Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E47A8DB2DA3F11EF904E8D67762E951A.roa
File: E47A8DB2DA3F11EF904E8D67762E951A.roa (raw, json)
Hash identifier: R6iyuzmA6Q6B/zTrTgwxRlrn7/I1RoquxOOFucat7vI=
Subject key identifier: BA:1F:D1:C2:F1:B3:44:5F:4F:D1:FB:4B:EA:32:DB:6E:53:CF:C6:18
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0145AE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E47A8DB2DA3F11EF904E8D67762E951A.roa
Signing time: Fri 24 Jan 2025 10:42:22 +0000
ROA not before: Fri 24 Jan 2025 10:42:19 +0000
ROA not after: Wed 05 Mar 2025 10:42:19 +0000
asID: 202656
IP address blocks: 154.219.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83374 (0x145ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 10:42:19 2025 GMT
Not After : Mar 5 10:42:19 2025 GMT
Subject: CN=67936e8e-e5d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:82:70:2d:2f:f4:6f:51:1f:72:a7:c5:cf:ca:
20:4c:eb:dd:42:85:4f:e6:a7:50:21:fb:73:1b:23:
4e:04:12:99:2d:c4:e2:eb:5a:2b:91:9f:37:d6:c9:
cb:db:12:89:1b:b0:56:9b:1f:9e:a0:fb:3c:49:86:
bc:ac:56:77:3b:4d:2d:da:b8:5e:52:c9:2a:2a:f5:
0a:d4:15:03:f3:6e:e8:0e:00:67:44:f5:ef:68:b5:
95:71:12:b1:7b:e3:28:c9:47:63:75:d0:05:d4:8c:
29:15:7c:ba:c8:13:3c:cd:b8:74:75:bf:79:7d:47:
e1:60:24:9d:4f:e9:31:4a:79:36:90:77:ec:43:2f:
1c:58:1a:4b:b7:1b:62:7b:85:c2:d8:4f:cd:38:17:
ea:68:66:01:d3:67:b2:e2:a6:fa:10:97:a4:cc:a5:
1f:25:9b:fa:9e:5e:5a:21:17:79:df:95:a3:57:e3:
22:34:b1:32:5a:0f:53:2e:54:11:3b:0e:da:52:92:
1c:b6:85:d9:be:19:10:2c:e3:d1:3d:b9:d8:6c:b9:
34:b7:db:08:68:79:b8:11:85:42:6f:1b:90:6c:0b:
ba:46:16:7c:fa:55:e0:93:c9:8b:7d:95:89:cc:9d:
90:4f:be:d8:29:35:cc:77:be:f9:38:33:7f:0e:c4:
34:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:1F:D1:C2:F1:B3:44:5F:4F:D1:FB:4B:EA:32:DB:6E:53:CF:C6:18
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E47A8DB2DA3F11EF904E8D67762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.20.0/24
Signature Algorithm: sha256WithRSAEncryption
07:68:50:86:34:ae:10:dd:8f:34:b4:d4:e7:1b:95:a5:cc:d3:
b3:e2:fd:73:12:9a:7b:45:65:0f:be:44:36:c3:f6:ee:09:d7:
8c:84:86:73:e8:c5:1c:7e:bd:41:36:f3:e9:4f:e1:93:26:90:
a7:c1:68:bb:b9:14:b2:d6:2d:74:18:8d:df:14:0c:a5:2c:75:
f3:39:80:82:a2:1f:aa:6a:f4:09:15:e7:92:4d:d4:65:20:a2:
f8:75:98:4b:52:08:84:a4:78:8b:46:0f:f1:b9:04:f1:80:be:
73:dd:5c:d1:2e:14:e4:39:4b:5a:a0:ef:35:aa:90:f9:f8:59:
5f:9d:0f:a8:75:36:4f:f9:65:5e:76:89:e8:c9:4c:ee:14:b3:
02:b3:ee:7a:ee:1e:4d:dd:66:56:5f:5c:3f:6b:b1:b3:56:26:
3f:d7:79:d5:dc:8a:73:df:3d:27:1e:8a:9c:df:f7:8c:5e:7d:
99:87:f8:91:71:18:af:05:98:e9:e6:d9:aa:c0:2b:7d:49:45:
1e:d1:d8:2e:62:a1:6e:93:e3:8d:57:d1:57:96:18:c3:5b:ee:
8f:0f:dc:20:fc:59:5b:8e:42:d5:76:2d:4d:b3:8d:20:60:a9:
9a:d1:7a:db:ff:38:3c:a6:ff:d8:77:02:9f:da:66:97:06:e0:
1e:a2:26:22
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUWuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTA0MjE5WhcNMjUwMzA1MTA0MjE5WjAYMRYw
FAYDVQQDEw02NzkzNmU4ZS1lNWQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqIJwLS/0b1EfcqfFz8ogTOvdQoVP5qdQIftzGyNOBBKZLcTi61orkZ83
1snL2xKJG7BWmx+eoPs8SYa8rFZ3O00t2rheUskqKvUK1BUD827oDgBnRPXvaLWV
cRKxe+MoyUdjddAF1IwpFXy6yBM8zbh0db95fUfhYCSdT+kxSnk2kHfsQy8cWBpL
txtie4XC2E/NOBfqaGYB02ey4qb6EJekzKUfJZv6nl5aIRd535WjV+MiNLEyWg9T
LlQROw7aUpIctoXZvhkQLOPRPbnYbLk0t9sIaHm4EYVCbxuQbAu6RhZ8+lXgk8mL
fZWJzJ2QT77YKTXMd775ODN/DsQ0jwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLof
0cLxs0RfT9H7S+oy225Tz8YYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNDdBOERCMkRBM0YxMUVGOTA0RThENjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtsUMA0GCSqGSIb3DQEB
CwUAA4IBAQAHaFCGNK4Q3Y80tNTnG5WlzNOz4v1zEpp7RWUPvkQ2w/buCdeMhIZz
6MUcfr1BNvPpT+GTJpCnwWi7uRSy1i10GI3fFAylLHXzOYCCoh+qavQJFeeSTdRl
IKL4dZhLUgiEpHiLRg/xuQTxgL5z3VzRLhTkOUtaoO81qpD5+FlfnQ+odTZP+WVe
donoyUzuFLMCs+567h5N3WZWX1w/a7GzViY/13nV3Ipz3z0nHoqc3/eMXn2Zh/iR
cRivBZjp5tmqwCt9SUUe0dguYqFuk+ONV9FXlhjDW+6PD9wg/FlbjkLVdi1Ns40g
YKma0Xrb/zg8pv/YdwKf2maXBuAeoiYi
-----END CERTIFICATE-----
Generated at Sun Apr 27 11:57:27 2025 by rpki-client