Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD0F1F22D73111EFAEB07990762E951A.roa
File: DD0F1F22D73111EFAEB07990762E951A.roa (raw, json)
Hash identifier: /nzVHxld9eHEo0wirh0kl3Kg10UlyqMcgdulos3vLfI=
Subject key identifier: 94:F7:7F:E6:4E:DE:02:5E:22:8D:AA:1F:AB:A6:F3:10:9D:34:9A:B7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013E46
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD0F1F22D73111EFAEB07990762E951A.roa
Signing time: Mon 20 Jan 2025 13:24:23 +0000
ROA not before: Mon 20 Jan 2025 13:24:20 +0000
ROA not after: Wed 05 Feb 2025 13:24:20 +0000
asID: 135097
IP address blocks: 154.91.8.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81478 (0x13e46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 20 13:24:20 2025 GMT
Not After : Feb 5 13:24:20 2025 GMT
Subject: CN=678e4e87-d5e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ef:34:d3:a0:56:68:81:b7:62:df:34:88:80:
dd:c8:4d:81:cc:d9:47:b3:c8:86:ce:05:65:04:fe:
40:56:07:4f:7f:13:bd:c6:6a:96:d1:b0:3a:b7:a6:
1c:8d:71:78:99:b5:c0:af:63:22:6d:e6:58:cc:60:
d9:c3:0c:3e:9d:91:44:73:75:28:00:07:4a:d9:1c:
b5:59:20:47:fa:64:33:c2:db:8f:9d:1f:ef:b9:4d:
2a:7c:67:14:19:aa:94:38:55:b3:94:1e:ed:16:a2:
df:12:b3:bd:fb:8c:cd:cf:17:a4:d3:be:e7:50:28:
eb:5c:5b:ad:a2:74:1f:35:f8:b3:f7:a0:a7:b3:90:
62:46:cf:b1:4c:ca:a8:59:49:d4:fe:9e:70:97:2a:
1e:e6:e7:d1:7e:7c:c6:ba:8a:49:5b:0e:a5:18:14:
10:d1:89:26:6d:5d:c6:45:8c:da:27:d2:2e:b3:63:
38:e5:c6:e7:5c:b1:30:74:99:da:69:62:39:24:8b:
55:29:11:06:1e:a7:9b:6e:b9:86:a7:27:d3:e9:fb:
78:cd:fe:85:62:50:08:d8:db:9b:92:4e:8a:8c:3c:
88:cf:9b:31:d6:62:da:3c:98:c8:fe:d8:75:2c:61:
05:81:a5:11:70:d5:8f:55:88:bb:d4:ee:24:02:fe:
2d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:F7:7F:E6:4E:DE:02:5E:22:8D:AA:1F:AB:A6:F3:10:9D:34:9A:B7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD0F1F22D73111EFAEB07990762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.8.0/21
Signature Algorithm: sha256WithRSAEncryption
64:7b:81:20:cd:e6:f5:b4:1c:d1:c2:5b:4e:71:d5:98:e8:88:
1c:01:c9:1d:06:60:e6:7d:5d:9f:cd:91:04:cc:46:da:5c:81:
24:2f:db:67:ef:e7:15:5e:42:bd:05:8d:e1:e9:4c:46:4e:b3:
ba:0a:f2:19:f6:48:50:46:e4:6c:b9:7a:f8:cf:77:8d:dc:a5:
25:a4:cc:ae:e7:a4:4b:1f:32:5c:d9:cb:cf:3f:2c:ff:95:20:
dc:77:90:a8:ec:85:b0:43:c6:80:a5:b5:c5:76:4c:c0:50:37:
47:e9:7e:82:26:43:d9:61:f2:f8:49:1b:88:60:a9:84:ba:67:
a3:66:87:15:7f:ab:d2:5a:75:cf:89:b6:69:b6:d5:13:3d:8c:
6e:ec:d2:4d:f5:67:c1:33:c1:d0:d8:0b:5c:11:c8:aa:0e:9e:
9e:22:12:fd:c5:34:68:20:46:d6:c7:db:9a:90:a8:b0:59:1b:
59:c2:d7:95:75:37:d2:7a:c3:72:e7:79:c1:50:32:68:2f:a0:
8d:d5:00:2c:a9:2e:13:93:c7:aa:db:92:c2:2c:50:93:86:9f:
02:a5:1e:57:47:af:4e:1b:ce:be:96:74:a3:5c:63:68:66:30:
a6:32:78:52:23:76:2f:4e:07:28:bf:7b:38:97:08:13:45:fd:
9d:13:73:44
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT5GMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIwMTMyNDIwWhcNMjUwMjA1MTMyNDIwWjAYMRYw
FAYDVQQDEw02NzhlNGU4Ny1kNWU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAte8006BWaIG3Yt80iIDdyE2BzNlHs8iGzgVlBP5AVgdPfxO9xmqW0bA6
t6YcjXF4mbXAr2MibeZYzGDZwww+nZFEc3UoAAdK2Ry1WSBH+mQzwtuPnR/vuU0q
fGcUGaqUOFWzlB7tFqLfErO9+4zNzxek077nUCjrXFutonQfNfiz96Cns5BiRs+x
TMqoWUnU/p5wlyoe5ufRfnzGuopJWw6lGBQQ0YkmbV3GRYzaJ9Ius2M45cbnXLEw
dJnaaWI5JItVKREGHqebbrmGpyfT6ft4zf6FYlAI2Nubkk6KjDyIz5sx1mLaPJjI
/th1LGEFgaURcNWPVYi71O4kAv4tsQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJT3
f+ZO3gJeIo2qH6um8xCdNJq3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERDBGMUYyMkQ3MzExMUVGQUVCMDc5OTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmlsIMA0GCSqGSIb3DQEB
CwUAA4IBAQBke4Egzeb1tBzRwltOcdWY6IgcAckdBmDmfV2fzZEEzEbaXIEkL9tn
7+cVXkK9BY3h6UxGTrO6CvIZ9khQRuRsuXr4z3eN3KUlpMyu56RLHzJc2cvPPyz/
lSDcd5Co7IWwQ8aApbXFdkzAUDdH6X6CJkPZYfL4SRuIYKmEumejZocVf6vSWnXP
ibZpttUTPYxu7NJN9WfBM8HQ2AtcEciqDp6eIhL9xTRoIEbWx9uakKiwWRtZwteV
dTfSesNy53nBUDJoL6CN1QAsqS4Tk8eq25LCLFCThp8CpR5XR69OG86+lnSjXGNo
ZjCmMnhSI3YvTgcov3s4lwgTRf2dE3NE
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:45:33 2025 by rpki-client