Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EFB4FEFEDCC611EF8ED7A773762E951A.roa
File: EFB4FEFEDCC611EF8ED7A773762E951A.roa (raw, json)
Hash identifier: s2YwhlE36Mpn9u+L05ZkIbmpDtiCcZLPN8TGxsRqQ0Q=
Subject key identifier: 40:86:33:F6:FD:03:06:06:E5:99:DC:18:78:87:26:E9:9B:20:D0:B2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014C59
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EFB4FEFEDCC611EF8ED7A773762E951A.roa
Signing time: Mon 27 Jan 2025 15:54:05 +0000
ROA not before: Mon 27 Jan 2025 15:54:02 +0000
ROA not after: Thu 13 Feb 2025 15:54:02 +0000
asID: 7018
IP address blocks: 154.207.154.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85081 (0x14c59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 27 15:54:02 2025 GMT
Not After : Feb 13 15:54:02 2025 GMT
Subject: CN=6797ac1d-93c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:b7:b2:e7:b9:43:f9:6f:ef:d3:2e:cc:f6:e0:
50:1f:a7:2d:a6:85:40:0b:07:04:f9:4f:b1:f2:a8:
31:54:72:88:4c:60:1b:aa:1c:50:f9:d1:61:cd:b7:
ec:c6:88:ef:f7:fa:ce:52:30:3b:e5:11:38:88:eb:
29:8c:a9:99:a1:6b:53:7b:e1:3e:68:49:83:9e:d5:
fd:a9:ec:f8:62:81:ca:f9:27:9d:df:36:a7:ef:b4:
e8:f2:fc:c8:3a:13:7d:3f:ef:72:a6:49:85:f8:2c:
1d:99:4b:7c:ee:a1:ae:ac:54:e1:d5:a9:11:ca:a5:
1a:39:30:98:90:1c:d2:98:2c:41:79:90:c8:67:63:
d0:9b:1e:ca:71:83:a0:39:4e:b6:91:51:e4:d0:95:
33:bb:08:63:89:a0:0b:e5:2a:97:a2:3b:59:97:fb:
37:b9:cc:81:59:c3:17:2d:60:04:fc:1f:c6:3d:9a:
a5:55:c2:86:71:25:82:e3:91:5f:d9:4d:93:c3:eb:
53:fd:f7:10:b4:69:63:9f:fc:d4:fa:ef:4d:22:26:
f0:cd:b0:7b:ad:e1:2a:74:8b:20:92:59:69:07:f0:
c1:a8:0f:cd:4d:bd:e0:ea:76:26:af:70:0d:a4:a7:
67:fd:92:2a:dd:96:85:e4:65:6b:3f:93:54:58:2c:
59:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:86:33:F6:FD:03:06:06:E5:99:DC:18:78:87:26:E9:9B:20:D0:B2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EFB4FEFEDCC611EF8ED7A773762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.154.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:bb:b7:06:fe:1f:bb:49:e4:8c:10:b1:3c:b5:94:ea:40:b0:
a1:ec:00:77:9b:93:5d:7d:b3:c6:01:96:20:83:6c:81:68:c9:
2e:de:54:fc:97:ae:9e:f4:ca:5d:6d:28:fa:1c:a4:f0:4e:c2:
1e:f0:f1:cf:d3:36:91:a0:6d:67:80:3e:67:89:13:7f:35:45:
65:a5:20:e9:ba:f5:ea:13:9c:cd:ed:b1:a8:2d:d4:f0:7d:0c:
14:c3:e7:d9:dc:0d:de:bb:dd:43:3f:4c:a4:e0:c8:04:99:2f:
50:48:c9:fb:40:b2:f4:8b:22:f9:c6:3a:90:d4:90:25:f8:53:
2e:e0:d6:c0:cf:18:c4:4b:c6:03:51:58:1d:09:86:ee:cc:23:
be:70:17:66:13:99:4c:8e:8d:39:c0:2d:3d:54:52:e0:3d:9c:
a7:f6:60:c3:ea:42:19:a6:54:5a:94:07:1f:65:b4:88:ab:13:
57:e0:ec:1e:74:dc:cc:e2:7c:32:33:7a:76:b8:fd:cd:ed:ed:
cd:55:a5:0c:da:18:9b:06:49:a3:9f:c5:83:52:f5:17:ee:51:
e7:c9:cf:9b:9b:51:43:a8:bd:51:ea:da:7b:bf:26:70:b4:b5:
52:2d:39:1a:dc:aa:9f:4f:d8:4c:3f:a8:40:94:cc:24:d5:b9:
b3:dc:2c:12
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUxZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI3MTU1NDAyWhcNMjUwMjEzMTU1NDAyWjAYMRYw
FAYDVQQDEw02Nzk3YWMxZC05M2MxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA27ey57lD+W/v0y7M9uBQH6ctpoVACwcE+U+x8qgxVHKITGAbqhxQ+dFh
zbfsxojv9/rOUjA75RE4iOspjKmZoWtTe+E+aEmDntX9qez4YoHK+Sed3zan77To
8vzIOhN9P+9ypkmF+CwdmUt87qGurFTh1akRyqUaOTCYkBzSmCxBeZDIZ2PQmx7K
cYOgOU62kVHk0JUzuwhjiaAL5SqXojtZl/s3ucyBWcMXLWAE/B/GPZqlVcKGcSWC
45Ff2U2Tw+tT/fcQtGljn/zU+u9NIibwzbB7reEqdIsgkllpB/DBqA/NTb3g6nYm
r3ANpKdn/ZIq3ZaF5GVrP5NUWCxZbQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFECG
M/b9AwYG5ZncGHiHJumbINCyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRkI0RkVGRURDQzYxMUVGOEVEN0E3NzM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms+aMA0GCSqGSIb3DQEB
CwUAA4IBAQA6u7cG/h+7SeSMELE8tZTqQLCh7AB3m5NdfbPGAZYgg2yBaMku3lT8
l66e9MpdbSj6HKTwTsIe8PHP0zaRoG1ngD5niRN/NUVlpSDpuvXqE5zN7bGoLdTw
fQwUw+fZ3A3eu91DP0yk4MgEmS9QSMn7QLL0iyL5xjqQ1JAl+FMu4NbAzxjES8YD
UVgdCYbuzCO+cBdmE5lMjo05wC09VFLgPZyn9mDD6kIZplRalAcfZbSIqxNX4Owe
dNzM4nwyM3p2uP3N7e3NVaUM2hibBkmjn8WDUvUX7lHnyc+bm1FDqL1R6tp7vyZw
tLVSLTka3KqfT9hMP6hAlMwk1bmz3CwS
-----END CERTIFICATE-----
Generated at Fri Apr 25 15:31:15 2025 by rpki-client