Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9669952DFEE11EF9EDC15BE762E951A.roa
File: D9669952DFEE11EF9EDC15BE762E951A.roa (raw, json)
Hash identifier: o3cp8kaFyaVbRSAanDc7KKszdW4FKwCIz4p87NbszcI=
Subject key identifier: 2B:42:C7:3E:57:4F:E6:A3:93:B5:7C:CA:DA:58:FC:27:F0:EE:B9:B0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014E17
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9669952DFEE11EF9EDC15BE762E951A.roa
Signing time: Fri 31 Jan 2025 16:17:21 +0000
ROA not before: Fri 31 Jan 2025 16:17:18 +0000
ROA not after: Thu 27 Feb 2025 16:17:18 +0000
asID: 141883
IP address blocks: 154.214.32.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85527 (0x14e17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 31 16:17:18 2025 GMT
Not After : Feb 27 16:17:18 2025 GMT
Subject: CN=679cf791-cddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:78:f1:36:36:43:d4:a7:ed:62:38:fc:2f:43:
45:4a:62:42:e0:bb:fc:70:6b:14:41:51:11:30:55:
a5:d1:ae:4b:e6:0d:d3:61:a2:ca:d0:74:fd:11:ac:
05:fd:a9:e4:44:e1:86:3b:6f:05:64:51:cb:cf:0f:
8e:ce:a6:63:9f:d1:9e:46:2b:35:c3:9f:e9:0a:10:
f6:20:e6:1c:2b:96:16:ca:aa:0f:68:71:b7:30:94:
63:e5:55:50:7f:11:d9:3f:3e:35:b4:31:d0:32:04:
67:dc:85:f9:2f:6c:1e:0a:0f:ba:e5:34:88:76:9d:
4d:60:88:54:1f:5a:2b:71:6c:c4:ba:a0:39:ce:6b:
bc:92:48:e9:19:24:b0:46:a3:72:5a:55:b9:e0:12:
b0:7e:aa:11:e6:36:4f:6f:b9:43:c3:15:bd:02:95:
70:82:9b:56:c7:18:5a:58:21:fe:c6:55:93:55:3f:
42:79:e3:01:6d:5a:e7:ae:33:b5:63:a2:f6:e5:c7:
9a:96:72:bd:13:c2:b2:71:72:04:d5:fe:4a:6c:7f:
fc:fa:95:22:1c:80:88:cd:d1:8c:d2:55:71:22:67:
10:cd:83:c0:15:9a:a1:d5:65:0e:f8:bb:d0:f6:92:
58:22:bf:be:db:5f:16:e2:fa:0b:4a:5c:75:29:c0:
2e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:42:C7:3E:57:4F:E6:A3:93:B5:7C:CA:DA:58:FC:27:F0:EE:B9:B0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9669952DFEE11EF9EDC15BE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.32.0/19
Signature Algorithm: sha256WithRSAEncryption
88:7d:b7:90:27:70:ce:fd:96:f4:82:9a:47:87:c1:79:d8:bb:
68:4b:8e:d8:2d:e1:ed:dc:8b:71:6d:e3:f6:2f:46:0c:1c:16:
b1:52:28:ac:ca:fc:b1:6e:41:f0:e8:78:1b:e2:f0:92:79:24:
d1:af:e3:eb:da:5e:f8:ac:0d:49:4e:05:b4:45:7c:ca:24:8b:
54:c6:84:04:91:f7:53:90:b1:a5:ec:dc:50:25:54:65:fc:4e:
bb:8b:ec:53:29:33:ce:a2:21:37:70:65:52:e8:7c:5d:62:ab:
67:88:73:c6:36:99:1b:f8:6e:7b:09:15:5e:3b:fe:08:e4:5d:
3e:14:61:fc:39:96:4b:a0:c7:93:a6:2e:35:52:0b:74:7d:7a:
8b:bb:5e:46:0a:75:f5:65:8f:00:c3:01:e9:10:49:5f:c6:c6:
f8:60:c7:7a:fb:33:ee:5b:f2:cf:5c:11:d0:d1:8e:4e:18:c8:
03:90:86:d7:34:82:9c:ba:bd:31:38:b3:8a:7c:00:09:85:0d:
f8:39:22:6e:e6:90:59:d9:92:35:8c:3f:f2:08:69:48:82:a7:
93:cf:80:6f:f1:3c:12:2f:c9:a8:9f:da:26:41:9f:81:1b:23:
2e:d3:4c:8c:3e:2a:36:7f:11:6e:ba:99:6c:fe:e5:6d:b6:c9:
44:28:30:64
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAU4XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTMxMTYxNzE4WhcNMjUwMjI3MTYxNzE4WjAYMRYw
FAYDVQQDEw02NzljZjc5MS1jZGRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq3jxNjZD1KftYjj8L0NFSmJC4Lv8cGsUQVERMFWl0a5L5g3TYaLK0HT9
EawF/ankROGGO28FZFHLzw+OzqZjn9GeRis1w5/pChD2IOYcK5YWyqoPaHG3MJRj
5VVQfxHZPz41tDHQMgRn3IX5L2weCg+65TSIdp1NYIhUH1orcWzEuqA5zmu8kkjp
GSSwRqNyWlW54BKwfqoR5jZPb7lDwxW9ApVwgptWxxhaWCH+xlWTVT9CeeMBbVrn
rjO1Y6L25cealnK9E8KycXIE1f5KbH/8+pUiHICIzdGM0lVxImcQzYPAFZqh1WUO
+LvQ9pJYIr++218W4voLSlx1KcAu+wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCtC
xz5XT+ajk7V8ytpY/Cfw7rmwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOTY2OTk1MkRGRUUxMUVGOUVEQzE1QkU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmtYgMA0GCSqGSIb3DQEB
CwUAA4IBAQCIfbeQJ3DO/Zb0gppHh8F52LtoS47YLeHt3ItxbeP2L0YMHBaxUiis
yvyxbkHw6Hgb4vCSeSTRr+Pr2l74rA1JTgW0RXzKJItUxoQEkfdTkLGl7NxQJVRl
/E67i+xTKTPOoiE3cGVS6HxdYqtniHPGNpkb+G57CRVeO/4I5F0+FGH8OZZLoMeT
pi41Ugt0fXqLu15GCnX1ZY8AwwHpEElfxsb4YMd6+zPuW/LPXBHQ0Y5OGMgDkIbX
NIKcur0xOLOKfAAJhQ34OSJu5pBZ2ZI1jD/yCGlIgqeTz4Bv8TwSL8mon9omQZ+B
GyMu00yMPio2fxFuupls/uVttslEKDBk
-----END CERTIFICATE-----
Generated at Sun Apr 27 09:47:49 2025 by rpki-client