Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F25137BCD8DF11EFA8E0AA9E762E951A.roa
File: F25137BCD8DF11EFA8E0AA9E762E951A.roa (raw, json)
Hash identifier: uqlC8nddGlLrTPGTXymEUL+1s+1iFf+rMcpl1Kqs5iI=
Subject key identifier: A4:21:E6:B0:6A:6C:E8:E8:6B:7E:C2:D5:67:1E:9B:85:03:E9:A1:4B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013FEE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F25137BCD8DF11EFA8E0AA9E762E951A.roa
Signing time: Wed 22 Jan 2025 16:43:03 +0000
ROA not before: Wed 22 Jan 2025 16:42:59 +0000
ROA not after: Sat 15 Mar 2025 16:42:59 +0000
asID: 138915
IP address blocks: 154.206.84.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81902 (0x13fee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 22 16:42:59 2025 GMT
Not After : Mar 15 16:42:59 2025 GMT
Subject: CN=67912017-6fec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:22:09:05:55:12:83:a3:22:84:86:5f:42:48:
f9:4f:cb:74:af:3e:1b:69:12:a5:d9:03:47:5d:3b:
80:2f:a0:2a:b2:06:9c:19:41:6e:2c:44:30:0d:b5:
a5:f6:a1:17:26:90:ac:8d:9a:f7:1d:b6:94:79:fd:
29:49:8e:53:c4:ed:64:e9:cb:49:b2:cc:82:0a:c9:
b7:d7:2a:05:77:6e:af:36:c5:67:b6:2b:98:52:18:
b9:49:60:09:34:c8:10:9b:ee:92:ba:2b:bc:5c:da:
1d:46:5d:74:3f:23:8a:c0:dd:97:5b:c1:86:1e:21:
7f:28:d3:d2:09:3a:3c:3e:1a:1c:c1:bd:46:5d:0a:
17:8d:2a:f3:1a:82:d6:97:41:e2:d2:96:a7:6f:05:
90:59:0d:48:27:40:61:e4:c8:ae:9c:39:9e:3b:3a:
51:0a:b6:80:a2:f7:7e:fc:5e:ee:05:55:80:7e:4a:
12:ea:45:af:26:fa:f1:ba:ab:2f:c8:18:57:b0:b2:
fc:4b:a7:e9:05:d3:5e:0f:92:e0:41:6e:db:6b:b1:
c5:c5:06:23:b8:4f:d3:fc:42:e7:2f:22:a8:f4:e8:
75:f4:e4:df:46:5b:c8:19:de:ac:f6:0b:06:14:0b:
cf:91:69:6b:60:d3:6b:2f:47:c0:2b:72:a0:cf:98:
32:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:21:E6:B0:6A:6C:E8:E8:6B:7E:C2:D5:67:1E:9B:85:03:E9:A1:4B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F25137BCD8DF11EFA8E0AA9E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.84.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:b9:e7:4a:1f:e6:94:51:00:d4:cf:6a:f7:ee:36:7f:0e:13:
32:e1:42:1c:37:d6:b1:90:28:62:2c:48:d5:8e:c2:db:df:9f:
3f:22:9d:67:7e:9a:a0:0c:66:fb:54:1b:31:14:cf:79:b6:8b:
65:cc:fd:70:8b:45:e2:60:a1:95:90:a5:24:58:3a:cb:6a:5c:
16:a5:13:d9:fc:c9:a7:b1:ec:c6:c5:88:f9:58:d0:de:8f:09:
fc:8d:be:bd:cd:83:33:a3:6a:1f:c4:11:1e:20:ed:4f:3e:e6:
10:46:eb:c4:6e:3c:53:16:99:2a:0a:eb:12:82:ae:af:57:37:
e9:5d:c3:2d:0f:3f:53:50:19:5b:a6:72:b7:34:34:dc:0e:b3:
ff:7a:51:fa:e4:06:e2:27:a1:57:90:1f:a8:84:6a:2d:66:ab:
16:24:ae:df:b3:51:c7:ff:62:ed:fb:de:fe:1c:75:f6:0e:fc:
a1:49:6e:9d:8f:38:f9:c9:7d:dc:4a:74:49:5e:41:f9:12:e7:
16:3d:15:a5:91:0a:53:b0:90:72:21:20:56:06:30:15:e2:0f:
38:2d:c3:a4:1c:85:fe:05:c0:74:8e:d8:13:d8:00:3f:99:88:
5a:3c:19:22:4c:a1:ba:fc:29:14:f8:4b:3b:6c:c3:25:23:05:
c9:b6:4c:6f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT/uMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIyMTY0MjU5WhcNMjUwMzE1MTY0MjU5WjAYMRYw
FAYDVQQDEw02NzkxMjAxNy02ZmVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6yIJBVUSg6MihIZfQkj5T8t0rz4baRKl2QNHXTuAL6AqsgacGUFuLEQw
DbWl9qEXJpCsjZr3HbaUef0pSY5TxO1k6ctJssyCCsm31yoFd26vNsVntiuYUhi5
SWAJNMgQm+6Suiu8XNodRl10PyOKwN2XW8GGHiF/KNPSCTo8Phocwb1GXQoXjSrz
GoLWl0Hi0panbwWQWQ1IJ0Bh5MiunDmeOzpRCraAovd+/F7uBVWAfkoS6kWvJvrx
uqsvyBhXsLL8S6fpBdNeD5LgQW7ba7HFxQYjuE/T/ELnLyKo9Oh19OTfRlvIGd6s
9gsGFAvPkWlrYNNrL0fAK3Kgz5gy7QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKQh
5rBqbOjoa37C1Wcem4UD6aFLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMjUxMzdCQ0Q4REYxMUVGQThFMEFBOUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms5UMA0GCSqGSIb3DQEB
CwUAA4IBAQBeuedKH+aUUQDUz2r37jZ/DhMy4UIcN9axkChiLEjVjsLb358/Ip1n
fpqgDGb7VBsxFM95totlzP1wi0XiYKGVkKUkWDrLalwWpRPZ/MmnsezGxYj5WNDe
jwn8jb69zYMzo2ofxBEeIO1PPuYQRuvEbjxTFpkqCusSgq6vVzfpXcMtDz9TUBlb
pnK3NDTcDrP/elH65AbiJ6FXkB+ohGotZqsWJK7fs1HH/2Lt+97+HHX2DvyhSW6d
jzj5yX3cSnRJXkH5EucWPRWlkQpTsJByISBWBjAV4g84LcOkHIX+BcB0jtgT2AA/
mYhaPBkiTKG6/CkU+Es7bMMlIwXJtkxv
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:03:14 2025 by rpki-client