Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EDAFFB5ECAD811EFB8D0E676762E951A.roa
File: EDAFFB5ECAD811EFB8D0E676762E951A.roa (raw, json)
Hash identifier: QDfJ56eLhLXwD5gsMWQKv3ffonjgjtedKMLU4Ie/7n8=
Subject key identifier: 4E:7F:7E:9B:AD:F1:ED:6F:5A:D8:6F:4A:FC:93:C5:69:64:AC:F3:B8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01353D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EDAFFB5ECAD811EFB8D0E676762E951A.roa
Signing time: Sat 04 Jan 2025 20:17:32 +0000
ROA not before: Sun 05 Jan 2025 20:17:28 +0000
ROA not after: Sat 08 Feb 2025 20:17:28 +0000
asID: 203020
IP address blocks: 154.217.156.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79165 (0x1353d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 5 20:17:28 2025 GMT
Not After : Feb 8 20:17:28 2025 GMT
Subject: CN=6779975c-eb3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:56:91:39:de:a9:39:f0:d9:e4:a1:f3:77:7c:
11:d6:9d:83:8d:40:95:71:b4:00:ab:1f:13:f2:bb:
3d:5b:f6:31:ab:47:38:d3:ed:e2:35:e6:56:1c:71:
ae:8d:92:fa:3b:a0:d0:18:c6:6e:8e:63:1b:3f:bd:
0c:41:74:24:e5:74:74:bd:f8:51:ba:82:09:d2:a0:
62:b0:4e:2d:8c:1b:64:ce:42:e4:49:f1:c2:ad:6e:
ee:c8:70:d5:3d:cf:59:da:de:ae:91:4c:fa:20:d1:
de:b1:34:0d:a4:ab:99:40:b5:1f:a8:ee:7b:c2:6e:
ed:69:01:cb:04:61:77:a8:d9:35:cc:0c:45:2d:56:
f2:bf:df:8e:90:e8:b4:99:32:ef:9c:66:3f:83:aa:
15:9f:c6:8d:7d:8a:0c:f2:32:6f:95:36:c1:d4:51:
0d:ad:38:16:79:23:20:65:45:0a:20:44:79:70:4d:
8c:d6:56:45:8d:d0:31:a1:2f:29:46:a3:29:95:91:
7d:b6:af:16:67:62:10:2b:9b:fd:e6:f7:e9:d9:f1:
00:ae:45:95:14:98:f6:54:72:98:8c:05:62:47:73:
73:ac:51:3e:b6:6f:2a:b2:bc:17:e6:32:00:c3:32:
18:9c:5a:59:29:94:99:d7:33:bc:76:3d:21:67:f8:
a4:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:7F:7E:9B:AD:F1:ED:6F:5A:D8:6F:4A:FC:93:C5:69:64:AC:F3:B8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EDAFFB5ECAD811EFB8D0E676762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.156.0/23
Signature Algorithm: sha256WithRSAEncryption
57:f0:e3:f4:0c:22:90:e2:07:b6:e8:b6:88:1c:91:2d:18:55:
64:4a:24:a9:d6:bf:47:f9:86:4c:01:e4:8b:d2:66:5c:91:81:
d0:47:e5:59:2d:11:cc:be:b3:ea:ee:e4:5f:34:c5:4b:ea:8d:
36:ae:6f:fc:11:d5:da:b9:a9:85:d5:62:c7:e6:6f:fe:e5:78:
ce:af:24:5c:18:ce:84:2b:ce:27:be:c1:fc:33:f3:f3:4c:20:
29:5b:92:53:cb:09:b3:25:34:c2:34:d7:4e:8e:f2:9e:f8:4d:
15:a9:ee:46:2d:92:9c:bb:ed:8f:2c:55:93:da:9c:a6:19:20:
30:7d:67:ff:20:60:df:d9:1a:5f:04:f9:c3:aa:72:75:84:f8:
6e:87:ab:96:f4:39:ba:a2:67:47:e8:81:3b:6b:b2:a0:3c:fd:
97:54:6b:de:99:25:3f:f3:8a:73:f8:6f:6c:4b:94:49:0d:00:
ee:c5:21:aa:e2:ab:c4:a0:a5:13:fd:b0:00:1a:70:c9:a1:31:
4d:64:b7:4d:66:29:84:83:e8:e4:33:8f:ce:79:e8:34:12:0c:
3d:02:7c:96:b1:07:99:3f:2b:fe:f1:b1:7a:34:c1:d3:9a:15:
52:aa:54:f9:a6:9d:45:c3:a3:27:62:2e:fd:60:03:82:54:9a:
f9:6a:4a:cd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATU9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA1MjAxNzI4WhcNMjUwMjA4MjAxNzI4WjAYMRYw
FAYDVQQDEw02Nzc5OTc1Yy1lYjNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2laROd6pOfDZ5KHzd3wR1p2DjUCVcbQAqx8T8rs9W/Yxq0c40+3iNeZW
HHGujZL6O6DQGMZujmMbP70MQXQk5XR0vfhRuoIJ0qBisE4tjBtkzkLkSfHCrW7u
yHDVPc9Z2t6ukUz6INHesTQNpKuZQLUfqO57wm7taQHLBGF3qNk1zAxFLVbyv9+O
kOi0mTLvnGY/g6oVn8aNfYoM8jJvlTbB1FENrTgWeSMgZUUKIER5cE2M1lZFjdAx
oS8pRqMplZF9tq8WZ2IQK5v95vfp2fEArkWVFJj2VHKYjAViR3NzrFE+tm8qsrwX
5jIAwzIYnFpZKZSZ1zO8dj0hZ/ik4QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE5/
fput8e1vWthvSvyTxWlkrPO4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FREFGRkI1RUNBRDgxMUVGQjhEMEU2NzY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtmcMA0GCSqGSIb3DQEB
CwUAA4IBAQBX8OP0DCKQ4ge26LaIHJEtGFVkSiSp1r9H+YZMAeSL0mZckYHQR+VZ
LRHMvrPq7uRfNMVL6o02rm/8EdXauamF1WLH5m/+5XjOryRcGM6EK84nvsH8M/Pz
TCApW5JTywmzJTTCNNdOjvKe+E0Vqe5GLZKcu+2PLFWT2pymGSAwfWf/IGDf2Rpf
BPnDqnJ1hPhuh6uW9Dm6omdH6IE7a7KgPP2XVGvemSU/84pz+G9sS5RJDQDuxSGq
4qvEoKUT/bAAGnDJoTFNZLdNZimEg+jkM4/Oeeg0Egw9AnyWsQeZPyv+8bF6NMHT
mhVSqlT5pp1Fw6MnYi79YAOCVJr5akrN
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:17:27 2025 by rpki-client