Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0CCF711EDA4111EFB50E0E6E762E951A.roa
File: 0CCF711EDA4111EFB50E0E6E762E951A.roa (raw, json)
Hash identifier: lHduc28+LHVmmrbmjpN452B/Cwo3GVYY/0ByoHMAU6s=
Subject key identifier: 88:C6:E9:24:AE:83:5F:38:3C:AB:A5:A2:3F:84:D8:C1:94:75:CC:15
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0145C3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0CCF711EDA4111EFB50E0E6E762E951A.roa
Signing time: Fri 24 Jan 2025 10:50:40 +0000
ROA not before: Fri 24 Jan 2025 10:50:36 +0000
ROA not after: Wed 05 Mar 2025 10:50:36 +0000
asID: 202656
IP address blocks: 154.219.25.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83395 (0x145c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 10:50:36 2025 GMT
Not After : Mar 5 10:50:36 2025 GMT
Subject: CN=6793707f-3471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:3b:72:a7:8a:86:bd:53:07:02:0b:71:f8:fe:
0e:08:45:a7:60:cc:77:c0:6b:ce:a0:a9:24:1d:2b:
14:d7:6e:3e:4c:86:20:f5:ea:09:4e:c4:be:a5:b6:
5f:e0:e4:05:a3:f5:4f:45:28:48:05:e2:ee:ed:3b:
25:6e:0d:31:12:66:32:a9:5e:25:9d:e7:e8:3a:64:
f1:52:72:7e:ae:3e:1f:eb:7a:2f:a5:75:74:0b:29:
38:a5:69:a7:47:c6:54:81:b8:13:0d:e5:a6:c0:7e:
aa:84:7e:82:a0:ea:c3:3a:52:73:62:ef:e3:51:f4:
e3:9d:d7:1b:b2:db:0a:78:65:a4:6a:f9:b8:d1:f8:
81:b6:92:07:3c:80:74:2f:4d:72:8b:5f:87:f1:78:
af:d5:29:16:55:7d:a5:55:fe:e8:31:6f:63:93:d2:
f7:dc:51:c9:ce:22:b5:c7:0b:bd:0c:90:92:a8:c8:
39:44:b3:eb:10:f0:a8:37:14:61:e1:90:bb:74:e9:
83:c4:0d:c1:44:b6:96:61:2b:b3:ef:5c:74:0b:8f:
d4:fc:ff:a8:d0:fa:0d:2e:5e:7b:04:57:bd:84:78:
4a:c1:3a:48:ce:ee:67:44:94:7d:17:2c:b4:08:00:
7b:93:a6:4a:73:b3:9e:7d:74:37:84:26:6b:8f:5a:
a2:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C6:E9:24:AE:83:5F:38:3C:AB:A5:A2:3F:84:D8:C1:94:75:CC:15
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0CCF711EDA4111EFB50E0E6E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.25.0/24
Signature Algorithm: sha256WithRSAEncryption
13:12:69:b4:d6:b0:d8:4c:2c:0f:4a:ac:58:2b:83:63:a8:23:
51:b9:40:a3:64:99:d6:ac:e6:4f:06:4b:fb:34:90:37:da:80:
5d:61:82:65:b9:cb:50:89:c3:7f:53:9d:f2:69:af:6b:13:5a:
86:6b:23:5d:95:51:3a:fb:25:a4:7b:14:40:03:23:d7:41:e0:
3d:a1:d5:e6:7c:a7:5b:3a:f3:5d:f6:61:e1:c8:b1:80:04:e6:
77:72:78:6e:a4:25:24:a7:af:8d:40:31:4e:d1:11:40:d0:a3:
d2:3f:42:09:fd:38:be:8a:c9:58:4f:de:ca:9b:08:76:53:e3:
32:ce:1d:44:8e:16:f4:45:e6:bb:2a:85:a6:f1:63:36:31:9e:
18:12:ca:08:73:1c:1d:e8:0b:b1:53:28:cb:69:04:6b:30:4f:
c0:d9:c9:8a:30:53:17:b6:37:c7:62:25:d7:33:1c:fd:12:7d:
cf:4a:dd:ea:06:ab:bb:55:94:35:84:f0:cb:8c:de:58:3d:25:
5c:3d:3f:9f:7f:9b:5a:c2:7f:37:04:6f:d8:7c:3e:3f:98:ea:
43:2c:2d:d8:d5:7c:b1:c3:c4:f3:54:1a:40:77:27:70:ba:74:
a7:6c:19:a2:68:ec:c7:42:96:d3:aa:5c:f5:f7:b5:0e:7f:09:
28:28:0c:35
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUXDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTA1MDM2WhcNMjUwMzA1MTA1MDM2WjAYMRYw
FAYDVQQDEw02NzkzNzA3Zi0zNDcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4jtyp4qGvVMHAgtx+P4OCEWnYMx3wGvOoKkkHSsU124+TIYg9eoJTsS+
pbZf4OQFo/VPRShIBeLu7Tslbg0xEmYyqV4lnefoOmTxUnJ+rj4f63ovpXV0Cyk4
pWmnR8ZUgbgTDeWmwH6qhH6CoOrDOlJzYu/jUfTjndcbstsKeGWkavm40fiBtpIH
PIB0L01yi1+H8Xiv1SkWVX2lVf7oMW9jk9L33FHJziK1xwu9DJCSqMg5RLPrEPCo
NxRh4ZC7dOmDxA3BRLaWYSuz71x0C4/U/P+o0PoNLl57BFe9hHhKwTpIzu5nRJR9
Fyy0CAB7k6ZKc7OefXQ3hCZrj1qijQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIjG
6SSug184PKuloj+E2MGUdcwVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQ0NGNzExRURBNDExMUVGQjUwRTBFNkU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtsZMA0GCSqGSIb3DQEB
CwUAA4IBAQATEmm01rDYTCwPSqxYK4NjqCNRuUCjZJnWrOZPBkv7NJA32oBdYYJl
uctQicN/U53yaa9rE1qGayNdlVE6+yWkexRAAyPXQeA9odXmfKdbOvNd9mHhyLGA
BOZ3cnhupCUkp6+NQDFO0RFA0KPSP0IJ/Ti+islYT97Kmwh2U+Myzh1Ejhb0Rea7
KoWm8WM2MZ4YEsoIcxwd6AuxUyjLaQRrME/A2cmKMFMXtjfHYiXXMxz9En3PSt3q
Bqu7VZQ1hPDLjN5YPSVcPT+ff5tawn83BG/YfD4/mOpDLC3Y1Xyxw8TzVBpAdydw
unSnbBmiaOzHQpbTqlz197UOfwkoKAw1
-----END CERTIFICATE-----
Generated at Sun Apr 27 09:51:45 2025 by rpki-client