Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10C4BDB8DA4811EFA1B0209C762E951A.roa
File: 10C4BDB8DA4811EFA1B0209C762E951A.roa (raw, json)
Hash identifier: m7v5LtJx8JhK4vCi1lvu8R5M4pl57pw8221lTU0VMRU=
Subject key identifier: 78:54:0A:8B:40:9A:03:77:E9:7D:A6:E6:9E:42:00:D6:11:BE:3F:EF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014632
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10C4BDB8DA4811EFA1B0209C762E951A.roa
Signing time: Fri 24 Jan 2025 11:40:53 +0000
ROA not before: Fri 24 Jan 2025 11:40:49 +0000
ROA not after: Wed 05 Mar 2025 11:40:49 +0000
asID: 48031
IP address blocks: 154.222.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83506 (0x14632)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 11:40:49 2025 GMT
Not After : Mar 5 11:40:49 2025 GMT
Subject: CN=67937c44-bc2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a3:72:42:c5:af:0b:1c:2f:98:61:77:10:34:
38:86:c7:f4:e3:66:4c:f7:60:6e:2a:ee:24:07:fb:
ea:fc:6b:a1:c6:a4:34:25:4d:95:e8:40:68:71:7e:
ac:b3:b6:44:d2:1c:d7:41:cd:aa:09:07:2c:a2:cb:
31:c6:99:18:49:5a:da:98:89:8f:49:48:0c:b9:7b:
c6:d1:10:28:04:7a:96:29:a8:b2:7c:b4:5a:98:11:
29:23:03:c5:4c:66:ea:82:cc:6e:39:64:cd:c8:42:
57:7f:d9:39:1f:ba:6b:ec:ac:99:c1:3f:0f:b7:92:
ca:6a:1e:18:df:9e:a1:d3:1d:58:fc:62:f0:a9:38:
a6:4d:da:a2:ed:29:be:40:2a:14:6b:90:66:4c:af:
e3:76:be:7e:ff:04:de:07:b6:a4:10:31:e0:14:d9:
ca:d2:df:f9:eb:cd:35:2c:e0:27:f2:fc:21:07:6e:
f4:46:97:86:99:b2:a1:7c:66:ea:7e:ea:de:dd:6c:
43:f3:42:3f:d7:d1:07:0f:95:e1:b1:52:8d:92:9f:
3b:e2:ab:c7:38:a2:cf:dc:54:25:a3:87:1d:0e:75:
33:d0:ce:ca:7b:f4:43:77:ff:8a:eb:5f:c0:15:f4:
a1:a2:58:12:fd:20:94:b7:62:aa:b8:1d:a5:80:52:
6b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:54:0A:8B:40:9A:03:77:E9:7D:A6:E6:9E:42:00:D6:11:BE:3F:EF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10C4BDB8DA4811EFA1B0209C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.221.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:8a:87:2d:97:5e:2c:12:6c:7e:83:dd:6f:2f:09:81:f0:34:
a0:30:f8:0e:86:cb:4d:f5:8f:a1:84:30:35:a1:a0:0b:9a:fc:
e6:27:15:ef:b3:d2:df:a9:9b:f4:e6:81:a8:31:8b:b5:68:28:
88:a6:b4:c1:7c:4f:e4:4e:23:a9:f7:21:6f:1b:78:f0:26:90:
a3:1b:c3:77:21:2f:83:c2:2f:02:24:be:ec:59:74:38:2b:3c:
94:e6:66:3e:f0:ca:cc:de:9b:81:a9:ca:35:46:50:1c:e3:55:
88:fe:47:b9:2c:06:a4:7f:15:e1:8a:34:b4:60:b0:44:b2:b5:
3d:58:9f:c7:14:8b:5f:66:b4:b7:6c:78:11:0b:c2:bc:49:2a:
33:1d:2f:65:d4:4d:22:6c:1a:50:58:e5:16:18:60:c0:62:84:
0b:dc:de:e9:72:5f:9a:b1:a7:3c:4c:5b:72:5c:de:d7:66:d8:
21:88:5a:4d:f8:b8:53:1a:c2:e0:dd:60:b4:16:08:3a:3d:95:
0d:65:05:df:35:55:6c:52:c3:aa:59:ab:0c:ed:9a:f3:cc:2d:
75:9a:cc:c0:e5:76:ff:10:26:af:f5:05:cd:16:e3:9e:8b:b9:
cc:51:7b:8d:3a:04:d2:76:8f:b5:73:bb:bb:c1:f9:5f:06:b3:
74:9f:61:e1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUYyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTE0MDQ5WhcNMjUwMzA1MTE0MDQ5WjAYMRYw
FAYDVQQDEw02NzkzN2M0NC1iYzJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2aNyQsWvCxwvmGF3EDQ4hsf042ZM92BuKu4kB/vq/GuhxqQ0JU2V6EBo
cX6ss7ZE0hzXQc2qCQcsossxxpkYSVramImPSUgMuXvG0RAoBHqWKaiyfLRamBEp
IwPFTGbqgsxuOWTNyEJXf9k5H7pr7KyZwT8Pt5LKah4Y356h0x1Y/GLwqTimTdqi
7Sm+QCoUa5BmTK/jdr5+/wTeB7akEDHgFNnK0t/56801LOAn8vwhB270RpeGmbKh
fGbqfure3WxD80I/19EHD5XhsVKNkp874qvHOKLP3FQlo4cdDnUz0M7Ke/RDd/+K
61/AFfSholgS/SCUt2KquB2lgFJrFQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHhU
CotAmgN36X2m5p5CANYRvj/vMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMEM0QkRCOERBNDgxMUVGQTFCMDIwOUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt7dMA0GCSqGSIb3DQEB
CwUAA4IBAQB/ioctl14sEmx+g91vLwmB8DSgMPgOhstN9Y+hhDA1oaALmvzmJxXv
s9LfqZv05oGoMYu1aCiIprTBfE/kTiOp9yFvG3jwJpCjG8N3IS+Dwi8CJL7sWXQ4
KzyU5mY+8MrM3puBqco1RlAc41WI/ke5LAakfxXhijS0YLBEsrU9WJ/HFItfZrS3
bHgRC8K8SSozHS9l1E0ibBpQWOUWGGDAYoQL3N7pcl+asac8TFtyXN7XZtghiFpN
+LhTGsLg3WC0Fgg6PZUNZQXfNVVsUsOqWasM7ZrzzC11mszA5Xb/ECav9QXNFuOe
i7nMUXuNOgTSdo+1c7u7wflfBrN0n2Hh
-----END CERTIFICATE-----
Generated at Sat Apr 26 01:54:24 2025 by rpki-client