Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D8185DF6DCBA11EFA55E27A4762E951A.roa
File: D8185DF6DCBA11EFA55E27A4762E951A.roa (raw, json)
Hash identifier: 2B1J3987fazIvEFo7nxFOHa/YPxzNnE6+ROAu8TiWkQ=
Subject key identifier: 3D:CE:12:75:1C:C7:F4:09:8D:E5:E7:42:AB:B5:47:94:FA:37:18:CC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014C11
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D8185DF6DCBA11EFA55E27A4762E951A.roa
Signing time: Mon 27 Jan 2025 14:27:32 +0000
ROA not before: Mon 27 Jan 2025 14:27:27 +0000
ROA not after: Sat 08 Feb 2025 14:27:27 +0000
asID: 133180
IP address blocks: 154.214.64.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85009 (0x14c11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 27 14:27:27 2025 GMT
Not After : Feb 8 14:27:27 2025 GMT
Subject: CN=679797d4-144a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c9:8d:4d:48:cd:3c:dd:82:cf:8f:fe:34:c0:
2c:96:b0:99:f8:d0:52:e5:26:ad:9c:57:e7:23:1e:
7e:5a:c4:89:8c:7c:a8:88:54:3d:1e:ff:46:78:b2:
34:af:36:4e:94:26:ba:d9:15:c6:08:f7:7d:89:77:
00:05:2a:36:52:d5:c9:93:d2:26:05:ca:e6:f3:f7:
08:9c:58:78:51:16:84:f8:8b:5d:81:8b:49:99:2f:
dc:a2:da:1d:c4:4d:ed:fa:93:ff:78:d7:a6:b6:8c:
89:b1:26:61:e9:57:dc:ed:aa:a2:e1:39:db:ad:4c:
f1:8d:aa:df:d9:d0:d3:e3:3d:53:7a:97:a0:00:65:
e2:52:9d:02:ad:1d:e7:68:99:bd:81:95:51:b2:31:
b9:1b:92:d5:4b:20:97:55:e0:c1:a4:66:92:bc:94:
2e:0b:06:dc:91:15:38:05:fb:e0:0e:9e:0c:c3:35:
8d:49:09:2f:c0:52:48:65:ea:11:b9:7e:48:6a:ee:
cb:a6:13:ab:3b:ca:91:cd:5e:c9:ba:76:53:00:31:
b0:c0:0c:47:f9:fd:33:45:98:45:42:33:60:8d:e6:
91:94:7a:7c:8a:d7:71:70:5e:0c:c3:2c:1e:5f:17:
af:55:04:b5:c0:44:bf:0b:29:2b:e3:92:2c:8e:56:
1b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:CE:12:75:1C:C7:F4:09:8D:E5:E7:42:AB:B5:47:94:FA:37:18:CC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D8185DF6DCBA11EFA55E27A4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.64.0/18
Signature Algorithm: sha256WithRSAEncryption
a0:61:53:0d:35:1b:05:88:74:e3:e6:27:81:52:ea:4a:e0:c4:
30:e2:da:48:49:72:f0:8d:88:79:5d:b5:ad:d4:18:62:4b:6c:
90:f4:80:06:79:9b:dc:64:f8:83:ea:65:c1:63:2e:73:94:53:
06:04:44:cd:3f:f8:6f:a7:eb:87:cb:c3:f7:af:d3:13:9b:29:
7e:cc:b1:a4:d8:4c:db:61:a9:f6:e0:2e:70:ba:0a:fe:ac:a7:
db:42:12:69:17:f5:84:5f:a6:a0:24:b9:f1:3f:9e:52:03:ea:
0a:e7:60:56:b1:c9:bf:8e:01:26:77:77:4e:1f:07:21:eb:f8:
fb:73:d7:12:77:eb:cf:de:67:21:64:ec:30:c4:08:f8:e7:e4:
46:53:38:70:e6:96:9b:7a:8a:c7:2e:b4:4f:0c:ff:1f:7c:34:
bd:58:cf:b9:a6:5f:61:7c:f2:67:59:46:43:17:67:a8:05:96:
b8:bb:48:ef:f5:f5:40:a9:bb:63:87:35:8c:06:15:e1:8d:e4:
f0:a2:a9:0e:40:23:a5:b9:1f:e7:26:59:be:dd:ad:39:01:ba:
47:32:b2:67:6a:b0:82:84:96:76:4c:1d:fe:46:c7:98:de:a4:
8b:21:0e:2b:1f:92:39:7e:00:1d:73:1c:28:e0:52:37:37:f1:
e6:73:d0:5f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUwRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI3MTQyNzI3WhcNMjUwMjA4MTQyNzI3WjAYMRYw
FAYDVQQDEw02Nzk3OTdkNC0xNDRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtcmNTUjNPN2Cz4/+NMAslrCZ+NBS5SatnFfnIx5+WsSJjHyoiFQ9Hv9G
eLI0rzZOlCa62RXGCPd9iXcABSo2UtXJk9ImBcrm8/cInFh4URaE+ItdgYtJmS/c
otodxE3t+pP/eNemtoyJsSZh6Vfc7aqi4TnbrUzxjarf2dDT4z1TepegAGXiUp0C
rR3naJm9gZVRsjG5G5LVSyCXVeDBpGaSvJQuCwbckRU4BfvgDp4MwzWNSQkvwFJI
ZeoRuX5Iau7LphOrO8qRzV7JunZTADGwwAxH+f0zRZhFQjNgjeaRlHp8itdxcF4M
wyweXxevVQS1wES/Cykr45IsjlYbPwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFD3O
EnUcx/QJjeXnQqu1R5T6NxjMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EODE4NURGNkRDQkExMUVGQTU1RTI3QTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmtZAMA0GCSqGSIb3DQEB
CwUAA4IBAQCgYVMNNRsFiHTj5ieBUupK4MQw4tpISXLwjYh5XbWt1BhiS2yQ9IAG
eZvcZPiD6mXBYy5zlFMGBETNP/hvp+uHy8P3r9MTmyl+zLGk2EzbYan24C5wugr+
rKfbQhJpF/WEX6agJLnxP55SA+oK52BWscm/jgEmd3dOHwch6/j7c9cSd+vP3mch
ZOwwxAj45+RGUzhw5pabeorHLrRPDP8ffDS9WM+5pl9hfPJnWUZDF2eoBZa4u0jv
9fVAqbtjhzWMBhXhjeTwoqkOQCOluR/nJlm+3a05AbpHMrJnarCChJZ2TB3+RseY
3qSLIQ4rH5I5fgAdcxwo4FI3N/Hmc9Bf
-----END CERTIFICATE-----
Generated at Tue Apr 29 01:01:00 2025 by rpki-client