Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E4A3524CD0BC11EF8F548068762E951A.roa
File: E4A3524CD0BC11EF8F548068762E951A.roa (raw, json)
Hash identifier: WjAovQyyGJkakshEI+isxckMnfXZGTVrE1PMG6AGxIk=
Subject key identifier: 6E:6A:53:9D:FD:92:B0:A7:C1:07:90:79:F3:4E:76:6D:D5:1E:71:5A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013AB5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E4A3524CD0BC11EF8F548068762E951A.roa
Signing time: Sun 12 Jan 2025 08:11:58 +0000
ROA not before: Sun 12 Jan 2025 08:11:54 +0000
ROA not after: Fri 14 Feb 2025 08:11:54 +0000
asID: 142032
IP address blocks: 154.222.24.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80565 (0x13ab5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 12 08:11:54 2025 GMT
Not After : Feb 14 08:11:54 2025 GMT
Subject: CN=6783794e-7736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c4:cb:e0:3c:f5:33:f6:04:b2:40:db:16:78:
41:ec:31:b5:9e:7b:fc:e6:75:4d:78:0c:09:d0:32:
64:55:df:d8:0d:c7:6c:bd:2d:0b:98:91:a0:40:48:
e2:39:a0:95:d5:c7:f0:7d:0e:37:e9:a9:7b:10:d9:
52:66:ff:86:ce:02:33:47:4f:54:ac:5c:c4:08:6a:
9a:0e:65:f5:79:d2:02:6f:d7:72:bd:bb:25:2a:3c:
ab:6a:39:ec:87:77:18:50:c7:03:f3:5a:ee:5e:0c:
a3:27:23:b7:f6:bf:ea:51:4d:12:2e:22:f8:ce:22:
e6:07:09:1c:95:24:a1:49:12:cf:4f:2d:03:43:ef:
7d:92:a6:e7:f2:31:0b:33:70:c6:6a:7a:17:13:31:
35:10:9e:ac:43:6c:57:a4:d2:95:0d:fe:de:f4:ad:
bd:95:2d:f2:f8:18:d0:29:9f:62:2e:0b:94:35:e7:
e1:d8:69:cc:ec:64:c8:df:b1:4c:67:99:24:3c:90:
a6:6b:74:ab:cc:bb:15:0c:a8:99:8b:01:81:67:bb:
51:57:25:78:4b:6b:71:e6:9c:e6:97:94:b4:73:58:
f4:eb:3d:d0:f1:bf:8a:c5:b8:95:fb:c1:db:f5:9c:
dd:31:3a:2d:09:24:6f:ef:5e:55:d1:0c:59:f5:09:
4e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:6A:53:9D:FD:92:B0:A7:C1:07:90:79:F3:4E:76:6D:D5:1E:71:5A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E4A3524CD0BC11EF8F548068762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.24.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:dc:3e:ea:44:e7:11:31:2c:ef:fc:ff:a0:0c:c3:3a:19:ab:
99:f5:1d:bd:05:48:af:99:6a:78:c6:fd:bf:fe:8f:5d:28:2c:
7b:d3:ef:af:51:45:d2:f1:d9:f8:bd:e9:79:0c:fc:f8:ce:69:
e6:2d:dc:d5:3a:ce:59:6e:3c:94:46:28:36:13:41:68:a0:18:
ec:21:05:f7:e0:d9:13:44:30:83:9f:80:d4:7c:dc:8e:43:f2:
6b:3b:b4:35:b0:5d:c2:55:b4:b3:51:97:0c:28:67:a9:e9:30:
55:58:9c:cc:28:00:ae:50:41:ac:47:35:ee:98:6b:28:be:2d:
ed:1e:96:ea:d9:c2:b7:87:87:d8:44:4d:e8:9a:ff:ef:b6:7a:
4a:0e:3e:74:98:74:e6:c0:71:c5:00:5d:04:f1:c6:54:1a:a1:
59:e4:82:9e:dc:29:42:b2:a3:e3:12:de:b5:1a:a0:4b:b4:a7:
d3:99:ae:ad:fb:e4:15:41:67:3f:3a:68:e5:2c:47:d4:6c:eb:
a4:42:4c:bb:88:01:ce:cb:c0:f6:71:1e:64:1b:b1:b2:c6:cf:
fc:ec:ef:77:ce:68:7a:46:20:30:cc:0c:58:91:1a:d9:a3:eb:
af:42:32:e2:bf:f4:b3:fc:90:93:10:15:0d:62:f7:d9:bb:43:
8c:26:9d:41
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATq1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTEyMDgxMTU0WhcNMjUwMjE0MDgxMTU0WjAYMRYw
FAYDVQQDEw02NzgzNzk0ZS03NzM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx8TL4Dz1M/YEskDbFnhB7DG1nnv85nVNeAwJ0DJkVd/YDcdsvS0LmJGg
QEjiOaCV1cfwfQ436al7ENlSZv+GzgIzR09UrFzECGqaDmX1edICb9dyvbslKjyr
ajnsh3cYUMcD81ruXgyjJyO39r/qUU0SLiL4ziLmBwkclSShSRLPTy0DQ+99kqbn
8jELM3DGanoXEzE1EJ6sQ2xXpNKVDf7e9K29lS3y+BjQKZ9iLguUNefh2GnM7GTI
37FMZ5kkPJCma3SrzLsVDKiZiwGBZ7tRVyV4S2tx5pzml5S0c1j06z3Q8b+KxbiV
+8Hb9ZzdMTotCSRv715V0QxZ9QlOpwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFG5q
U539krCnwQeQefNOdm3VHnFaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNEEzNTI0Q0QwQkMxMUVGOEY1NDgwNjg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmt4YMA0GCSqGSIb3DQEB
CwUAA4IBAQCl3D7qROcRMSzv/P+gDMM6GauZ9R29BUivmWp4xv2//o9dKCx70++v
UUXS8dn4vel5DPz4zmnmLdzVOs5ZbjyURig2E0FooBjsIQX34NkTRDCDn4DUfNyO
Q/JrO7Q1sF3CVbSzUZcMKGep6TBVWJzMKACuUEGsRzXumGsovi3tHpbq2cK3h4fY
RE3omv/vtnpKDj50mHTmwHHFAF0E8cZUGqFZ5IKe3ClCsqPjEt61GqBLtKfTma6t
++QVQWc/OmjlLEfUbOukQky7iAHOy8D2cR5kG7Gyxs/87O93zmh6RiAwzAxYkRrZ
o+uvQjLiv/Sz/JCTEBUNYvfZu0OMJp1B
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:37:32 2025 by rpki-client