Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F978F5D6D56D11EF80D3348A762E951A.roa
File: F978F5D6D56D11EF80D3348A762E951A.roa (raw, json)
Hash identifier: KgZUfoip/lz5ozRt4WZVWO9exF0dg2LQ6HuZsj7lVNs=
Subject key identifier: A1:6E:39:6A:E9:59:F0:E7:2E:10:D3:9F:1B:44:21:90:CD:77:23:66
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013D9C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F978F5D6D56D11EF80D3348A762E951A.roa
Signing time: Sat 18 Jan 2025 07:29:39 +0000
ROA not before: Sat 18 Jan 2025 07:29:35 +0000
ROA not after: Sat 22 Feb 2025 07:29:35 +0000
asID: 18013
IP address blocks: 154.202.117.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81308 (0x13d9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 18 07:29:35 2025 GMT
Not After : Feb 22 07:29:35 2025 GMT
Subject: CN=678b5862-f9ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:38:29:ea:7b:cd:28:32:fe:19:a8:c6:1f:0a:
7f:1f:90:31:63:5e:c4:76:aa:7b:f9:24:1d:fe:4a:
55:e5:7c:7a:ed:ca:79:e8:c6:6a:20:69:fd:cd:58:
90:1e:59:77:9f:65:b6:e4:8d:80:38:e3:67:eb:41:
c2:6a:d5:3d:94:5b:b4:61:d5:ce:d7:a9:c2:b9:b1:
55:bb:fa:5e:1f:e6:7b:60:3a:02:2f:3d:09:d0:fd:
14:ca:0c:ce:d7:6e:db:8b:db:b0:c3:22:cf:aa:b1:
bb:83:d7:06:51:3e:c3:36:c4:90:0c:a5:41:d7:8b:
4d:d9:a9:7f:d6:6c:c8:86:53:72:fc:64:e1:52:ac:
f6:7c:ce:3c:df:a8:3b:82:d5:75:b1:42:64:52:e3:
96:0b:6c:13:ae:07:d1:47:98:e8:4d:9d:03:c5:b9:
c8:1a:64:a0:e7:56:46:1f:fb:9a:11:9a:53:b2:9f:
30:26:31:fe:9d:02:51:6f:d4:a4:b2:96:0a:d2:4c:
f1:9f:f7:31:09:2c:ed:ab:8f:7e:48:c0:69:e8:90:
cf:70:98:10:cc:1e:94:bf:95:3c:d6:6a:ab:77:20:
63:8a:08:83:f5:48:0d:03:21:ec:e8:fb:52:b5:4a:
67:fd:49:1c:fd:a3:ba:a3:57:76:d0:19:e9:ea:06:
36:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:6E:39:6A:E9:59:F0:E7:2E:10:D3:9F:1B:44:21:90:CD:77:23:66
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F978F5D6D56D11EF80D3348A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.117.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:8f:c3:53:c9:11:97:31:26:f7:0c:06:24:13:d3:3f:0f:fd:
4a:56:61:4f:24:5e:52:f2:d9:11:5e:8b:38:72:0e:f1:0a:d3:
01:36:e9:e8:8f:94:1e:0a:2b:fe:bd:ce:95:74:18:3e:e2:00:
d8:8f:4f:9d:7d:93:19:26:38:31:3b:f5:be:d6:52:04:cd:ac:
e5:a6:a1:c9:b7:1d:7a:c6:7e:e7:b4:7b:1f:97:23:d1:d1:ca:
ed:ca:25:fe:b1:4c:44:96:68:a1:58:76:f4:be:bb:95:09:9a:
04:f9:ea:50:e4:3a:c0:d1:b0:12:ce:f5:31:21:9f:51:a5:61:
0d:63:ff:9e:6f:da:c9:06:fb:1b:3d:88:48:f0:44:63:a5:39:
87:c6:bc:bc:3e:cd:5c:c6:04:d7:1c:30:9a:39:1d:d1:18:48:
19:31:c1:bc:34:c2:43:f7:b4:16:9b:f0:69:c7:96:ef:86:41:
a5:c8:cd:e7:df:08:a6:14:63:5d:9d:ee:4c:5c:1b:be:1a:3a:
02:4d:a0:a1:8f:bb:f9:be:6c:41:fe:d3:fb:ef:19:3d:27:f0:
c8:27:2e:56:da:9c:2f:de:ed:0d:8a:3b:fa:59:80:4d:57:c7:
b9:4f:3d:1c:6b:70:b8:1e:bb:51:b7:b8:c5:8b:f0:69:cd:00:
83:2a:3d:97
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT2cMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE4MDcyOTM1WhcNMjUwMjIyMDcyOTM1WjAYMRYw
FAYDVQQDEw02NzhiNTg2Mi1mOWFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuTgp6nvNKDL+GajGHwp/H5AxY17Edqp7+SQd/kpV5Xx67cp56MZqIGn9
zViQHll3n2W25I2AOONn60HCatU9lFu0YdXO16nCubFVu/peH+Z7YDoCLz0J0P0U
ygzO127bi9uwwyLPqrG7g9cGUT7DNsSQDKVB14tN2al/1mzIhlNy/GThUqz2fM48
36g7gtV1sUJkUuOWC2wTrgfRR5joTZ0DxbnIGmSg51ZGH/uaEZpTsp8wJjH+nQJR
b9SkspYK0kzxn/cxCSztq49+SMBp6JDPcJgQzB6Uv5U81mqrdyBjigiD9UgNAyHs
6PtStUpn/Ukc/aO6o1d20Bnp6gY2eQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKFu
OWrpWfDnLhDTnxtEIZDNdyNmMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GOTc4RjVENkQ1NkQxMUVGODBEMzM0OEE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsp1MA0GCSqGSIb3DQEB
CwUAA4IBAQAKj8NTyRGXMSb3DAYkE9M/D/1KVmFPJF5S8tkRXos4cg7xCtMBNuno
j5QeCiv+vc6VdBg+4gDYj0+dfZMZJjgxO/W+1lIEzazlpqHJtx16xn7ntHsflyPR
0crtyiX+sUxElmihWHb0vruVCZoE+epQ5DrA0bASzvUxIZ9RpWENY/+eb9rJBvsb
PYhI8ERjpTmHxry8Ps1cxgTXHDCaOR3RGEgZMcG8NMJD97QWm/Bpx5bvhkGlyM3n
3wimFGNdne5MXBu+GjoCTaChj7v5vmxB/tP77xk9J/DIJy5W2pwv3u0Nijv6WYBN
V8e5Tz0ca3C4HrtRt7jFi/BpzQCDKj2X
-----END CERTIFICATE-----
Generated at Sun Apr 27 12:01:41 2025 by rpki-client