Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0CCE7EE4D9D311EFB012D77C762E951A.roa
File: 0CCE7EE4D9D311EFB012D77C762E951A.roa (raw, json)
Hash identifier: TnowSysfdsgdsqL8hh0QA5czJ98sbuPZYE5xB5m89zc=
Subject key identifier: DD:A1:89:76:62:94:33:92:A3:7C:A3:64:C5:16:2F:DA:DC:50:5F:62
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01431F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0CCE7EE4D9D311EFB012D77C762E951A.roa
Signing time: Thu 23 Jan 2025 21:43:15 +0000
ROA not before: Fri 24 Jan 2025 21:43:11 +0000
ROA not after: Fri 28 Feb 2025 21:43:11 +0000
asID: 62240
IP address blocks: 154.196.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82719 (0x1431f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 21:43:11 2025 GMT
Not After : Feb 28 21:43:11 2025 GMT
Subject: CN=6792b7f3-377c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b7:28:32:b5:ab:7d:e2:08:14:d8:b1:2e:52:
47:30:ce:c5:fa:55:5b:c9:dd:c0:4e:6b:e0:43:56:
99:00:9a:2a:ac:7d:c2:39:6e:34:2a:b1:73:71:c7:
ec:fa:3c:ed:9c:de:70:39:35:ed:f6:dd:7c:a3:41:
b9:05:00:b0:1d:06:83:5d:84:1c:e0:09:8e:0d:71:
ae:9d:ad:b0:c1:62:36:f3:66:20:5c:55:c6:0d:45:
a6:b2:2a:83:d2:dd:1d:94:fa:cf:52:8a:ed:dc:e2:
fa:ee:99:8c:a4:26:40:e0:34:13:7b:da:7e:72:f1:
05:ce:3f:70:48:c4:a5:72:77:c9:c7:21:58:bb:5c:
35:22:0e:ad:c8:bd:14:a9:99:1c:ce:3f:ea:6b:7b:
cd:18:20:bb:66:26:bc:c9:08:52:49:b6:62:36:b4:
d8:f2:57:38:0a:73:eb:1b:3a:49:57:31:cb:27:12:
1b:3b:d9:fa:85:70:0e:9e:c5:bf:49:db:e4:45:65:
8c:8c:c9:d1:d0:83:0d:82:af:e4:ce:4b:e5:28:3b:
65:6b:73:c5:fd:5a:bc:cc:e8:d1:0e:1e:24:6e:3e:
62:40:12:12:d8:4c:b8:2a:f7:75:97:d8:2c:14:da:
89:35:04:80:aa:b7:92:fe:e1:fb:d6:d1:ba:bc:88:
4c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:A1:89:76:62:94:33:92:A3:7C:A3:64:C5:16:2F:DA:DC:50:5F:62
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0CCE7EE4D9D311EFB012D77C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.91.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:a4:09:eb:52:59:93:50:96:0d:34:f6:0d:b4:e8:c2:5a:ff:
d1:2a:82:b9:0c:cb:45:b1:d4:ee:f6:06:9b:94:b1:47:15:57:
63:13:2f:4d:64:16:34:4f:ca:5c:ff:26:fd:ba:08:50:25:63:
3d:07:83:88:26:f8:4a:32:af:26:a5:73:0d:44:94:49:d1:0a:
d8:15:4c:5f:54:47:33:2f:0c:93:2f:1f:17:19:f7:17:70:24:
1b:b9:70:03:9c:b6:2d:79:03:dc:ac:d2:6c:f5:e8:c5:0e:3a:
08:f5:ac:62:fc:ed:6a:fb:79:b8:e7:72:91:58:a4:3a:aa:46:
e6:14:1e:25:b7:df:16:3f:e2:a9:89:4f:18:64:72:22:12:42:
f0:6c:65:de:4c:53:08:24:dc:fc:aa:f9:7e:72:97:43:fc:eb:
b9:9d:3b:a3:23:9e:4a:ef:bd:79:16:89:c9:bb:a6:d0:0f:78:
b0:c4:51:4d:cf:1e:32:9b:8a:26:68:c3:22:79:05:b8:cd:8e:
0e:79:da:26:07:5d:4a:cd:84:2f:c8:35:f3:43:e7:1e:50:d3:
47:17:94:35:78:37:c5:ff:15:20:2b:aa:cb:0c:dc:fc:df:0e:
49:77:0a:08:08:fc:2d:55:6e:1f:76:23:f9:34:6c:41:d5:ba:
1d:aa:0a:62
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUMfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MjE0MzExWhcNMjUwMjI4MjE0MzExWjAYMRYw
FAYDVQQDEw02NzkyYjdmMy0zNzdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuLcoMrWrfeIIFNixLlJHMM7F+lVbyd3ATmvgQ1aZAJoqrH3COW40KrFz
ccfs+jztnN5wOTXt9t18o0G5BQCwHQaDXYQc4AmODXGuna2wwWI282YgXFXGDUWm
siqD0t0dlPrPUort3OL67pmMpCZA4DQTe9p+cvEFzj9wSMSlcnfJxyFYu1w1Ig6t
yL0UqZkczj/qa3vNGCC7Zia8yQhSSbZiNrTY8lc4CnPrGzpJVzHLJxIbO9n6hXAO
nsW/SdvkRWWMjMnR0IMNgq/kzkvlKDtla3PF/Vq8zOjRDh4kbj5iQBIS2Ey4Kvd1
l9gsFNqJNQSAqreS/uH71tG6vIhMfwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFN2h
iXZilDOSo3yjZMUWL9rcUF9iMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQ0NFN0VFNEQ5RDMxMUVGQjAxMkQ3N0M3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsRbMA0GCSqGSIb3DQEB
CwUAA4IBAQC6pAnrUlmTUJYNNPYNtOjCWv/RKoK5DMtFsdTu9gablLFHFVdjEy9N
ZBY0T8pc/yb9ughQJWM9B4OIJvhKMq8mpXMNRJRJ0QrYFUxfVEczLwyTLx8XGfcX
cCQbuXADnLYteQPcrNJs9ejFDjoI9axi/O1q+3m453KRWKQ6qkbmFB4lt98WP+Kp
iU8YZHIiEkLwbGXeTFMIJNz8qvl+cpdD/Ou5nTujI55K7715FonJu6bQD3iwxFFN
zx4ym4omaMMieQW4zY4OedomB11KzYQvyDXzQ+ceUNNHF5Q1eDfF/xUgK6rLDNz8
3w5JdwoICPwtVW4fdiP5NGxB1bodqgpi
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:52:04 2025 by rpki-client