Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E8025C28D72C11EF86CB5471762E951A.roa
File: E8025C28D72C11EF86CB5471762E951A.roa (raw, json)
Hash identifier: Wkfjei3poF79PHWHkAn3EqW7x1+Z8HzzQAg30HIQYsE=
Subject key identifier: A7:D0:83:FD:33:2F:82:96:2B:92:2E:57:D1:AB:A6:D0:70:2D:C0:70
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013E30
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E8025C28D72C11EF86CB5471762E951A.roa
Signing time: Mon 20 Jan 2025 12:48:54 +0000
ROA not before: Mon 20 Jan 2025 12:48:51 +0000
ROA not after: Sat 01 Feb 2025 12:48:51 +0000
asID: 6079
IP address blocks: 154.202.138.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81456 (0x13e30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 20 12:48:51 2025 GMT
Not After : Feb 1 12:48:51 2025 GMT
Subject: CN=678e4636-bd67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:4e:3d:7c:af:b5:74:82:fd:7a:fa:91:41:64:
bd:70:06:a7:1a:14:c8:4c:ae:44:1c:30:a1:e0:46:
5f:d2:56:d9:1c:e7:81:4b:4d:14:9a:38:44:e9:e8:
c7:fc:fa:e1:74:8e:4f:b5:77:23:a5:17:6e:8e:d7:
71:4d:3c:b2:72:17:a0:3f:3f:3e:e1:a5:fb:28:29:
de:51:bc:37:0f:f6:3a:08:50:19:32:c4:81:4f:4d:
de:4e:09:ea:01:8d:15:a0:e1:70:b9:12:f0:2a:9e:
06:ea:be:b6:09:1e:81:3d:cb:60:51:3c:f0:1a:e9:
11:8e:5e:75:5a:3a:bd:95:2f:69:2e:4c:cf:be:17:
50:fc:12:81:f1:49:62:3a:f0:0d:be:f8:b2:08:3e:
fa:e6:00:2e:71:69:b3:31:92:3c:39:dc:2d:49:32:
f9:4f:70:31:e2:3b:78:47:67:b6:af:e3:2a:88:3b:
64:1b:81:2d:a4:5a:db:21:d9:65:c3:1d:f2:f9:2b:
d5:54:d5:a1:f9:d1:74:4f:b7:20:2a:a4:cb:a0:c4:
54:25:11:ce:83:9b:dc:5b:5b:5f:d1:44:a4:ad:3a:
33:74:fb:13:81:ec:1b:29:ee:bb:41:2e:e7:02:90:
46:af:11:da:6b:40:56:40:51:39:27:13:df:66:30:
ae:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:D0:83:FD:33:2F:82:96:2B:92:2E:57:D1:AB:A6:D0:70:2D:C0:70
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E8025C28D72C11EF86CB5471762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.138.0/23
Signature Algorithm: sha256WithRSAEncryption
04:ef:97:95:c0:18:2d:e6:51:75:c1:c4:03:20:30:aa:19:a6:
97:16:c8:4b:bd:55:a3:1f:a2:e5:e3:db:e8:6b:1e:89:1f:ab:
f8:6c:9b:58:f5:3c:5b:ed:f3:55:08:79:7e:73:26:5d:1b:36:
89:33:3b:e3:e4:89:54:7e:60:bb:10:ae:ff:83:5b:15:ca:2e:
d6:90:5d:73:11:ef:85:bb:5a:0c:b4:7f:00:ea:d0:7f:a3:92:
96:f0:4a:ca:43:85:a2:1a:de:6f:97:a2:f2:d2:63:de:07:91:
d5:72:d6:61:ee:66:67:c1:bf:e7:e9:40:d4:42:7a:9d:12:6f:
a8:0c:93:e5:69:ae:e4:da:0b:33:6d:1c:a4:da:2e:86:b5:47:
d4:d5:41:9f:3c:c5:4b:41:25:1d:84:36:49:ed:21:b4:b5:e1:
b8:e3:8e:85:28:fd:96:3a:dd:8c:57:87:90:84:1b:59:d0:1e:
82:e1:f5:e8:66:73:55:ff:e2:56:0b:72:43:8f:31:c6:4d:46:
97:c0:9a:fe:39:2c:cc:a3:8a:12:02:5e:f2:74:9e:c4:6a:eb:
05:c3:9c:01:4d:4d:f5:a2:95:99:56:93:a6:22:28:1f:8f:65:
f2:1f:69:9b:26:39:aa:60:fb:41:a1:1e:8e:d0:6d:e0:b6:99:
c9:65:4d:91
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT4wMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIwMTI0ODUxWhcNMjUwMjAxMTI0ODUxWjAYMRYw
FAYDVQQDEw02NzhlNDYzNi1iZDY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6E49fK+1dIL9evqRQWS9cAanGhTITK5EHDCh4EZf0lbZHOeBS00UmjhE
6ejH/PrhdI5PtXcjpRdujtdxTTyychegPz8+4aX7KCneUbw3D/Y6CFAZMsSBT03e
TgnqAY0VoOFwuRLwKp4G6r62CR6BPctgUTzwGukRjl51Wjq9lS9pLkzPvhdQ/BKB
8UliOvANvviyCD765gAucWmzMZI8OdwtSTL5T3Ax4jt4R2e2r+MqiDtkG4EtpFrb
Idllwx3y+SvVVNWh+dF0T7cgKqTLoMRUJRHOg5vcW1tf0USkrTozdPsTgewbKe67
QS7nApBGrxHaa0BWQFE5JxPfZjCu3wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKfQ
g/0zL4KWK5IuV9GrptBwLcBwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FODAyNUMyOEQ3MkMxMUVGODZDQjU0NzE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsqKMA0GCSqGSIb3DQEB
CwUAA4IBAQAE75eVwBgt5lF1wcQDIDCqGaaXFshLvVWjH6Ll49voax6JH6v4bJtY
9Txb7fNVCHl+cyZdGzaJMzvj5IlUfmC7EK7/g1sVyi7WkF1zEe+Fu1oMtH8A6tB/
o5KW8ErKQ4WiGt5vl6Ly0mPeB5HVctZh7mZnwb/n6UDUQnqdEm+oDJPlaa7k2gsz
bRyk2i6GtUfU1UGfPMVLQSUdhDZJ7SG0teG4446FKP2WOt2MV4eQhBtZ0B6C4fXo
ZnNV/+JWC3JDjzHGTUaXwJr+OSzMo4oSAl7ydJ7EausFw5wBTU31opWZVpOmIigf
j2XyH2mbJjmqYPtBoR6O0G3gtpnJZU2R
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:12:27 2025 by rpki-client