Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5E24C048EF3E11EF8848E2B3762E951A.roa
File: 5E24C048EF3E11EF8848E2B3762E951A.roa (raw, json)
Hash identifier: R1ddOq3iXQq99M9eRszd+Lpsk0uncN6DBnku8Flay2c=
Subject key identifier: 91:BC:02:6E:82:B7:98:AB:A8:2F:E6:2B:51:BC:2A:1E:F8:4E:0F:DB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0158AA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5E24C048EF3E11EF8848E2B3762E951A.roa
Signing time: Thu 20 Feb 2025 03:54:22 +0000
ROA not before: Thu 20 Feb 2025 03:54:18 +0000
ROA not after: Wed 31 Dec 2025 03:54:18 +0000
asID: 35916
IP address blocks: 154.87.32.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88234 (0x158aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 20 03:54:18 2025 GMT
Not After : Dec 31 03:54:18 2025 GMT
Subject: CN=67b6a76e-9b40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a1:16:80:37:ba:93:14:10:60:24:5a:56:c5:
55:c4:aa:94:27:99:24:e3:45:ec:12:88:0b:a3:57:
b2:b2:b2:23:90:ab:96:c4:df:f4:45:8b:65:f8:75:
89:c2:e6:2d:eb:90:6a:7e:8e:81:fc:00:04:0d:a6:
c0:73:af:64:1b:1d:83:d3:0e:07:2f:60:f3:fb:bc:
93:9b:da:de:82:af:86:43:f6:27:92:53:66:ab:25:
fa:72:11:13:ee:6f:3f:e6:b3:bf:eb:bf:44:cb:52:
b6:55:d8:02:0c:c9:ae:5d:99:53:95:96:64:5f:fe:
98:47:7e:b8:9e:5f:23:a9:6e:2e:41:6c:4e:7d:06:
7d:ab:90:84:5d:06:97:8d:21:64:e0:8c:73:8a:09:
97:28:7f:98:6c:0d:92:5b:3d:90:6e:20:f7:e5:9b:
6b:87:ba:92:d9:6a:74:45:e0:b7:25:b6:24:ce:b2:
f2:05:9f:9d:ea:03:20:b5:c8:4b:62:c5:75:97:0e:
e2:74:86:d2:5e:0e:4f:63:2c:52:e9:76:1e:2d:00:
a5:4e:3a:15:80:58:5a:ee:ab:63:7b:e1:fc:36:73:
e3:04:f7:19:62:49:83:44:38:01:69:af:ae:6b:36:
e7:3d:ce:9b:d4:7b:a0:93:08:aa:92:b6:fc:7a:d9:
90:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:BC:02:6E:82:B7:98:AB:A8:2F:E6:2B:51:BC:2A:1E:F8:4E:0F:DB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5E24C048EF3E11EF8848E2B3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.87.32.0/20
Signature Algorithm: sha256WithRSAEncryption
1a:25:2b:70:6a:70:8d:04:5f:3a:94:68:b4:cf:5d:5b:03:58:
26:15:5f:7d:b4:fe:07:e6:4d:f1:43:85:68:87:1e:e0:05:44:
9a:94:9a:43:9b:b1:25:28:f6:db:d5:51:67:cd:85:bb:99:ee:
85:9f:15:2f:a9:ab:dc:80:1b:5f:a6:0c:2e:52:a0:71:3b:d6:
96:10:88:1f:47:31:6a:41:30:b5:1a:05:15:41:e0:bd:02:0f:
63:67:c6:0f:91:b2:18:3a:ef:d7:cf:3c:28:e1:fa:f5:d9:ed:
19:25:a6:55:09:a2:2e:a8:dc:a2:d0:29:69:9d:eb:cb:8c:2a:
28:05:ed:47:22:7d:26:30:74:8f:00:8d:d2:2d:eb:01:26:d3:
8b:4b:e8:6b:c4:d4:86:41:44:8c:2d:6d:1a:bf:4f:ef:f2:cb:
1a:7f:9e:a8:25:df:82:9c:74:66:a3:3d:18:cb:63:77:6a:67:
cc:5d:ad:bc:50:b6:ea:fe:be:d4:80:e7:ab:25:1d:30:bd:95:
23:30:89:fd:76:1b:0f:97:89:92:3b:0d:52:18:50:b3:8a:50:
d7:b8:2e:fc:1a:0a:6f:56:9b:4b:63:67:50:07:c0:f3:d0:ad:
66:fd:b8:ab:db:fb:92:60:60:7a:c9:2c:a4:6f:6f:b9:b2:41:
e2:f5:b1:81
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAViqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjIwMDM1NDE4WhcNMjUxMjMxMDM1NDE4WjAYMRYw
FAYDVQQDEw02N2I2YTc2ZS05YjQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2KEWgDe6kxQQYCRaVsVVxKqUJ5kk40XsEogLo1eysrIjkKuWxN/0RYtl
+HWJwuYt65Bqfo6B/AAEDabAc69kGx2D0w4HL2Dz+7yTm9regq+GQ/YnklNmqyX6
chET7m8/5rO/679Ey1K2VdgCDMmuXZlTlZZkX/6YR364nl8jqW4uQWxOfQZ9q5CE
XQaXjSFk4IxzigmXKH+YbA2SWz2QbiD35Ztrh7qS2Wp0ReC3JbYkzrLyBZ+d6gMg
tchLYsV1lw7idIbSXg5PYyxS6XYeLQClTjoVgFha7qtje+H8NnPjBPcZYkmDRDgB
aa+uazbnPc6b1Hugkwiqkrb8etmQDQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJG8
Am6Ct5irqC/mK1G8Kh74Tg/bMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RTI0QzA0OEVGM0UxMUVGODg0OEUyQjM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmlcgMA0GCSqGSIb3DQEB
CwUAA4IBAQAaJStwanCNBF86lGi0z11bA1gmFV99tP4H5k3xQ4Vohx7gBUSalJpD
m7ElKPbb1VFnzYW7me6FnxUvqavcgBtfpgwuUqBxO9aWEIgfRzFqQTC1GgUVQeC9
Ag9jZ8YPkbIYOu/Xzzwo4fr12e0ZJaZVCaIuqNyi0ClpnevLjCooBe1HIn0mMHSP
AI3SLesBJtOLS+hrxNSGQUSMLW0av0/v8ssaf56oJd+CnHRmoz0Yy2N3amfMXa28
ULbq/r7UgOerJR0wvZUjMIn9dhsPl4mSOw1SGFCzilDXuC78GgpvVptLY2dQB8Dz
0K1m/bir2/uSYGB6ySykb2+5skHi9bGB
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:21:20 2025 by rpki-client