Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/174EE5A2DA2811EF9ADF9B45762E951A.roa
File: 174EE5A2DA2811EF9ADF9B45762E951A.roa (raw, json)
Hash identifier: 8SQNnMUDjt0/TKmH22ut6s5a8NQi8qelTbUEi6RIZ9A=
Subject key identifier: 2A:F2:BB:E5:A2:8D:84:0F:8B:CD:20:04:79:52:FA:FD:8B:C5:74:9D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014434
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/174EE5A2DA2811EF9ADF9B45762E951A.roa
Signing time: Fri 24 Jan 2025 07:52:00 +0000
ROA not before: Fri 24 Jan 2025 07:51:56 +0000
ROA not after: Wed 05 Mar 2025 07:51:56 +0000
asID: 202656
IP address blocks: 154.222.40.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82996 (0x14434)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 07:51:56 2025 GMT
Not After : Mar 5 07:51:56 2025 GMT
Subject: CN=679346a0-e542
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b4:43:2d:8b:77:36:f1:00:1a:b0:ec:38:43:
79:b2:16:7e:f9:b4:c6:e7:87:4d:67:d5:60:e5:43:
fd:3c:c3:8a:39:e8:5c:b6:44:9a:95:da:de:7b:bb:
8f:4c:ff:9e:7c:f9:86:52:bf:28:2a:f4:f2:5d:0c:
b4:1d:60:88:88:8c:91:6c:85:be:aa:d8:d5:5f:25:
d2:d8:85:00:23:a5:a9:ef:be:c4:88:72:c1:9c:dc:
ed:01:08:cb:1e:59:69:7d:d3:a9:30:81:44:6c:0a:
1c:d4:4f:7e:05:d7:6c:1b:db:c1:b7:84:35:c4:06:
05:bb:8d:aa:cb:ed:89:e7:b7:0f:c4:ab:82:f1:f8:
25:8e:c3:68:17:9f:dd:86:4a:c7:ce:c7:3e:43:d0:
b4:61:01:fd:1c:8e:ca:d4:13:cf:bb:6f:e3:fa:f8:
a6:c0:38:5c:cd:28:44:07:ed:9d:5e:1e:d9:35:0c:
df:cf:21:87:c0:c3:fd:16:73:8e:b8:26:d4:29:1f:
7b:49:ab:8c:8c:63:26:e9:6b:6b:5c:6d:b9:6e:77:
bc:60:8d:cf:f2:71:40:55:91:c3:ab:31:5f:3b:66:
c5:d5:9d:34:69:61:51:66:46:12:7c:0e:5b:11:b9:
fd:c5:92:ea:a0:4c:87:d2:b5:b2:64:5f:6a:8b:bc:
d5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F2:BB:E5:A2:8D:84:0F:8B:CD:20:04:79:52:FA:FD:8B:C5:74:9D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/174EE5A2DA2811EF9ADF9B45762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.40.0/24
Signature Algorithm: sha256WithRSAEncryption
45:0b:da:15:c7:a3:5b:9a:a9:5d:4f:4d:fa:27:2a:3f:ce:67:
5d:67:36:77:a0:41:79:0f:2b:7d:dd:5f:dc:3a:93:db:54:a9:
a8:2f:9f:a0:49:5e:e8:b2:1b:60:3f:45:de:94:66:5f:9c:2f:
8e:7d:51:3d:7b:06:af:89:bb:26:8b:59:9e:86:4a:48:d4:e7:
e1:a5:5e:2b:58:fc:f0:57:48:a3:40:68:18:cb:f2:2b:87:b3:
9f:37:da:9a:9d:48:e5:ce:bd:7a:2a:97:96:15:c9:f9:93:25:
e2:9d:c6:3e:7f:4d:5f:29:a8:5b:e1:6e:44:1d:57:c6:49:b6:
4e:88:1a:a9:3e:e5:ad:b9:f0:e3:34:ea:84:f4:2c:c8:b6:a5:
0f:4c:cc:d5:c9:03:f7:8c:8f:c9:c9:f7:d5:82:7e:54:db:ca:
0e:63:4d:17:b2:a8:fd:24:86:f7:32:b2:73:29:57:71:3b:fa:
82:fc:61:6a:c6:99:e2:bb:2f:53:0a:a7:27:4a:8e:0d:77:ef:
43:25:35:62:00:c6:b9:34:8b:08:e1:67:af:a1:a2:01:54:6d:
b2:ae:54:3c:61:dd:34:c5:0f:ee:09:5f:b1:bd:46:3b:39:9c:
aa:96:7a:21:64:32:95:3b:5c:ea:3a:e7:bc:81:0e:db:a0:28:
d9:0b:7f:9a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUQ0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDc1MTU2WhcNMjUwMzA1MDc1MTU2WjAYMRYw
FAYDVQQDEw02NzkzNDZhMC1lNTQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtrRDLYt3NvEAGrDsOEN5shZ++bTG54dNZ9Vg5UP9PMOKOehctkSaldre
e7uPTP+efPmGUr8oKvTyXQy0HWCIiIyRbIW+qtjVXyXS2IUAI6Wp777EiHLBnNzt
AQjLHllpfdOpMIFEbAoc1E9+BddsG9vBt4Q1xAYFu42qy+2J57cPxKuC8fgljsNo
F5/dhkrHzsc+Q9C0YQH9HI7K1BPPu2/j+vimwDhczShEB+2dXh7ZNQzfzyGHwMP9
FnOOuCbUKR97SauMjGMm6WtrXG25bne8YI3P8nFAVZHDqzFfO2bF1Z00aWFRZkYS
fA5bEbn9xZLqoEyH0rWyZF9qi7zVMwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCry
u+WijYQPi80gBHlS+v2LxXSdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNzRFRTVBMkRBMjgxMUVGOUFERjlCNDU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt4oMA0GCSqGSIb3DQEB
CwUAA4IBAQBFC9oVx6NbmqldT036Jyo/zmddZzZ3oEF5Dyt93V/cOpPbVKmoL5+g
SV7oshtgP0XelGZfnC+OfVE9ewavibsmi1mehkpI1OfhpV4rWPzwV0ijQGgYy/Ir
h7OfN9qanUjlzr16KpeWFcn5kyXincY+f01fKahb4W5EHVfGSbZOiBqpPuWtufDj
NOqE9CzItqUPTMzVyQP3jI/JyffVgn5U28oOY00Xsqj9JIb3MrJzKVdxO/qC/GFq
xpniuy9TCqcnSo4Nd+9DJTViAMa5NIsI4WevoaIBVG2yrlQ8Yd00xQ/uCV+xvUY7
OZyqlnohZDKVO1zqOue8gQ7boCjZC3+a
-----END CERTIFICATE-----
Generated at Sun Apr 27 09:49:53 2025 by rpki-client