Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F16E4EB6DA5611EF9BAA6584762E951A.roa
File: F16E4EB6DA5611EF9BAA6584762E951A.roa (raw, json)
Hash identifier: FnAuI2n1vVPA+R3V45wGH5clcdmKzxIhDZT0N2cMBTo=
Subject key identifier: 96:00:4F:E9:D0:87:5D:D0:53:57:9B:FB:99:B1:F5:62:D1:91:15:F7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014775
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F16E4EB6DA5611EF9BAA6584762E951A.roa
Signing time: Fri 24 Jan 2025 13:27:22 +0000
ROA not before: Fri 24 Jan 2025 13:27:19 +0000
ROA not after: Wed 05 Mar 2025 13:27:19 +0000
asID: 44559
IP address blocks: 154.209.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83829 (0x14775)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 13:27:19 2025 GMT
Not After : Mar 5 13:27:19 2025 GMT
Subject: CN=6793953a-60bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:62:56:90:5e:9a:6a:72:d8:29:15:ea:27:76:
ff:8c:17:dc:c9:43:f2:f1:b5:b5:ef:15:77:84:4a:
64:0e:a6:3a:ce:24:3e:fa:88:34:97:cf:ea:27:15:
86:c7:aa:0e:cd:e1:5b:21:1e:e4:ee:b7:a6:02:cd:
f5:ea:8b:98:a8:21:56:f8:f2:94:5e:d3:74:e7:27:
85:4d:33:98:be:17:29:0a:0f:f0:2b:2b:3a:85:fc:
97:c7:0c:fe:5c:aa:3e:0a:1b:b6:61:ce:95:d6:34:
b8:8a:1d:ca:21:60:89:3f:cd:9f:e7:60:80:2c:fd:
49:61:f0:52:00:6b:0e:38:cf:67:98:6a:0e:db:6d:
01:f5:f8:5d:65:b6:eb:60:69:c3:59:00:37:c7:56:
11:d7:d0:db:54:7a:02:59:0a:72:a9:06:e3:9e:09:
8e:db:61:45:f2:5f:2d:96:a8:70:dc:a1:e9:0d:86:
b8:63:5b:f0:47:e3:b0:76:90:b8:fb:44:20:92:4b:
fc:18:0f:dc:1a:57:eb:da:d5:e1:71:00:19:12:d3:
ab:27:2d:b7:37:96:35:25:c7:31:8f:24:b6:db:51:
90:0b:29:a8:3d:38:a4:36:78:87:12:39:87:59:18:
75:03:a3:eb:6c:62:9b:4c:d3:87:ab:d7:06:cf:b3:
0e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:00:4F:E9:D0:87:5D:D0:53:57:9B:FB:99:B1:F5:62:D1:91:15:F7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F16E4EB6DA5611EF9BAA6584762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.95.0/24
Signature Algorithm: sha256WithRSAEncryption
41:66:75:1e:9c:d7:39:ec:d6:38:bf:45:44:40:7b:50:6e:dc:
54:c0:c5:42:c1:bc:66:0e:98:21:31:0d:c0:16:1d:d2:c7:64:
0b:7a:c5:85:b9:de:0a:54:68:97:84:41:e1:62:a7:a0:82:84:
ad:58:4e:3a:dd:b5:e5:25:eb:38:ff:17:02:5c:b7:76:67:77:
b2:8a:08:a7:9a:ba:a4:12:89:3d:1c:51:1a:82:a6:12:b1:1b:
08:47:b1:5f:da:51:89:9e:22:75:aa:53:c4:95:9b:fd:b0:df:
91:63:d0:23:e2:bf:14:e5:88:91:49:e1:cd:ab:ee:25:73:85:
26:0f:15:f8:c5:52:d7:60:7c:5f:02:c3:7b:ef:27:d7:34:a3:
f4:99:d9:d3:80:fb:00:79:0c:d2:61:c7:c3:d9:fc:53:b9:a7:
b3:fb:c5:6a:10:28:7c:7d:4d:83:6a:1c:32:81:dd:96:d1:78:
e9:01:29:19:5b:57:79:97:f1:13:ec:66:ce:00:4e:92:e4:25:
43:c3:aa:7f:82:f2:54:34:dc:09:66:58:06:c1:e5:08:07:0d:
a7:04:1e:bd:df:c4:9e:cf:8a:26:bb:2e:c0:72:2a:98:99:cc:
bd:48:7c:a1:83:88:f7:d0:30:f2:62:3e:02:a1:54:73:b6:c3:
6d:62:30:a5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUd1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTMyNzE5WhcNMjUwMzA1MTMyNzE5WjAYMRYw
FAYDVQQDEw02NzkzOTUzYS02MGJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuGJWkF6aanLYKRXqJ3b/jBfcyUPy8bW17xV3hEpkDqY6ziQ++og0l8/q
JxWGx6oOzeFbIR7k7remAs316ouYqCFW+PKUXtN05yeFTTOYvhcpCg/wKys6hfyX
xwz+XKo+Chu2Yc6V1jS4ih3KIWCJP82f52CALP1JYfBSAGsOOM9nmGoO220B9fhd
ZbbrYGnDWQA3x1YR19DbVHoCWQpyqQbjngmO22FF8l8tlqhw3KHpDYa4Y1vwR+Ow
dpC4+0Qgkkv8GA/cGlfr2tXhcQAZEtOrJy23N5Y1JccxjyS221GQCymoPTikNniH
EjmHWRh1A6PrbGKbTNOHq9cGz7MOOwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJYA
T+nQh13QU1eb+5mx9WLRkRX3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMTZFNEVCNkRBNTYxMUVGOUJBQTY1ODQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtFfMA0GCSqGSIb3DQEB
CwUAA4IBAQBBZnUenNc57NY4v0VEQHtQbtxUwMVCwbxmDpghMQ3AFh3Sx2QLesWF
ud4KVGiXhEHhYqeggoStWE463bXlJes4/xcCXLd2Z3eyiginmrqkEok9HFEagqYS
sRsIR7Ff2lGJniJ1qlPElZv9sN+RY9Aj4r8U5YiRSeHNq+4lc4UmDxX4xVLXYHxf
AsN77yfXNKP0mdnTgPsAeQzSYcfD2fxTuaez+8VqECh8fU2Dahwygd2W0XjpASkZ
W1d5l/ET7GbOAE6S5CVDw6p/gvJUNNwJZlgGweUIBw2nBB6938Sez4omuy7AciqY
mcy9SHyhg4j30DDyYj4CoVRztsNtYjCl
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:58:39 2025 by rpki-client