Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D95798C4DFE111EFBA435B66762E951A.roa
File: D95798C4DFE111EFBA435B66762E951A.roa (raw, json)
Hash identifier: Hiq9b3ieqGZhJwXO+sCruqajDC/uRQs8qbSTsNQSCLE=
Subject key identifier: 20:69:6B:D9:B2:49:D8:8E:CB:1D:EC:17:11:33:F6:77:B2:4C:A7:AA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014DBD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D95798C4DFE111EFBA435B66762E951A.roa
Signing time: Fri 31 Jan 2025 14:44:18 +0000
ROA not before: Fri 31 Jan 2025 14:44:14 +0000
ROA not after: Fri 07 Feb 2025 14:44:14 +0000
asID: 63199
IP address blocks: 154.207.112.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85437 (0x14dbd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 31 14:44:14 2025 GMT
Not After : Feb 7 14:44:14 2025 GMT
Subject: CN=679ce1c2-182a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:22:a2:6a:44:b5:5b:75:84:d0:33:c1:93:c7:
f7:88:c7:6c:c0:41:8b:27:50:bd:a1:21:b4:fb:77:
ce:55:a4:d4:2e:51:64:9b:1f:22:9f:94:26:81:be:
ed:aa:31:40:ce:17:a0:75:ef:3b:73:4e:6a:15:6c:
b2:48:1e:7e:24:31:f5:e9:02:d6:83:9f:69:c5:75:
59:67:14:ea:f4:fd:48:d2:04:5d:41:e4:69:0e:df:
39:e6:9c:67:13:7e:f7:ef:ee:f3:58:d6:fa:cc:0e:
5f:5c:ed:f4:a2:f8:7f:bd:4c:da:25:79:f1:2a:11:
d2:dc:84:51:f6:57:3e:6e:57:15:57:77:17:07:86:
19:1d:17:5d:0d:fc:0a:27:dd:28:1c:f4:dd:d1:41:
47:ae:d4:50:c2:74:ed:6f:b8:7c:43:15:b6:da:87:
8f:22:c7:23:10:38:6e:fa:d5:82:9c:90:16:69:54:
33:01:f7:d5:8f:47:c9:d9:29:a9:8f:6a:39:b3:f9:
eb:c1:6a:16:09:77:b4:fb:61:df:76:8b:a1:ed:cd:
09:f0:16:7d:11:d2:50:3d:d8:b9:44:27:b8:df:b7:
be:67:5f:19:6c:50:ec:0d:5c:aa:c2:92:08:a1:93:
86:e7:36:36:20:41:de:f9:2d:07:f5:e6:7e:ba:a4:
22:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:69:6B:D9:B2:49:D8:8E:CB:1D:EC:17:11:33:F6:77:B2:4C:A7:AA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D95798C4DFE111EFBA435B66762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.112.0/23
Signature Algorithm: sha256WithRSAEncryption
01:5e:4d:3b:3f:b6:99:69:43:85:c4:c5:e5:43:99:a7:85:b5:
7b:36:0e:d8:21:57:cd:4e:92:da:5f:1c:e0:c0:a3:06:ef:3f:
3a:53:dd:de:87:e0:ac:3a:b1:5a:b1:17:46:6c:c7:69:9e:6e:
73:2f:38:8c:9b:aa:f3:4d:65:5d:3b:5c:16:1b:95:90:3e:74:
89:de:b4:d7:c1:3e:3c:7d:ff:02:bb:ef:46:da:5d:90:8f:91:
a6:11:bf:3c:d6:6e:61:97:7c:ee:fe:b4:24:89:45:89:7d:0c:
a3:ed:0f:bd:fe:cf:68:a7:55:14:a9:0a:a1:56:30:a5:ba:18:
f3:75:97:15:74:fa:a3:53:d9:3b:5e:71:ed:54:ec:97:86:28:
cf:96:5f:40:2d:af:88:ec:61:07:15:93:00:1c:08:93:aa:5d:
42:1c:ab:3d:d9:13:12:03:64:f2:9e:e1:50:4e:6f:2e:75:00:
15:8c:d0:a8:8c:fc:23:0e:1c:ab:8b:e2:86:a7:b2:d0:45:9c:
bf:92:70:82:13:44:61:ef:56:49:64:ec:43:7b:2b:92:06:1b:
97:e6:6c:bf:3e:e3:7b:f7:3f:be:8d:62:ae:c7:da:96:fd:14:
a7:bb:b2:bd:b4:7c:f5:3d:d9:f6:41:b1:f9:52:46:85:ce:f6:
3b:8d:d7:47
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAU29MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTMxMTQ0NDE0WhcNMjUwMjA3MTQ0NDE0WjAYMRYw
FAYDVQQDEw02NzljZTFjMi0xODJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsiKiakS1W3WE0DPBk8f3iMdswEGLJ1C9oSG0+3fOVaTULlFkmx8in5Qm
gb7tqjFAzhegde87c05qFWyySB5+JDH16QLWg59pxXVZZxTq9P1I0gRdQeRpDt85
5pxnE3737+7zWNb6zA5fXO30ovh/vUzaJXnxKhHS3IRR9lc+blcVV3cXB4YZHRdd
DfwKJ90oHPTd0UFHrtRQwnTtb7h8QxW22oePIscjEDhu+tWCnJAWaVQzAffVj0fJ
2Smpj2o5s/nrwWoWCXe0+2Hfdouh7c0J8BZ9EdJQPdi5RCe437e+Z18ZbFDsDVyq
wpIIoZOG5zY2IEHe+S0H9eZ+uqQikQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCBp
a9mySdiOyx3sFxEz9neyTKeqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOTU3OThDNERGRTExMUVGQkE0MzVCNjY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms9wMA0GCSqGSIb3DQEB
CwUAA4IBAQABXk07P7aZaUOFxMXlQ5mnhbV7Ng7YIVfNTpLaXxzgwKMG7z86U93e
h+CsOrFasRdGbMdpnm5zLziMm6rzTWVdO1wWG5WQPnSJ3rTXwT48ff8Cu+9G2l2Q
j5GmEb881m5hl3zu/rQkiUWJfQyj7Q+9/s9op1UUqQqhVjCluhjzdZcVdPqjU9k7
XnHtVOyXhijPll9ALa+I7GEHFZMAHAiTql1CHKs92RMSA2TynuFQTm8udQAVjNCo
jPwjDhyri+KGp7LQRZy/knCCE0Rh71ZJZOxDeyuSBhuX5my/PuN79z++jWKux9qW
/RSnu7K9tHz1Pdn2QbH5UkaFzvY7jddH
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:46:02 2025 by rpki-client