Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1BBAFBD6D8BA11EF87C394A2762E951A.roa
File: 1BBAFBD6D8BA11EF87C394A2762E951A.roa (raw, json)
Hash identifier: 4tUFh2FahDzB2oacH/aV508pwkAhk0dhX6Ys5E0aGdA=
Subject key identifier: 02:A7:10:C9:C5:B2:75:72:B6:5D:07:11:34:B0:6C:89:D7:46:BD:CD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013F2C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1BBAFBD6D8BA11EF87C394A2762E951A.roa
Signing time: Wed 22 Jan 2025 12:12:11 +0000
ROA not before: Wed 22 Jan 2025 12:12:07 +0000
ROA not after: Sat 08 Feb 2025 12:12:07 +0000
asID: 18229
IP address blocks: 154.210.218.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81708 (0x13f2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 22 12:12:07 2025 GMT
Not After : Feb 8 12:12:07 2025 GMT
Subject: CN=6790e09b-6bcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:58:62:86:d4:a5:b1:f8:f3:97:46:87:10:d1:
c5:84:cc:ca:12:7a:00:91:da:20:ba:f2:31:87:91:
49:15:6f:a3:58:41:5e:a1:b5:f0:06:ca:7a:d5:26:
18:09:fa:1e:41:a1:a6:b0:8d:0e:43:e3:00:da:9e:
38:05:47:bd:76:51:88:76:86:b2:1d:f3:55:67:b6:
92:08:56:b8:c9:af:6d:8f:06:da:31:f0:26:83:7e:
a0:b9:d2:62:82:1d:4a:a0:91:00:69:09:e1:c6:0b:
00:3a:94:ed:a0:5f:6f:d9:55:d8:0f:cc:cf:49:ad:
b1:37:18:75:1c:94:40:1b:a7:fc:a0:2b:08:18:2f:
3e:47:58:fb:49:95:02:c4:93:d2:1d:15:8c:73:b6:
6e:09:76:bd:dc:00:24:e9:31:5b:2c:c7:ee:2a:ce:
e5:a7:9f:11:d6:b2:7c:43:2a:02:31:dd:33:2f:df:
5b:79:6b:e5:7a:cc:50:f5:64:bf:57:83:5b:5a:f4:
e3:bc:6a:48:47:c4:26:b0:19:32:9e:4b:b6:d4:a1:
81:35:a6:8f:ed:67:73:09:aa:50:21:e2:ea:49:00:
06:59:1c:0c:9b:21:31:fc:40:dd:1c:a7:ba:1d:ad:
5e:ac:3d:2b:c7:92:35:3f:1f:15:98:ba:4f:76:1b:
75:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:A7:10:C9:C5:B2:75:72:B6:5D:07:11:34:B0:6C:89:D7:46:BD:CD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1BBAFBD6D8BA11EF87C394A2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.218.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:46:82:50:ba:28:00:74:36:c4:d0:40:4f:ea:5c:5f:c2:44:
b3:be:2b:29:28:42:2e:f0:dc:3e:39:c2:ea:83:97:66:96:4f:
d5:4e:e8:60:34:c8:7e:d6:7f:22:f2:5b:7b:05:6a:6e:04:95:
86:b1:26:66:3e:45:b8:ac:25:29:0e:47:ce:3e:ec:d1:b9:d9:
c0:dd:50:be:b8:86:c6:80:01:59:74:be:3d:66:cd:38:96:88:
39:5d:0f:33:d0:98:18:f0:a5:95:61:b2:de:c1:04:a0:db:63:
a0:38:c9:85:7e:2f:28:b3:10:03:b8:e1:31:d0:bd:91:99:9a:
90:ae:7c:ae:49:1f:2b:05:f5:bd:71:9f:b8:cc:cf:a7:d5:57:
62:00:9d:32:72:7a:b7:94:7c:93:f6:f9:38:b8:56:dd:97:d3:
db:5e:9c:c5:a7:3c:7a:cd:8d:29:d3:57:02:2f:bf:d2:5f:5a:
9b:37:4c:e2:c6:07:e9:a3:a0:77:cb:b0:a8:09:8b:76:c2:2e:
7f:39:5c:96:4e:b0:1a:3e:0f:a9:e3:78:59:7e:9d:92:3f:eb:
81:fc:c8:d6:f6:20:43:99:7a:94:ba:69:7a:48:cd:6b:fb:f1:
c9:ba:9c:52:12:e0:f8:dc:19:93:cb:4e:39:04:76:d2:39:dd:
1d:e9:76:88
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT8sMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIyMTIxMjA3WhcNMjUwMjA4MTIxMjA3WjAYMRYw
FAYDVQQDEw02NzkwZTA5Yi02YmNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvlhihtSlsfjzl0aHENHFhMzKEnoAkdoguvIxh5FJFW+jWEFeobXwBsp6
1SYYCfoeQaGmsI0OQ+MA2p44BUe9dlGIdoayHfNVZ7aSCFa4ya9tjwbaMfAmg36g
udJigh1KoJEAaQnhxgsAOpTtoF9v2VXYD8zPSa2xNxh1HJRAG6f8oCsIGC8+R1j7
SZUCxJPSHRWMc7ZuCXa93AAk6TFbLMfuKs7lp58R1rJ8QyoCMd0zL99beWvlesxQ
9WS/V4NbWvTjvGpIR8QmsBkynku21KGBNaaP7WdzCapQIeLqSQAGWRwMmyEx/EDd
HKe6Ha1erD0rx5I1Px8VmLpPdht1VQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAKn
EMnFsnVytl0HETSwbInXRr3NMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQkJBRkJENkQ4QkExMUVGODdDMzk0QTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtLaMA0GCSqGSIb3DQEB
CwUAA4IBAQA8RoJQuigAdDbE0EBP6lxfwkSzvispKEIu8Nw+OcLqg5dmlk/VTuhg
NMh+1n8i8lt7BWpuBJWGsSZmPkW4rCUpDkfOPuzRudnA3VC+uIbGgAFZdL49Zs04
log5XQ8z0JgY8KWVYbLewQSg22OgOMmFfi8osxADuOEx0L2RmZqQrnyuSR8rBfW9
cZ+4zM+n1VdiAJ0ycnq3lHyT9vk4uFbdl9PbXpzFpzx6zY0p01cCL7/SX1qbN0zi
xgfpo6B3y7CoCYt2wi5/OVyWTrAaPg+p43hZfp2SP+uB/MjW9iBDmXqUuml6SM1r
+/HJupxSEuD43BmTy045BHbSOd0d6XaI
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:43:01 2025 by rpki-client