Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B96CF9B2DFED11EF8CB47CB5762E951A.roa
File: B96CF9B2DFED11EF8CB47CB5762E951A.roa (raw, json)
Hash identifier: 1qgzMm30qiwvDBiX6o3murL1c0b5sGPLtiyCHlQraq4=
Subject key identifier: A7:39:11:63:5A:53:11:69:83:BE:D5:C6:B1:CB:DB:F8:4A:0F:27:FB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014E0B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B96CF9B2DFED11EF8CB47CB5762E951A.roa
Signing time: Fri 31 Jan 2025 16:09:18 +0000
ROA not before: Fri 31 Jan 2025 16:09:14 +0000
ROA not after: Sat 03 Jan 2026 16:09:14 +0000
asID: 40065
IP address blocks: 154.88.16.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85515 (0x14e0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 31 16:09:14 2025 GMT
Not After : Jan 3 16:09:14 2026 GMT
Subject: CN=679cf5ae-f1d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:18:5c:c1:54:f8:df:03:06:b6:98:6a:a0:ba:
3d:64:eb:96:08:f7:1d:0a:9d:73:c3:3b:a6:c3:b0:
40:f0:d3:34:e8:3c:31:8d:ea:35:3f:16:b6:53:11:
5d:db:ed:ec:06:24:ee:fe:5c:df:1d:f6:55:09:26:
6f:f3:b5:59:24:0c:ec:cd:60:76:ee:a6:19:83:cc:
b1:33:92:60:71:d6:1b:e3:42:32:ac:9a:40:da:9e:
19:e2:f0:9a:51:d0:9f:b7:4f:82:dd:07:16:86:3a:
a3:9e:dc:0c:e8:3c:31:23:dc:6f:28:1e:a7:f8:08:
4b:7b:f6:3d:6e:95:17:29:e6:61:fd:10:9e:f3:47:
6c:51:0b:f0:f7:6a:4f:4a:56:56:fd:9a:0c:03:d1:
e4:ce:10:78:f0:57:1e:70:38:64:b5:5e:e0:f5:ba:
46:86:22:6c:2e:6a:cf:af:ef:e9:53:d7:0c:eb:7b:
97:5f:9b:60:ef:ac:1f:30:49:ec:fd:69:93:65:3a:
ee:b9:0b:8f:d3:29:a3:6a:ea:67:5f:89:3c:dd:92:
68:3d:96:78:5c:d3:e2:3d:38:54:47:ef:d9:41:61:
e7:e8:6c:e5:d5:44:08:b0:1d:c0:f4:1a:91:7c:d8:
e2:ed:72:dd:2e:f9:ef:55:4b:27:ee:9d:d4:31:94:
ba:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:39:11:63:5A:53:11:69:83:BE:D5:C6:B1:CB:DB:F8:4A:0F:27:FB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B96CF9B2DFED11EF8CB47CB5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.16.0/23
Signature Algorithm: sha256WithRSAEncryption
44:c2:d2:7b:d3:75:33:f7:4d:dc:8c:60:42:f0:57:db:c0:cb:
b8:f0:a6:74:e3:42:f1:b5:26:37:cb:5a:81:9b:01:04:62:86:
25:95:38:57:d1:67:28:66:ef:f5:3d:a2:f6:4f:f7:96:c9:9b:
9d:54:c2:86:b1:86:47:4d:57:70:49:2f:33:12:7a:f4:e2:2c:
6f:75:e5:9f:53:d7:15:cf:a4:94:cc:fd:fd:54:7b:dc:ab:77:
6e:c5:3d:6c:4b:99:85:c7:24:d8:67:f5:13:db:2c:cb:96:29:
53:ee:6a:d9:ff:ba:bd:14:09:11:38:21:46:ff:ac:19:d4:58:
0a:cf:13:8c:3a:62:d7:2b:0b:5e:63:4d:f4:22:3e:9b:43:29:
59:7a:54:30:e7:f5:ec:7b:5d:45:c3:69:73:4c:1c:40:2a:2e:
91:d4:a0:87:bf:2d:cb:2b:25:f3:5b:83:00:b9:60:f5:3c:d9:
a1:02:24:0b:66:72:d4:e7:51:15:dd:fe:53:a3:f2:7e:c4:a8:
78:a0:51:61:f5:77:ff:62:27:dc:79:7e:ec:42:9d:31:ad:b4:
45:45:df:c3:42:dc:3c:60:c2:53:96:c3:72:b8:e8:2a:08:a6:
60:69:7d:06:17:c1:ff:09:9f:27:6f:ff:6a:93:3b:58:f7:64:
eb:e7:90:15
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAU4LMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTMxMTYwOTE0WhcNMjYwMTAzMTYwOTE0WjAYMRYw
FAYDVQQDEw02NzljZjVhZS1mMWQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6BhcwVT43wMGtphqoLo9ZOuWCPcdCp1zwzumw7BA8NM06Dwxjeo1Pxa2
UxFd2+3sBiTu/lzfHfZVCSZv87VZJAzszWB27qYZg8yxM5JgcdYb40IyrJpA2p4Z
4vCaUdCft0+C3QcWhjqjntwM6DwxI9xvKB6n+AhLe/Y9bpUXKeZh/RCe80dsUQvw
92pPSlZW/ZoMA9HkzhB48FcecDhktV7g9bpGhiJsLmrPr+/pU9cM63uXX5tg76wf
MEns/WmTZTruuQuP0ymjaupnX4k83ZJoPZZ4XNPiPThUR+/ZQWHn6Gzl1UQIsB3A
9BqRfNji7XLdLvnvVUsn7p3UMZS6xwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKc5
EWNaUxFpg77VxrHL2/hKDyf7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9COTZDRjlCMkRGRUQxMUVGOENCNDdDQjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlgQMA0GCSqGSIb3DQEB
CwUAA4IBAQBEwtJ703Uz903cjGBC8FfbwMu48KZ040LxtSY3y1qBmwEEYoYllThX
0WcoZu/1PaL2T/eWyZudVMKGsYZHTVdwSS8zEnr04ixvdeWfU9cVz6SUzP39VHvc
q3duxT1sS5mFxyTYZ/UT2yzLlilT7mrZ/7q9FAkROCFG/6wZ1FgKzxOMOmLXKwte
Y030Ij6bQylZelQw5/Xse11Fw2lzTBxAKi6R1KCHvy3LKyXzW4MAuWD1PNmhAiQL
ZnLU51EV3f5To/J+xKh4oFFh9Xf/YifceX7sQp0xrbRFRd/DQtw8YMJTlsNyuOgq
CKZgaX0GF8H/CZ8nb/9qkztY92Tr55AV
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:35:33 2025 by rpki-client