq5Z7SFZUi3zewaMcERncJK8iHbBzxix4
EjobLGSW1ARXlpOUokHTeZAJkauvS19/gWFXYrvtOkd/ikgEwpg25Od+wfQS9N6G
U1vTihAMwpZu6GN9HUzLO+JDyy/aUi4L+BLroVZ9rVEA4S+TlsB21AyTWzpOl0fb
R2oNONWfeA6c0fORGTpcG6EqtwBUIwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCXd
Bzjrb56SLXjhmDHoScNpb7mUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EN0UxQjBBMENDMEExMUVGOTExODhEOTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlurMA0GCSqGSIb3DQEB
CwUAA4IBAQBdRORasAmwNBMomUGFphxgUkyAfBE33ENWnBnGInMG7eibMjjPhDmH
niI9O/Pin/znGTHsLZoSiow5Mp9GqwULh2A5mrHxK5lJoCE2F3xb7PhloDWElT8O
ARWc202j5aMob0mz0KVaBuQOOToCsXIAOTd9KK6A3dTbaNOXopwmnNKin8iWYX1z
ocpyUOHhVKuVJw86VUlMnZlPyvZtbzeK2rw+WUwD3agXTcDdV1o0icI78eu6PwTx
vN9Q2MEsUHe2UeJCyaBs/wT3aj2VpzR8gNAe6TCVDr44hdGcxplGQc9yWyHQoj5A
Y8taENydaMVD3x74VRKZJvff1VnGjTyl
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:47 2025 by rpki-client