Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ED45EA4EDCC011EFA4D7674B762E951A.roa
File: ED45EA4EDCC011EFA4D7674B762E951A.roa (raw, json)
Hash identifier: cwreI7j48eYPBBlLMDYJbRnSi685rdBnSsdmoas/99k=
Subject key identifier: A5:51:59:97:32:76:71:10:6F:22:DC:41:D3:68:42:73:2E:3E:69:0A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014C33
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ED45EA4EDCC011EFA4D7674B762E951A.roa
Signing time: Mon 27 Jan 2025 15:11:04 +0000
ROA not before: Mon 27 Jan 2025 15:11:01 +0000
ROA not after: Sun 09 Feb 2025 15:11:01 +0000
asID: 5065
IP address blocks: 154.86.105.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85043 (0x14c33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 27 15:11:01 2025 GMT
Not After : Feb 9 15:11:01 2025 GMT
Subject: CN=6797a208-c2b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:67:39:da:ec:61:d1:fb:b0:dd:a6:3c:ec:5f:
da:7c:b2:4b:9e:a8:d3:ff:c2:e3:fd:9d:c8:ee:7c:
b3:8b:ae:b5:5e:9b:d2:18:01:72:24:88:05:2b:d1:
e8:30:28:94:32:f8:59:65:78:95:f2:39:ef:0c:99:
24:a8:e2:96:46:68:35:6f:1a:08:6b:13:33:0e:a4:
5d:86:62:bb:17:99:f7:7c:6e:ba:77:ff:c8:7d:48:
d7:af:8a:c6:82:df:d5:f7:c1:69:a9:62:ac:c3:bd:
ec:43:ff:50:e6:c8:ea:cc:94:c0:b7:f5:4d:fa:3d:
20:22:7b:29:05:d0:76:71:e4:af:51:dc:21:56:2e:
dd:f5:a5:b4:bc:5a:51:2b:35:0d:d3:4f:87:42:09:
a1:34:fe:5a:21:22:b0:ef:de:3b:6e:26:5f:99:40:
e0:41:36:97:a9:8f:01:1b:89:65:69:51:51:5b:d2:
54:44:57:e1:b2:d1:53:37:ab:e1:ec:cc:bc:99:d3:
60:99:e5:17:bc:42:89:cc:76:31:ec:70:0e:70:c3:
21:42:88:36:c8:3a:f3:5a:ad:e8:38:ca:fd:6a:59:
52:cb:28:68:ed:19:3d:17:b7:ee:ca:25:a0:3e:09:
34:ab:bf:13:a6:1c:ca:80:3f:ab:cf:97:0b:6b:be:
03:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:51:59:97:32:76:71:10:6F:22:DC:41:D3:68:42:73:2E:3E:69:0A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ED45EA4EDCC011EFA4D7674B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.105.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:9d:8f:79:db:97:93:02:2a:2a:62:08:82:a3:07:1c:b6:1f:
3d:c1:c0:05:ab:8c:6d:e1:bb:3b:35:e3:38:d3:d3:a8:05:85:
8b:70:ca:83:6a:51:5a:dc:36:ee:50:24:70:d9:80:eb:ee:b8:
29:18:94:3c:6f:c9:3b:ad:a1:1b:0e:43:78:7c:1b:89:ba:23:
ec:a2:9d:44:e5:c2:50:57:15:38:36:2b:9a:dc:9f:5f:8d:86:
aa:bf:22:39:90:ac:b1:c5:11:d3:3a:0c:14:02:ce:5b:7a:80:
6f:8b:f7:69:42:19:4a:43:e7:71:9e:c8:2b:02:74:89:df:7d:
e5:ed:a8:f1:55:d1:c5:58:19:fe:ce:ad:64:27:77:28:4b:1b:
39:a7:ee:1d:2c:b7:a3:a5:84:60:9a:75:95:c5:94:1e:88:ad:
f9:f5:34:08:e3:54:41:7a:83:91:51:44:5b:7e:4d:d8:32:26:
2e:6d:88:94:4d:da:00:4d:b0:7f:ca:88:0f:22:10:5e:e2:2d:
3e:c3:0c:13:14:9d:ff:e6:6f:7b:fb:89:e6:5f:63:c7:bf:a9:
95:25:2e:2f:84:7b:1d:77:91:c2:fd:fc:2d:d8:07:41:34:64:
40:48:ab:e9:5c:31:55:7f:db:78:f6:e0:4e:ae:60:28:3c:c8:
f0:a7:44:93
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUwzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI3MTUxMTAxWhcNMjUwMjA5MTUxMTAxWjAYMRYw
FAYDVQQDEw02Nzk3YTIwOC1jMmI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtWc52uxh0fuw3aY87F/afLJLnqjT/8Lj/Z3I7nyzi661XpvSGAFyJIgF
K9HoMCiUMvhZZXiV8jnvDJkkqOKWRmg1bxoIaxMzDqRdhmK7F5n3fG66d//IfUjX
r4rGgt/V98FpqWKsw73sQ/9Q5sjqzJTAt/VN+j0gInspBdB2ceSvUdwhVi7d9aW0
vFpRKzUN00+HQgmhNP5aISKw7947biZfmUDgQTaXqY8BG4llaVFRW9JURFfhstFT
N6vh7My8mdNgmeUXvEKJzHYx7HAOcMMhQog2yDrzWq3oOMr9allSyyho7Rk9F7fu
yiWgPgk0q78TphzKgD+rz5cLa74DCwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKVR
WZcydnEQbyLcQdNoQnMuPmkKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRDQ1RUE0RURDQzAxMUVGQTRENzY3NEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlZpMA0GCSqGSIb3DQEB
CwUAA4IBAQB8nY9525eTAioqYgiCowccth89wcAFq4xt4bs7NeM409OoBYWLcMqD
alFa3DbuUCRw2YDr7rgpGJQ8b8k7raEbDkN4fBuJuiPsop1E5cJQVxU4Niua3J9f
jYaqvyI5kKyxxRHTOgwUAs5beoBvi/dpQhlKQ+dxnsgrAnSJ333l7ajxVdHFWBn+
zq1kJ3coSxs5p+4dLLejpYRgmnWVxZQeiK359TQI41RBeoORUURbfk3YMiYubYiU
TdoATbB/yogPIhBe4i0+wwwTFJ3/5m97+4nmX2PHv6mVJS4vhHsdd5HC/fwt2AdB
NGRASKvpXDFVf9t49uBOrmAoPMjwp0ST
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:23:51 2025 by rpki-client