Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EB6C2502DA4111EFA2F79574762E951A.roa
File: EB6C2502DA4111EFA2F79574762E951A.roa (raw, json)
Hash identifier: JKh4VxCyeE/7k2UitKTobIfvwAn3M3FX/sBYRIBAIj0=
Subject key identifier: 7C:18:3B:6C:0C:85:94:ED:99:0F:2D:68:F7:87:94:53:42:A3:88:A8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0145CF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EB6C2502DA4111EFA2F79574762E951A.roa
Signing time: Fri 24 Jan 2025 10:56:53 +0000
ROA not before: Fri 24 Jan 2025 10:56:49 +0000
ROA not after: Tue 11 Mar 2025 10:56:49 +0000
asID: 138915
IP address blocks: 154.95.76.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83407 (0x145cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 10:56:49 2025 GMT
Not After : Mar 11 10:56:49 2025 GMT
Subject: CN=679371f5-9183
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:60:ce:74:5b:56:34:d4:e3:b1:c5:21:b0:93:
d5:ae:ee:6d:d2:9f:ee:ec:84:42:49:ec:5a:32:b4:
3e:59:be:82:6e:ea:60:04:90:18:b2:a3:05:07:6f:
d0:ba:65:81:90:63:44:0d:a6:13:fa:98:bf:9f:23:
1e:51:b9:8f:c4:aa:06:0d:54:73:fe:16:30:c9:bd:
7c:1e:ed:e9:83:ea:f7:10:c6:bc:5b:eb:b8:92:d9:
1e:51:44:d6:89:fc:aa:e8:15:54:70:fb:24:a3:dd:
e5:cf:2e:5e:0a:6c:d6:7c:63:e6:be:0c:a6:db:39:
dc:4f:55:54:a0:6a:62:42:c0:c2:e0:d0:62:13:18:
8c:c7:f8:23:d0:2a:1b:0b:d1:51:14:61:7e:f0:69:
da:10:a8:49:11:09:2e:e4:04:72:d7:cc:bb:37:2f:
b1:fe:49:b1:ed:83:13:9d:f5:c3:b6:b3:19:bc:64:
e4:6e:93:d4:e3:85:6d:12:ce:b9:f6:87:c2:cf:d6:
ea:6e:d9:1f:45:1c:7f:22:14:c4:de:5b:86:e9:7b:
7a:48:6c:dc:bf:a9:f9:2d:7e:f5:f2:fb:be:89:a8:
7d:1c:16:e5:99:91:d6:12:8c:37:a6:62:3b:4c:1d:
56:2d:05:9d:d1:bd:d9:d7:f0:c5:c9:ea:8a:2f:58:
b9:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:18:3B:6C:0C:85:94:ED:99:0F:2D:68:F7:87:94:53:42:A3:88:A8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EB6C2502DA4111EFA2F79574762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.76.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:14:7a:df:55:e1:7d:f4:61:c0:c0:f7:17:c5:f0:74:1a:bc:
c1:0a:e1:a4:4c:f2:5c:ab:1e:34:72:1c:13:cc:c0:69:7b:75:
59:ab:83:7c:c5:f4:89:80:68:54:48:6d:56:a2:95:2d:b7:ca:
25:5a:04:9a:57:c4:73:86:6e:64:6a:8f:81:ac:3e:22:a0:ac:
8e:54:3e:a0:4c:fd:c5:72:6d:e4:17:55:49:e7:8c:ec:a0:75:
d2:14:98:47:0a:22:fa:24:61:ff:da:8b:22:c0:c1:e5:1b:9c:
9a:7a:f8:12:18:a9:ad:53:58:98:3f:0d:83:96:cd:8c:df:10:
e8:44:49:d5:fa:e7:17:1d:a6:46:f1:0d:31:e2:36:15:99:ce:
4f:be:dd:e5:25:de:29:88:8b:78:76:ec:a1:9a:ca:43:eb:d8:
3e:a0:56:29:9f:59:33:5d:ca:a7:93:63:15:b2:f6:c4:9b:40:
c1:62:b4:16:ab:c1:f8:fc:ab:aa:56:ed:59:bf:78:f3:0a:7b:
4d:13:18:82:45:4b:29:a8:1b:b5:9f:e7:1c:48:74:ac:54:a7:
b1:8a:62:df:89:af:43:da:84:c4:8b:dd:39:93:2e:57:ba:c7:
19:21:81:a6:4f:bf:10:b3:81:17:20:1f:7b:f9:cd:e5:ed:2f:
c4:4b:7f:0b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUXPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTA1NjQ5WhcNMjUwMzExMTA1NjQ5WjAYMRYw
FAYDVQQDEw02NzkzNzFmNS05MTgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs2DOdFtWNNTjscUhsJPVru5t0p/u7IRCSexaMrQ+Wb6CbupgBJAYsqMF
B2/QumWBkGNEDaYT+pi/nyMeUbmPxKoGDVRz/hYwyb18Hu3pg+r3EMa8W+u4ktke
UUTWifyq6BVUcPsko93lzy5eCmzWfGPmvgym2zncT1VUoGpiQsDC4NBiExiMx/gj
0CobC9FRFGF+8GnaEKhJEQku5ARy18y7Ny+x/kmx7YMTnfXDtrMZvGTkbpPU44Vt
Es659ofCz9bqbtkfRRx/IhTE3luG6Xt6SGzcv6n5LX718vu+iah9HBblmZHWEow3
pmI7TB1WLQWd0b3Z1/DFyeqKL1i5ZwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHwY
O2wMhZTtmQ8taPeHlFNCo4ioMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FQjZDMjUwMkRBNDExMUVGQTJGNzk1NzQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml9MMA0GCSqGSIb3DQEB
CwUAA4IBAQA7FHrfVeF99GHAwPcXxfB0GrzBCuGkTPJcqx40chwTzMBpe3VZq4N8
xfSJgGhUSG1WopUtt8olWgSaV8Rzhm5kao+BrD4ioKyOVD6gTP3Fcm3kF1VJ54zs
oHXSFJhHCiL6JGH/2osiwMHlG5yaevgSGKmtU1iYPw2Dls2M3xDoREnV+ucXHaZG
8Q0x4jYVmc5Pvt3lJd4piIt4duyhmspD69g+oFYpn1kzXcqnk2MVsvbEm0DBYrQW
q8H4/KuqVu1Zv3jzCntNExiCRUspqBu1n+ccSHSsVKeximLfia9D2oTEi905ky5X
uscZIYGmT78Qs4EXIB97+c3l7S/ES38L
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:00:39 2025 by rpki-client