Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D8E72E8ACEE911EFB5A26457762E951A.roa
File: D8E72E8ACEE911EFB5A26457762E951A.roa (raw, json)
Hash identifier: /3+jzhKzABJvBXuMpA2xvUEO3EIYAeRJOcWKWf3/kwA=
Subject key identifier: D3:99:F3:89:D2:83:BE:79:B3:40:96:AD:BD:F3:04:21:A9:3F:9C:BA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013962
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D8E72E8ACEE911EFB5A26457762E951A.roa
Signing time: Fri 10 Jan 2025 00:28:43 +0000
ROA not before: Fri 10 Jan 2025 00:00:39 +0000
ROA not after: Tue 11 Feb 2025 00:00:39 +0000
asID: 5065
IP address blocks: 154.95.20.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80226 (0x13962)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 10 00:00:39 2025 GMT
Not After : Feb 11 00:00:39 2025 GMT
Subject: CN=678069bb-9822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a1:42:0a:69:cd:a6:a6:da:6a:03:66:20:8b:
2a:97:80:9f:0c:1e:c3:44:cd:70:6f:84:18:60:86:
b6:39:4e:da:d9:94:66:18:2e:42:35:98:8f:3a:69:
c1:91:ba:90:11:d2:ec:5a:c5:61:5b:9c:f4:ba:cc:
58:a8:f0:a7:4f:b5:63:ee:78:1f:da:8a:0e:7c:07:
62:b0:10:3a:37:ab:a2:21:5c:50:c2:e2:18:5a:dc:
d6:c5:53:70:c2:7d:9e:f2:e2:10:96:59:e8:b2:ed:
9f:0a:c2:5a:33:78:d5:8d:f4:07:1a:ec:0c:45:09:
e9:f1:a0:13:29:65:93:bc:47:06:dd:b5:c1:87:70:
af:48:30:35:07:7b:86:8a:ef:18:be:58:46:3f:b1:
94:e2:8f:fc:1d:aa:81:92:06:98:48:7c:79:3f:21:
cf:05:2d:f6:e6:fc:e7:4b:ba:58:ce:14:ee:60:d0:
d3:e0:a7:dd:00:00:d1:26:4b:e8:9f:2f:2a:b1:89:
32:d0:cd:3e:94:49:07:f3:28:dd:99:47:1d:6e:76:
9d:3a:df:9a:8d:4d:11:e9:c6:30:00:8f:b4:3d:40:
17:93:d3:60:2e:db:be:1f:27:f8:91:7a:81:b7:89:
ca:99:3f:5b:f9:10:13:db:cb:52:6b:fa:90:35:ec:
2c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:99:F3:89:D2:83:BE:79:B3:40:96:AD:BD:F3:04:21:A9:3F:9C:BA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D8E72E8ACEE911EFB5A26457762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.20.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:3d:a7:0f:88:3c:d1:fd:ba:16:1c:77:8f:06:97:6b:b4:49:
8c:1f:83:10:62:24:c8:d5:93:da:80:15:68:3a:f2:1a:d8:f6:
d7:fc:7d:47:fe:3a:71:05:db:09:8f:af:6f:3a:30:f0:29:46:
d7:c4:83:3b:7d:ad:98:ec:28:31:2a:45:d2:d6:72:42:f8:cb:
81:36:a9:68:1e:6a:4f:0e:99:87:0e:73:06:b7:50:1a:c1:57:
bc:70:05:15:0c:f7:88:8e:42:b4:db:e4:09:8d:f7:9c:d9:59:
3e:01:3e:83:c6:8f:05:58:d4:fa:19:51:64:2e:18:4a:14:d6:
a6:49:7a:67:e7:96:c1:0d:0d:b4:71:51:53:24:6d:a5:17:a7:
37:d2:af:c2:be:05:a4:73:9e:1f:bf:da:7d:0b:0a:65:08:c3:
56:d3:13:f9:85:c6:1b:5e:5f:3a:c5:52:31:00:f6:26:96:3d:
7e:bb:ef:6d:58:6c:14:f0:11:16:e5:7b:d1:32:35:20:2f:37:
27:36:25:9e:c5:c3:94:90:ca:4e:a8:8d:02:e9:f1:b6:39:69:
01:f2:a0:b9:40:26:01:70:d3:cf:7d:8e:17:54:c2:dc:6f:54:
54:e3:60:6d:e0:b3:d4:c4:2d:c9:35:35:7e:9a:01:58:dd:de:
7f:e2:f9:bc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATliMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTEwMDAwMDM5WhcNMjUwMjExMDAwMDM5WjAYMRYw
FAYDVQQDEw02NzgwNjliYi05ODIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnKFCCmnNpqbaagNmIIsql4CfDB7DRM1wb4QYYIa2OU7a2ZRmGC5CNZiP
OmnBkbqQEdLsWsVhW5z0usxYqPCnT7Vj7ngf2ooOfAdisBA6N6uiIVxQwuIYWtzW
xVNwwn2e8uIQllnosu2fCsJaM3jVjfQHGuwMRQnp8aATKWWTvEcG3bXBh3CvSDA1
B3uGiu8YvlhGP7GU4o/8HaqBkgaYSHx5PyHPBS325vznS7pYzhTuYNDT4KfdAADR
Jkvony8qsYky0M0+lEkH8yjdmUcdbnadOt+ajU0R6cYwAI+0PUAXk9NgLtu+Hyf4
kXqBt4nKmT9b+RAT28tSa/qQNews2wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNOZ
84nSg755s0CWrb3zBCGpP5y6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOEU3MkU4QUNFRTkxMUVGQjVBMjY0NTc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCml8UMA0GCSqGSIb3DQEB
CwUAA4IBAQCLPacPiDzR/boWHHePBpdrtEmMH4MQYiTI1ZPagBVoOvIa2PbX/H1H
/jpxBdsJj69vOjDwKUbXxIM7fa2Y7CgxKkXS1nJC+MuBNqloHmpPDpmHDnMGt1Aa
wVe8cAUVDPeIjkK02+QJjfec2Vk+AT6Dxo8FWNT6GVFkLhhKFNamSXpn55bBDQ20
cVFTJG2lF6c30q/CvgWkc54fv9p9CwplCMNW0xP5hcYbXl86xVIxAPYmlj1+u+9t
WGwU8BEW5XvRMjUgLzcnNiWexcOUkMpOqI0C6fG2OWkB8qC5QCYBcNPPfY4XVMLc
b1RU42Bt4LPUxC3JNTV+mgFY3d5/4vm8
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:03:58 2025 by rpki-client