Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9BADAE0CF2611EF9662A06D762E951A.roa
File: D9BADAE0CF2611EF9662A06D762E951A.roa (raw, json)
Hash identifier: 0vMdfcUMyVzNhZizRVP4caIun+sEcj7lCFa0V+3U95A=
Subject key identifier: DE:12:9A:EB:E1:99:92:1F:38:C3:4F:23:5F:F2:EE:A6:A6:F2:14:08
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0139AF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9BADAE0CF2611EF9662A06D762E951A.roa
Signing time: Fri 10 Jan 2025 07:45:24 +0000
ROA not before: Fri 10 Jan 2025 07:45:20 +0000
ROA not after: Fri 16 Jan 2026 07:45:20 +0000
asID: 138965
IP address blocks: 154.222.56.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80303 (0x139af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 10 07:45:20 2025 GMT
Not After : Jan 16 07:45:20 2026 GMT
Subject: CN=6780d014-f40e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0b:50:12:36:82:87:60:6f:73:ef:23:66:6f:
71:c9:fb:e5:86:85:41:87:86:61:7c:90:b6:03:2f:
f1:67:29:76:59:2f:9a:3d:28:d2:c6:3f:99:71:3a:
4a:53:c1:03:7c:f0:8f:13:eb:e3:18:42:a7:ab:05:
da:34:79:18:b8:f6:78:90:52:04:34:94:44:93:c5:
3c:1c:13:69:a9:ce:3f:e9:e4:3c:74:c4:bd:3a:a9:
99:68:15:11:d9:b6:53:14:ac:ed:ab:64:50:ce:b3:
a4:ce:8c:91:1b:fa:d4:6e:16:53:42:c2:e3:4a:a1:
4e:f1:ff:21:de:07:6a:bd:2b:64:a9:1d:98:d6:64:
fa:21:ac:03:12:8c:87:73:79:7b:1a:08:75:5a:e2:
69:44:06:3c:da:d4:95:df:2b:53:04:6b:d7:c4:4e:
e4:2b:92:92:65:3b:45:fb:1b:ed:1c:a7:76:90:7e:
6a:94:cb:e8:8b:e7:03:c6:74:f8:b6:eb:50:4b:08:
03:78:f0:a2:05:93:63:de:47:e5:5d:91:c6:25:50:
cf:ef:eb:86:f8:50:ba:e0:09:ea:1c:51:0f:b9:12:
ef:c4:ee:c7:e2:07:79:29:ef:5d:df:4b:a7:06:03:
44:33:48:90:2f:e1:4c:23:4a:f1:3e:72:fa:91:85:
f1:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:12:9A:EB:E1:99:92:1F:38:C3:4F:23:5F:F2:EE:A6:A6:F2:14:08
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9BADAE0CF2611EF9662A06D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.56.0/21
Signature Algorithm: sha256WithRSAEncryption
62:0f:3a:9e:7d:39:88:fa:f0:fb:d1:b4:18:50:36:9b:36:1e:
ae:5b:ae:5d:d4:da:44:4e:b6:ef:44:7a:47:25:f2:f8:23:15:
3c:29:da:bb:d3:78:86:72:68:55:a9:84:a9:d4:e4:66:a5:c8:
a0:81:95:5b:25:44:b5:f3:99:e9:92:d2:90:e4:91:7a:db:4f:
fd:57:de:5b:6e:77:cd:e7:53:8e:08:e2:49:81:b9:2c:ec:c1:
f6:c5:38:8f:4a:f5:35:ec:91:2d:e0:3a:ba:49:8e:4f:49:91:
1b:0a:56:24:3d:b6:71:66:25:84:c3:87:7b:89:df:04:08:63:
e3:e3:4d:cb:4d:10:01:3c:46:0e:5e:b8:65:97:86:e4:c2:c8:
c9:25:36:a4:60:d0:27:d7:f4:d2:63:ef:73:2a:6d:4f:67:41:
83:c6:a8:f7:59:2d:d9:fa:81:f6:83:58:6a:2e:94:56:7f:3a:
af:5a:d1:19:11:6f:c1:a8:c6:8b:49:2f:34:c8:1e:75:d9:2e:
c6:ce:68:2b:fa:b2:71:b2:da:ae:14:0b:57:8c:c1:f0:82:df:
69:66:1a:84:0a:96:d3:01:2f:6f:d7:99:5f:e6:7f:8c:1e:45:
35:11:0d:63:a8:47:67:17:18:37:b8:2b:56:1a:b0:80:43:2a:
97:8f:12:9a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATmvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTEwMDc0NTIwWhcNMjYwMTE2MDc0NTIwWjAYMRYw
FAYDVQQDEw02NzgwZDAxNC1mNDBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAygtQEjaCh2Bvc+8jZm9xyfvlhoVBh4ZhfJC2Ay/xZyl2WS+aPSjSxj+Z
cTpKU8EDfPCPE+vjGEKnqwXaNHkYuPZ4kFIENJREk8U8HBNpqc4/6eQ8dMS9OqmZ
aBUR2bZTFKztq2RQzrOkzoyRG/rUbhZTQsLjSqFO8f8h3gdqvStkqR2Y1mT6IawD
EoyHc3l7Ggh1WuJpRAY82tSV3ytTBGvXxE7kK5KSZTtF+xvtHKd2kH5qlMvoi+cD
xnT4tutQSwgDePCiBZNj3kflXZHGJVDP7+uG+FC64AnqHFEPuRLvxO7H4gd5Ke9d
30unBgNEM0iQL+FMI0rxPnL6kYXxFwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFN4S
muvhmZIfOMNPI1/y7qam8hQIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOUJBREFFMENGMjYxMUVGOTY2MkEwNkQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmt44MA0GCSqGSIb3DQEB
CwUAA4IBAQBiDzqefTmI+vD70bQYUDabNh6uW65d1NpETrbvRHpHJfL4IxU8Kdq7
03iGcmhVqYSp1ORmpciggZVbJUS185npktKQ5JF620/9V95bbnfN51OOCOJJgbks
7MH2xTiPSvU17JEt4Dq6SY5PSZEbClYkPbZxZiWEw4d7id8ECGPj403LTRABPEYO
Xrhll4bkwsjJJTakYNAn1/TSY+9zKm1PZ0GDxqj3WS3Z+oH2g1hqLpRWfzqvWtEZ
EW/BqMaLSS80yB512S7Gzmgr+rJxstquFAtXjMHwgt9pZhqECpbTAS9v15lf5n+M
HkU1EQ1jqEdnFxg3uCtWGrCAQyqXjxKa
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:02:36 2025 by rpki-client