Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE7FD28AD40511EF9E2FB649762E951A.roa
File: EE7FD28AD40511EF9E2FB649762E951A.roa (raw, json)
Hash identifier: lYw+mbdOncJyW3d4lG2EHzHu5YELRKjGIkkg/VaBNRI=
Subject key identifier: E4:34:B5:DA:D2:7A:B3:AA:0D:28:30:3C:C2:F5:23:CE:08:6C:43:1C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013C34
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE7FD28AD40511EF9E2FB649762E951A.roa
Signing time: Thu 16 Jan 2025 12:32:21 +0000
ROA not before: Thu 16 Jan 2025 12:32:18 +0000
ROA not after: Sun 16 Mar 2025 12:32:18 +0000
asID: 17561
IP address blocks: 154.206.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80948 (0x13c34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 16 12:32:18 2025 GMT
Not After : Mar 16 12:32:18 2025 GMT
Subject: CN=6788fc55-a7b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:c3:7f:f9:fa:d2:70:d9:73:e4:4b:1b:ec:f4:
90:8b:e0:dc:16:75:58:cb:ff:0f:f1:37:01:89:e9:
e6:12:e1:d2:bb:fe:ce:2a:34:14:33:e2:bb:b4:2e:
46:37:a3:e0:68:d1:12:0d:1c:99:30:06:7b:62:51:
5e:5f:97:d8:b0:fc:b0:e0:65:1d:10:2c:7b:be:72:
f4:0d:eb:4e:7a:90:47:45:33:10:32:5b:2b:2a:c4:
57:e6:d3:f6:f3:57:b0:79:3c:a1:c6:8d:5b:dc:c7:
b5:98:7a:3b:1a:67:72:d8:e4:05:06:a3:6e:a4:c9:
32:a8:f3:1f:cf:35:ba:d0:10:36:16:a9:ba:c2:e9:
6d:b6:6d:18:5a:55:aa:6a:78:37:09:18:a1:6e:75:
3d:db:3b:b6:61:ab:22:f9:02:d9:08:1c:f1:28:ef:
f0:6c:53:e2:39:6d:56:ea:2b:4e:bb:78:a9:ea:94:
46:5b:9d:bd:59:20:d5:4a:39:00:c3:81:78:56:65:
86:b2:dd:2e:61:57:dc:cf:ea:f4:a0:10:32:62:ab:
3d:c4:62:1b:87:e3:2d:44:3f:ec:2e:71:54:11:6a:
89:fb:a8:73:4a:1c:fa:37:16:19:0a:83:6a:00:34:
a5:aa:7f:28:9f:75:f8:87:a9:54:5f:6c:b5:2b:fc:
0c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:34:B5:DA:D2:7A:B3:AA:0D:28:30:3C:C2:F5:23:CE:08:6C:43:1C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE7FD28AD40511EF9E2FB649762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.220.0/24
Signature Algorithm: sha256WithRSAEncryption
92:04:a1:84:72:b7:79:5e:37:b8:15:c3:19:00:83:92:fd:3c:
91:ff:db:d3:16:0f:6e:4f:f3:a6:86:f2:c9:d4:8c:c5:32:0a:
86:90:3f:9c:28:5b:92:53:9f:9c:d8:0c:4d:9f:54:58:a2:56:
1d:c5:5d:f4:b9:24:2e:9f:bc:69:16:a5:08:bd:3f:fc:d4:4c:
44:f3:5a:f1:f2:28:dd:02:b5:6b:49:3c:2f:de:a5:10:b5:2e:
12:16:e0:91:46:14:1f:ad:bd:12:97:e7:d8:10:14:5a:a5:72:
14:00:30:58:b9:00:4d:21:e5:13:4b:5c:52:93:23:e6:24:5a:
13:6b:fc:ed:5b:50:45:1b:25:23:c8:88:24:ad:49:47:9d:72:
48:b3:20:a2:7c:0e:af:85:86:e6:e7:a6:13:68:bf:5a:02:fe:
87:c0:11:eb:f0:7a:ba:bc:ba:8c:79:57:d7:b9:51:d1:88:20:
bb:1d:c9:a8:bb:31:b9:33:e3:9b:18:37:a3:1b:8b:e5:6b:53:
d2:4f:8c:7a:5c:aa:06:e1:ca:84:c6:16:e1:9e:30:0f:b7:81:
2b:b9:f8:fc:19:f7:a6:f4:01:b8:58:d5:a5:c2:9c:f2:b5:40:
e2:f3:08:50:2c:69:c4:53:88:9a:27:98:87:46:83:3f:f4:83:
4b:f2:91:32
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATw0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE2MTIzMjE4WhcNMjUwMzE2MTIzMjE4WjAYMRYw
FAYDVQQDEw02Nzg4ZmM1NS1hN2I5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA48N/+frScNlz5Esb7PSQi+DcFnVYy/8P8TcBienmEuHSu/7OKjQUM+K7
tC5GN6PgaNESDRyZMAZ7YlFeX5fYsPyw4GUdECx7vnL0DetOepBHRTMQMlsrKsRX
5tP281eweTyhxo1b3Me1mHo7Gmdy2OQFBqNupMkyqPMfzzW60BA2Fqm6wulttm0Y
WlWqang3CRihbnU92zu2Yasi+QLZCBzxKO/wbFPiOW1W6itOu3ip6pRGW529WSDV
SjkAw4F4VmWGst0uYVfcz+r0oBAyYqs9xGIbh+MtRD/sLnFUEWqJ+6hzShz6NxYZ
CoNqADSlqn8on3X4h6lUX2y1K/wMJwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOQ0
tdrSerOqDSgwPML1I84IbEMcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRTdGRDI4QUQ0MDUxMUVGOUUyRkI2NDk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7cMA0GCSqGSIb3DQEB
CwUAA4IBAQCSBKGEcrd5Xje4FcMZAIOS/TyR/9vTFg9uT/OmhvLJ1IzFMgqGkD+c
KFuSU5+c2AxNn1RYolYdxV30uSQun7xpFqUIvT/81ExE81rx8ijdArVrSTwv3qUQ
tS4SFuCRRhQfrb0Sl+fYEBRapXIUADBYuQBNIeUTS1xSkyPmJFoTa/ztW1BFGyUj
yIgkrUlHnXJIsyCifA6vhYbm56YTaL9aAv6HwBHr8Hq6vLqMeVfXuVHRiCC7Hcmo
uzG5M+ObGDejG4vla1PST4x6XKoG4cqExhbhnjAPt4Erufj8Gfem9AG4WNWlwpzy
tUDi8whQLGnEU4iaJ5iHRoM/9INL8pEy
-----END CERTIFICATE-----
Generated at Tue Apr 29 01:01:32 2025 by rpki-client