Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10F70D4ED98611EFBAD8C681762E951A.roa
File: 10F70D4ED98611EFBAD8C681762E951A.roa (raw, json)
Hash identifier: +KSc2fvoBPb8cas+3/1ofwMvVxhw5jPiIpKtm4JAaDM=
Subject key identifier: CD:2A:4A:5F:96:A5:31:B0:B8:BB:1C:78:C9:B0:2E:BD:C7:83:AE:9E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014220
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10F70D4ED98611EFBAD8C681762E951A.roa
Signing time: Thu 23 Jan 2025 12:32:11 +0000
ROA not before: Thu 23 Jan 2025 12:32:07 +0000
ROA not after: Fri 28 Feb 2025 12:32:07 +0000
asID: 62240
IP address blocks: 154.195.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82464 (0x14220)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 23 12:32:07 2025 GMT
Not After : Feb 28 12:32:07 2025 GMT
Subject: CN=679236cb-bb43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:30:d2:78:3f:8b:a1:e7:10:d9:0a:15:d3:05:
80:c9:c9:f4:a0:e2:26:26:9f:e3:98:d4:b1:95:b6:
d1:bc:97:c3:23:ab:2f:ea:26:22:23:e1:cd:38:a4:
2e:04:1f:ef:1e:a2:70:46:c5:11:1c:76:27:54:c7:
78:b2:b0:f9:58:5a:21:68:7f:5f:17:9f:63:d0:e5:
79:59:5a:a7:39:f6:25:85:4b:e2:b6:a1:3f:6a:e9:
ea:11:2c:34:10:34:ef:4f:63:19:c1:57:a9:f1:49:
40:38:96:82:a2:73:ad:53:05:dd:f7:fb:f8:a6:0d:
6a:be:14:53:7b:09:f3:e6:82:16:a0:3e:d3:17:5d:
01:a8:de:a3:64:50:67:37:f3:89:3f:9e:c6:19:42:
19:f2:42:3f:50:2d:b5:6a:4d:81:59:a9:07:97:18:
2f:ec:ca:0b:4f:13:c0:b1:81:9d:69:2c:4b:71:d6:
6c:6f:33:24:c1:51:a0:73:f4:4b:64:64:c0:de:5a:
6c:59:f9:11:e8:6b:2b:95:f6:a0:21:d9:8b:d2:20:
3b:a8:ab:96:d0:af:ab:c9:50:1a:b2:f5:70:15:00:
19:f4:da:a0:76:6e:49:de:f1:0c:49:79:51:9f:7a:
55:27:23:16:2b:6a:52:45:39:69:ae:87:39:73:ec:
d7:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:2A:4A:5F:96:A5:31:B0:B8:BB:1C:78:C9:B0:2E:BD:C7:83:AE:9E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10F70D4ED98611EFBAD8C681762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.21.0/24
Signature Algorithm: sha256WithRSAEncryption
69:c1:69:27:18:c2:2b:06:92:8f:2f:34:3d:cd:b9:3c:ef:fb:
bf:72:89:6b:67:c4:e5:34:f9:d6:4b:96:87:c9:51:2d:b1:a1:
c5:34:a6:b1:2d:b1:ac:93:e8:d2:c1:2e:59:43:33:da:18:2c:
30:43:b8:22:c6:57:3a:7c:65:a8:3b:e9:60:74:06:79:79:04:
19:51:1d:8d:c9:15:53:d3:ef:4f:84:6e:18:4a:af:f5:a2:3c:
17:22:1b:f9:a8:16:d4:c3:aa:23:c4:d8:50:31:31:71:ba:6d:
4e:6a:d6:49:18:d3:cb:15:0c:3e:e0:ea:f1:43:10:8e:c7:a9:
7a:84:96:00:ca:e4:f4:17:83:53:27:98:fe:3b:04:de:95:99:
14:56:f3:bd:16:06:78:e8:2e:a5:a8:6d:b8:b8:4a:17:49:da:
7f:c6:12:51:0a:53:3a:4f:0d:c1:a7:6e:65:0a:66:4a:9e:22:
97:01:73:18:18:53:51:e1:35:79:5d:1b:0b:05:75:a4:36:b7:
5c:fb:48:82:c1:00:4f:55:90:de:55:53:bd:24:b1:28:a4:02:
4c:65:06:6c:7f:7c:ee:12:79:00:b3:61:c0:43:46:07:3e:2a:
cb:ef:75:d0:39:d9:2a:20:a7:7e:06:8a:50:3a:77:61:7d:d9:
63:78:20:a5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUIgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMTIzMjA3WhcNMjUwMjI4MTIzMjA3WjAYMRYw
FAYDVQQDEw02NzkyMzZjYi1iYjQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAojDSeD+LoecQ2QoV0wWAycn0oOImJp/jmNSxlbbRvJfDI6sv6iYiI+HN
OKQuBB/vHqJwRsURHHYnVMd4srD5WFohaH9fF59j0OV5WVqnOfYlhUvitqE/aunq
ESw0EDTvT2MZwVep8UlAOJaConOtUwXd9/v4pg1qvhRTewnz5oIWoD7TF10BqN6j
ZFBnN/OJP57GGUIZ8kI/UC21ak2BWakHlxgv7MoLTxPAsYGdaSxLcdZsbzMkwVGg
c/RLZGTA3lpsWfkR6GsrlfagIdmL0iA7qKuW0K+ryVAasvVwFQAZ9Nqgdm5J3vEM
SXlRn3pVJyMWK2pSRTlproc5c+zXiwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM0q
Sl+WpTGwuLsceMmwLr3Hg66eMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMEY3MEQ0RUQ5ODYxMUVGQkFEOEM2ODE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsMVMA0GCSqGSIb3DQEB
CwUAA4IBAQBpwWknGMIrBpKPLzQ9zbk87/u/colrZ8TlNPnWS5aHyVEtsaHFNKax
LbGsk+jSwS5ZQzPaGCwwQ7gixlc6fGWoO+lgdAZ5eQQZUR2NyRVT0+9PhG4YSq/1
ojwXIhv5qBbUw6ojxNhQMTFxum1OatZJGNPLFQw+4OrxQxCOx6l6hJYAyuT0F4NT
J5j+OwTelZkUVvO9FgZ46C6lqG24uEoXSdp/xhJRClM6Tw3Bp25lCmZKniKXAXMY
GFNR4TV5XRsLBXWkNrdc+0iCwQBPVZDeVVO9JLEopAJMZQZsf3zuEnkAs2HAQ0YH
PirL73XQOdkqIKd+BopQOndhfdljeCCl
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:02:26 2025 by rpki-client