Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A8AE13E0C61B11EFAD334F54762E951A.roa
File: A8AE13E0C61B11EFAD334F54762E951A.roa (raw, json)
Hash identifier: M4zJ2hVVzItlVgsKsYKm0drMtJUCcH3UhIR3waDmAEc=
Subject key identifier: 4A:DA:25:47:B5:6F:BF:DD:5C:29:8F:C6:01:DC:6C:77:CE:9C:6E:90
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012F40
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A8AE13E0C61B11EFAD334F54762E951A.roa
Signing time: Sun 29 Dec 2024 19:32:37 +0000
ROA not before: Sun 29 Dec 2024 19:32:33 +0000
ROA not after: Sun 12 Dec 2027 19:32:33 +0000
asID: 17561
IP address blocks: 154.217.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77632 (0x12f40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 19:32:33 2024 GMT
Not After : Dec 12 19:32:33 2027 GMT
Subject: CN=6771a3d5-8323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:43:6e:e8:70:3c:49:33:60:0f:be:42:9c:1f:
10:2e:04:c6:28:26:17:6d:4e:65:ca:5d:0f:73:4b:
06:f9:e2:f8:68:ba:1c:b3:71:04:68:71:ef:c8:0e:
1c:e2:d9:4a:d9:63:5d:9f:1e:b6:c6:15:85:63:d0:
e2:af:01:19:f6:72:bc:8c:19:41:0f:75:7e:ab:1f:
65:99:df:5e:14:e3:e3:ee:b8:cc:0d:41:b7:50:5d:
03:3e:01:3b:9d:8f:00:b5:a5:22:22:e9:e5:7a:6a:
bb:62:0b:f5:89:e3:c5:b1:7d:6b:82:c6:1c:43:e6:
e3:af:51:72:ac:71:5a:59:4e:8c:62:d9:bf:83:b7:
39:5f:5e:44:26:d8:d6:0a:eb:95:59:04:d2:f1:1c:
02:72:52:90:c0:90:b2:61:ee:db:d7:ce:ea:db:fd:
9e:d7:32:c6:bd:8d:38:1a:b8:c4:65:38:96:d5:94:
7e:9f:11:df:7d:dd:e7:6f:6d:47:eb:c4:0d:bd:c4:
d6:df:78:dc:5b:e1:87:74:08:b0:e6:cc:91:55:28:
53:63:92:c1:ec:6e:fe:05:78:7f:5c:11:57:88:9a:
ea:1b:84:98:55:96:2b:df:95:03:90:90:75:af:3a:
88:9d:a3:ad:cd:bf:1d:92:82:bb:5e:25:3a:d5:dc:
b3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:DA:25:47:B5:6F:BF:DD:5C:29:8F:C6:01:DC:6C:77:CE:9C:6E:90
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A8AE13E0C61B11EFAD334F54762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.131.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:24:87:9d:bd:67:76:e1:0c:5f:3e:58:e5:64:2b:d2:9c:b2:
42:1b:34:67:4b:7d:0e:90:77:24:5e:d9:69:6b:66:5f:fd:ad:
b4:74:ee:01:ce:63:08:d8:05:97:41:23:b2:4e:18:64:98:7a:
bf:68:de:7f:28:b3:44:77:3b:d7:f1:7e:dc:02:a6:45:65:34:
a6:b4:7e:db:75:0c:3e:e2:8f:3f:80:47:80:8e:8a:0b:16:a5:
6d:38:03:59:42:f5:94:4b:f0:af:d7:f6:1d:2b:5f:24:17:36:
e5:60:f0:78:6b:f6:a4:d5:18:57:30:98:44:7d:f7:d2:9e:5d:
76:35:9a:20:7f:60:7b:92:fd:db:d4:87:ad:ab:66:42:53:a7:
22:e8:b4:06:fe:47:5b:3f:80:a0:d6:69:fe:4e:ab:34:c6:67:
35:b8:a8:14:da:92:f1:c7:fb:60:72:f0:38:8b:c1:14:0f:94:
52:1d:6f:71:2b:40:89:9b:b4:39:1b:4c:07:d4:a3:ea:5e:4e:
be:2b:45:5b:3c:50:93:bd:92:35:2e:c3:33:32:54:4b:cc:c0:
a5:ea:e1:5f:19:27:f2:d4:61:fa:76:16:10:ba:1e:76:de:41:
6d:3a:8c:22:18:61:f3:ca:18:da:ad:ca:c5:22:be:e8:0c:c4:
67:a7:8d:e2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS9AMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTkzMjMzWhcNMjcxMjEyMTkzMjMzWjAYMRYw
FAYDVQQDEw02NzcxYTNkNS04MzIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA40Nu6HA8STNgD75CnB8QLgTGKCYXbU5lyl0Pc0sG+eL4aLocs3EEaHHv
yA4c4tlK2WNdnx62xhWFY9DirwEZ9nK8jBlBD3V+qx9lmd9eFOPj7rjMDUG3UF0D
PgE7nY8AtaUiIunlemq7Ygv1iePFsX1rgsYcQ+bjr1FyrHFaWU6MYtm/g7c5X15E
JtjWCuuVWQTS8RwCclKQwJCyYe7b187q2/2e1zLGvY04GrjEZTiW1ZR+nxHffd3n
b21H68QNvcTW33jcW+GHdAiw5syRVShTY5LB7G7+BXh/XBFXiJrqG4SYVZYr35UD
kJB1rzqInaOtzb8dkoK7XiU61dyzOQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEra
JUe1b7/dXCmPxgHcbHfOnG6QMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BOEFFMTNFMEM2MUIxMUVGQUQzMzRGNTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtmDMA0GCSqGSIb3DQEB
CwUAA4IBAQDFJIedvWd24QxfPljlZCvSnLJCGzRnS30OkHckXtlpa2Zf/a20dO4B
zmMI2AWXQSOyThhkmHq/aN5/KLNEdzvX8X7cAqZFZTSmtH7bdQw+4o8/gEeAjooL
FqVtOANZQvWUS/Cv1/YdK18kFzblYPB4a/ak1RhXMJhEfffSnl12NZogf2B7kv3b
1Ietq2ZCU6ci6LQG/kdbP4Cg1mn+Tqs0xmc1uKgU2pLxx/tgcvA4i8EUD5RSHW9x
K0CJm7Q5G0wH1KPqXk6+K0VbPFCTvZI1LsMzMlRLzMCl6uFfGSfy1GH6dhYQuh52
3kFtOowiGGHzyhjarcrFIr7oDMRnp43i
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:18:05 2025 by rpki-client