Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D3BF12E8DC8011EFBFDBC1A2762E951A.roa
File: D3BF12E8DC8011EFBFDBC1A2762E951A.roa (raw, json)
Hash identifier: DLEKW/gpBxGcIdIPEPAqJUedyPa1LhU9f6h6OAMrp8c=
Subject key identifier: 9C:AB:E5:17:26:36:CC:C5:D2:9A:B2:DB:F3:AB:2B:92:98:51:E6:4B
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 19B1
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D3BF12E8DC8011EFBFDBC1A2762E951A.roa
Signing time: Mon 27 Jan 2025 07:32:14 +0000
ROA not before: Mon 27 Jan 2025 07:32:10 +0000
ROA not after: Wed 27 Jan 2027 07:32:10 +0000
asID: 20473
IP address blocks: 154.16.86.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6577 (0x19b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Jan 27 07:32:10 2025 GMT
Not After : Jan 27 07:32:10 2027 GMT
Subject: CN=6797367e-f0df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:3b:99:c4:b0:f2:b6:ef:12:df:f4:7f:85:52:
7e:86:d7:d9:05:5a:c4:b5:a9:b8:61:99:46:62:d3:
29:f0:26:ba:a0:ec:4a:58:99:c8:bc:3f:6d:a5:16:
65:9a:9e:7a:5b:c4:28:29:6e:91:ea:33:e5:a6:68:
85:b4:a7:89:cf:a7:4f:d1:7d:f7:2a:ec:02:cd:44:
ee:ab:50:73:81:39:94:61:23:88:31:2a:00:9b:5a:
1e:b2:21:3d:59:1a:eb:86:9f:dc:bc:b5:8f:31:9b:
55:91:c9:13:e3:89:a3:1c:c4:3e:04:b1:89:3d:d9:
a9:34:36:05:cc:46:4d:4c:2e:e7:8c:5d:4f:5b:4e:
e1:30:42:c4:74:f5:9c:be:03:a5:ef:8b:d2:58:b6:
7e:d9:b1:19:ed:ae:a3:fb:5f:84:6f:fa:cd:fe:3f:
f4:f6:7e:ed:db:86:6d:a9:ac:9f:1d:fe:19:2b:79:
c7:5c:e7:c0:f7:70:ef:f5:0f:77:08:f6:25:d0:ee:
24:9c:9e:c5:dc:fb:b3:eb:4a:ae:b5:f9:01:de:ab:
ef:78:82:93:33:e1:b8:56:01:90:c1:9f:68:95:e6:
67:a7:49:f4:2b:e2:e3:7f:c1:97:af:4d:6a:f3:bf:
e3:af:79:ec:f2:2d:10:ca:e3:ee:05:bb:2a:50:2c:
0e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:AB:E5:17:26:36:CC:C5:D2:9A:B2:DB:F3:AB:2B:92:98:51:E6:4B
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D3BF12E8DC8011EFBFDBC1A2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.86.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:bf:83:f6:56:4d:db:c6:43:04:00:f8:83:0f:60:4f:c2:68:
a5:07:f0:a1:e7:40:c7:ef:54:4a:cd:97:54:6f:dd:6f:34:a2:
4b:e0:16:6e:b1:6b:13:69:95:50:b1:ca:dd:c1:a7:e8:36:99:
4b:10:a0:50:16:7a:e8:52:d5:9c:ec:31:84:a2:4a:68:38:9c:
08:05:9a:29:b8:55:18:00:8a:2b:f4:b3:2c:be:b6:fa:6c:9f:
57:c4:a5:be:7a:f7:f5:d1:df:8c:27:c3:d3:7d:e9:7f:21:9c:
b1:b3:41:d1:58:26:47:25:25:92:f2:5d:96:15:97:15:65:3b:
bc:59:b2:83:6a:d8:fe:16:bb:ae:10:30:3a:ec:ce:17:7a:de:
a9:ca:b2:83:27:5e:dd:31:86:5e:74:e5:73:9f:a1:9c:9f:35:
d3:ff:22:9c:11:84:58:6a:5e:29:26:31:01:e9:5b:8b:24:5f:
e3:28:db:1f:f6:09:b9:01:07:fe:8c:f7:a7:d9:dc:ff:15:fa:
4d:7a:33:f7:96:8b:6e:5d:cc:d4:74:3d:1d:ff:c1:2b:df:a6:
c5:23:49:ac:99:81:75:47:ba:a9:bf:e9:19:89:dc:e6:60:6e:
a8:8f:75:37:17:8d:98:90:b6:26:e7:83:7d:f7:b0:fb:ba:eb:
2a:9a:2d:c3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGbEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTAxMjcwNzMyMTBaFw0yNzAxMjcwNzMyMTBaMBgxFjAU
BgNVBAMTDTY3OTczNjdlLWYwZGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQD6O5nEsPK27xLf9H+FUn6G19kFWsS1qbhhmUZi0ynwJrqg7EpYmci8P22l
FmWannpbxCgpbpHqM+WmaIW0p4nPp0/Rffcq7ALNRO6rUHOBOZRhI4gxKgCbWh6y
IT1ZGuuGn9y8tY8xm1WRyRPjiaMcxD4EsYk92ak0NgXMRk1MLueMXU9bTuEwQsR0
9Zy+A6Xvi9JYtn7ZsRntrqP7X4Rv+s3+P/T2fu3bhm2prJ8d/hkrecdc58D3cO/1
D3cI9iXQ7iScnsXc+7PrSq61+QHeq+94gpMz4bhWAZDBn2iV5menSfQr4uN/wZev
TWrzv+OveezyLRDK4+4FuypQLA7PAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUnKvl
FyY2zMXSmrLb86srkphR5kswHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0QzQkYxMkU4REM4MDExRUZCRkRCQzFBMjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEFYwDQYJKoZIhvcNAQEL
BQADggEBAC6/g/ZWTdvGQwQA+IMPYE/CaKUH8KHnQMfvVErNl1Rv3W80okvgFm6x
axNplVCxyt3Bp+g2mUsQoFAWeuhS1ZzsMYSiSmg4nAgFmim4VRgAiiv0syy+tvps
n1fEpb569/XR34wnw9N96X8hnLGzQdFYJkclJZLyXZYVlxVlO7xZsoNq2P4Wu64Q
MDrszhd63qnKsoMnXt0xhl505XOfoZyfNdP/IpwRhFhqXikmMQHpW4skX+Mo2x/2
CbkBB/6M96fZ3P8V+k16M/eWi25dzNR0PR3/wSvfpsUjSayZgXVHuqm/6RmJ3OZg
bqiPdTcXjZiQtibng333sPu66yqaLcM=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:58:59 2025 by rpki-client