Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DFC4C73AD8E911EF8359D55F762E951A.roa
File: DFC4C73AD8E911EF8359D55F762E951A.roa (raw, json)
Hash identifier: vEcxJUalYa6ZbmtofbwhMWMrMlsFkisaLklD6bQnhCU=
Subject key identifier: 66:72:46:D5:4D:D5:35:21:D8:FA:0D:8A:DF:30:6F:FF:14:9D:36:9F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014026
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DFC4C73AD8E911EF8359D55F762E951A.roa
Signing time: Wed 22 Jan 2025 17:54:06 +0000
ROA not before: Wed 22 Jan 2025 17:54:03 +0000
ROA not after: Sat 15 Mar 2025 17:54:03 +0000
asID: 138915
IP address blocks: 154.206.56.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81958 (0x14026)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 22 17:54:03 2025 GMT
Not After : Mar 15 17:54:03 2025 GMT
Subject: CN=679130be-f083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:81:e2:45:77:14:12:99:ec:9e:44:b9:75:5f:
2b:75:f2:b2:d0:e1:63:2c:20:55:53:e0:48:3a:cd:
a8:dc:72:54:c1:85:76:3e:c9:8f:df:c3:75:48:f7:
19:dd:84:11:54:97:f2:8c:49:69:21:07:3a:77:8a:
11:c8:92:58:fc:96:57:f8:cb:54:31:c7:8c:f3:70:
c4:f6:1e:3d:0f:e7:6b:d0:8b:7e:43:b5:10:07:78:
ab:6e:e2:3d:87:d7:1f:5b:9b:60:e2:6a:a2:64:a3:
3b:85:29:7c:16:ec:c8:46:9e:8c:d9:96:51:d6:dd:
3b:e7:16:7f:7b:52:8d:83:d5:e8:4c:24:10:14:7f:
02:d4:17:33:83:b7:3f:9e:2a:1f:3b:e0:a3:ab:da:
04:78:bf:bd:c2:78:84:4d:8f:3d:f4:7b:11:2a:23:
da:38:4e:92:1b:38:52:b4:8a:a2:93:20:e0:96:80:
78:18:9a:d2:28:cb:88:ec:04:54:69:98:69:ac:b1:
53:4e:3a:12:f8:32:50:bf:a5:18:24:f1:6f:04:95:
26:10:0e:94:70:7d:5a:dd:24:45:6b:12:8a:41:20:
e5:1d:60:b3:db:bd:02:a8:f6:c0:b1:a9:49:ab:eb:
01:1e:0a:d8:a5:4e:37:63:4b:3c:9e:9f:c4:ec:4c:
a9:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:72:46:D5:4D:D5:35:21:D8:FA:0D:8A:DF:30:6F:FF:14:9D:36:9F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DFC4C73AD8E911EF8359D55F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.56.0/23
Signature Algorithm: sha256WithRSAEncryption
30:57:55:35:46:80:98:e1:32:fe:d6:86:c9:07:16:b1:c9:a1:
d3:fe:fa:2f:b8:e4:07:30:51:1e:e7:66:01:f6:93:33:60:6e:
ae:3f:b7:e2:6c:9b:1d:af:3b:1a:40:92:ed:7b:14:ef:31:54:
a7:b1:a6:29:b7:43:a4:4b:c2:e3:50:2f:ee:e2:6b:44:bb:e0:
52:d8:ab:9f:a4:b2:e1:af:40:c1:2b:dd:63:ce:61:1c:d8:fb:
af:37:3a:13:8c:03:b4:6f:bc:bd:c2:da:4d:f8:af:99:e1:56:
61:08:af:6a:61:9f:31:3b:4d:ad:f6:bc:cc:e4:8f:ae:3e:21:
20:b9:f4:24:ec:55:38:69:c4:d8:32:46:4d:24:00:8d:af:bc:
45:0b:00:f2:0d:d9:51:8d:ec:e5:89:c3:09:3b:19:76:71:f2:
c2:99:92:7d:41:e1:86:45:74:2c:3f:66:e6:4f:fd:f3:26:06:
a1:ef:63:7f:0f:57:59:18:d6:23:ff:76:0e:9e:27:36:02:ec:
b3:0d:8f:af:75:7a:05:2e:5d:55:80:2d:6f:f2:2f:11:16:9e:
c6:b6:d5:47:ea:04:50:ef:bd:8f:4b:f2:fb:1f:62:26:cc:07:
e9:a8:61:3b:f0:ae:32:86:11:4a:34:b1:fc:e1:0b:79:a8:49:
e5:50:d5:75
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUAmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIyMTc1NDAzWhcNMjUwMzE1MTc1NDAzWjAYMRYw
FAYDVQQDEw02NzkxMzBiZS1mMDgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtoHiRXcUEpnsnkS5dV8rdfKy0OFjLCBVU+BIOs2o3HJUwYV2PsmP38N1
SPcZ3YQRVJfyjElpIQc6d4oRyJJY/JZX+MtUMceM83DE9h49D+dr0It+Q7UQB3ir
buI9h9cfW5tg4mqiZKM7hSl8FuzIRp6M2ZZR1t075xZ/e1KNg9XoTCQQFH8C1Bcz
g7c/niofO+Cjq9oEeL+9wniETY899HsRKiPaOE6SGzhStIqikyDgloB4GJrSKMuI
7ARUaZhprLFTTjoS+DJQv6UYJPFvBJUmEA6UcH1a3SRFaxKKQSDlHWCz270CqPbA
salJq+sBHgrYpU43Y0s8np/E7Eyp9QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGZy
RtVN1TUh2PoNit8wb/8UnTafMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERkM0QzczQUQ4RTkxMUVGODM1OUQ1NUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms44MA0GCSqGSIb3DQEB
CwUAA4IBAQAwV1U1RoCY4TL+1obJBxaxyaHT/vovuOQHMFEe52YB9pMzYG6uP7fi
bJsdrzsaQJLtexTvMVSnsaYpt0OkS8LjUC/u4mtEu+BS2KufpLLhr0DBK91jzmEc
2PuvNzoTjAO0b7y9wtpN+K+Z4VZhCK9qYZ8xO02t9rzM5I+uPiEgufQk7FU4acTY
MkZNJACNr7xFCwDyDdlRjezlicMJOxl2cfLCmZJ9QeGGRXQsP2bmT/3zJgah72N/
D1dZGNYj/3YOnic2AuyzDY+vdXoFLl1VgC1v8i8RFp7GttVH6gRQ772PS/L7H2Im
zAfpqGE78K4yhhFKNLH84Qt5qEnlUNV1
-----END CERTIFICATE-----
Generated at Sat Apr 26 03:32:11 2025 by rpki-client