Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1AD67462DA2111EFBB386F96762E951A.roa
File: 1AD67462DA2111EFBB386F96762E951A.roa (raw, json)
Hash identifier: zvV18f0cPUlcxneqoaZB2EzPjwoxiW+Mb8rPxNQZ59U=
Subject key identifier: 23:6E:EB:24:D9:BC:8D:C1:1D:3B:0A:B1:E9:70:FF:26:F0:7F:76:7D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014409
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1AD67462DA2111EFBB386F96762E951A.roa
Signing time: Fri 24 Jan 2025 07:01:59 +0000
ROA not before: Fri 24 Jan 2025 07:01:56 +0000
ROA not after: Sat 01 Mar 2025 07:01:56 +0000
asID: 44559
IP address blocks: 154.203.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82953 (0x14409)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 07:01:56 2025 GMT
Not After : Mar 1 07:01:56 2025 GMT
Subject: CN=67933ae7-5f47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5e:a2:2e:c1:42:79:58:bc:d9:62:26:b1:b3:
4b:cb:21:8c:2b:35:c9:f3:fd:bc:e3:87:60:87:9a:
1f:a7:ae:89:26:f5:e1:6a:fe:1d:f2:81:d5:e6:5b:
26:29:db:8f:41:6c:1f:d1:95:be:09:3c:94:5c:59:
a3:57:d5:cd:29:09:5c:73:b0:36:fc:01:6e:d3:b4:
33:6d:fe:e3:f6:11:53:6f:c8:68:0b:d8:52:dd:b6:
17:8f:8e:ca:7f:e5:20:da:73:90:31:2f:9c:5c:f1:
26:f5:b6:ab:f3:15:ed:1c:8b:1d:70:ff:c3:85:aa:
54:c0:e8:6b:59:c2:87:c4:fd:19:53:b1:d0:c0:d8:
30:ff:e8:f2:e6:6f:8d:c2:c6:90:e3:42:ba:43:0f:
f8:78:b0:62:05:a1:ce:60:6f:2c:42:f5:d3:4b:a5:
d1:47:34:1b:a7:b9:4e:84:c2:b6:19:16:f4:1a:c1:
d1:64:8d:fb:72:83:df:74:a5:b6:53:4e:65:32:c6:
ec:55:ca:bc:49:38:86:03:b6:cd:17:a8:62:27:5a:
23:d2:7c:26:27:7d:0c:50:ff:43:62:95:73:d1:84:
4d:81:56:65:f4:37:7d:a9:c2:b8:fd:2b:df:86:4e:
7f:c2:28:a7:0a:b4:59:8f:33:e0:16:70:a2:15:dc:
66:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:6E:EB:24:D9:BC:8D:C1:1D:3B:0A:B1:E9:70:FF:26:F0:7F:76:7D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1AD67462DA2111EFBB386F96762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.221.0/24
Signature Algorithm: sha256WithRSAEncryption
82:60:c2:3c:a9:2b:89:f6:04:84:db:3c:bb:84:ad:f4:ea:06:
ed:7d:3b:43:27:3e:b5:31:7f:30:e5:2d:9e:30:c5:68:25:46:
c3:b1:e6:d6:f6:4f:04:8a:ae:e2:b4:df:09:e6:e4:3f:ca:5f:
2f:21:e6:fa:43:36:d8:4e:db:91:79:2c:d2:27:17:50:04:71:
ab:54:b1:4e:f7:37:11:d0:2e:9e:4f:bb:80:29:7e:1e:9e:4d:
cd:bf:b4:e1:1f:6d:8e:ab:03:9f:c6:9d:6c:ee:c0:ec:7c:29:
4b:2f:11:8e:e6:60:72:57:e4:14:d2:e1:48:8d:bd:79:8b:fc:
4e:bd:a3:04:7c:98:59:14:3a:44:34:d2:40:98:3b:f3:98:db:
36:67:0d:ad:f9:fb:6a:e2:74:83:67:49:74:f5:9e:db:01:4c:
26:c5:a0:d0:95:af:0a:f2:21:25:bf:63:45:9c:fc:4b:2a:f4:
e6:ad:5e:c1:a4:bf:5a:ba:7c:ea:bf:05:e1:5d:3e:4d:82:1c:
0b:3b:69:0d:93:7f:26:80:15:13:b1:99:23:7e:89:b2:76:fc:
7f:26:a0:99:46:83:b9:52:e3:b1:b3:31:d5:53:0a:b0:5a:3b:
00:d6:f2:d1:0e:12:12:96:5a:33:6d:29:e3:bf:a3:a6:39:18:
e1:73:ca:8d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUQJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDcwMTU2WhcNMjUwMzAxMDcwMTU2WjAYMRYw
FAYDVQQDEw02NzkzM2FlNy01ZjQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw16iLsFCeVi82WImsbNLyyGMKzXJ8/2844dgh5ofp66JJvXhav4d8oHV
5lsmKduPQWwf0ZW+CTyUXFmjV9XNKQlcc7A2/AFu07Qzbf7j9hFTb8hoC9hS3bYX
j47Kf+Ug2nOQMS+cXPEm9bar8xXtHIsdcP/DhapUwOhrWcKHxP0ZU7HQwNgw/+jy
5m+NwsaQ40K6Qw/4eLBiBaHOYG8sQvXTS6XRRzQbp7lOhMK2GRb0GsHRZI37coPf
dKW2U05lMsbsVcq8STiGA7bNF6hiJ1oj0nwmJ30MUP9DYpVz0YRNgVZl9Dd9qcK4
/Svfhk5/wiinCrRZjzPgFnCiFdxm+wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCNu
6yTZvI3BHTsKselw/ybwf3Z9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQUQ2NzQ2MkRBMjExMUVGQkIzODZGOTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsvdMA0GCSqGSIb3DQEB
CwUAA4IBAQCCYMI8qSuJ9gSE2zy7hK306gbtfTtDJz61MX8w5S2eMMVoJUbDsebW
9k8Eiq7itN8J5uQ/yl8vIeb6QzbYTtuReSzSJxdQBHGrVLFO9zcR0C6eT7uAKX4e
nk3Nv7ThH22OqwOfxp1s7sDsfClLLxGO5mByV+QU0uFIjb15i/xOvaMEfJhZFDpE
NNJAmDvzmNs2Zw2t+ftq4nSDZ0l09Z7bAUwmxaDQla8K8iElv2NFnPxLKvTmrV7B
pL9aunzqvwXhXT5NghwLO2kNk38mgBUTsZkjfomydvx/JqCZRoO5UuOxszHVUwqw
WjsA1vLRDhISllozbSnjv6OmORjhc8qN
-----END CERTIFICATE-----
Generated at Sat Apr 26 20:34:29 2025 by rpki-client