Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1C92311ED97811EFAEB03EA3762E951A.roa
File: 1C92311ED97811EFAEB03EA3762E951A.roa (raw, json)
Hash identifier: 64Opbq9Uhnohpc0bkMgS9TerOELiNhWEYcq9ni49clg=
Subject key identifier: 46:76:C8:D2:EF:9C:AF:72:A6:3A:72:60:29:4C:7C:85:D3:2B:5B:D9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014158
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1C92311ED97811EFAEB03EA3762E951A.roa
Signing time: Thu 23 Jan 2025 10:52:17 +0000
ROA not before: Thu 23 Jan 2025 10:52:13 +0000
ROA not after: Thu 13 Mar 2025 10:52:13 +0000
asID: 63139
IP address blocks: 154.203.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82264 (0x14158)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 23 10:52:13 2025 GMT
Not After : Mar 13 10:52:13 2025 GMT
Subject: CN=67921f61-9f33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b7:83:39:ec:17:6a:ce:2c:88:82:06:25:d1:
9e:05:6a:92:47:63:8a:46:68:66:af:9b:05:08:cb:
4a:58:9b:a5:df:cb:00:df:6a:cb:65:cd:d4:b7:c5:
a4:7d:72:f6:81:d5:24:ab:40:63:78:49:a4:d5:8e:
42:89:3d:51:80:69:5d:f3:77:52:31:80:5c:d4:7e:
2f:fb:ee:06:24:f9:43:8a:f3:f1:47:e0:3f:37:f3:
64:94:e9:57:5e:fa:77:cb:17:88:40:ab:7c:d4:56:
84:5f:4c:69:f6:4f:7b:87:a5:ce:7f:6a:f4:21:3d:
dd:0a:3a:fd:b3:94:83:4a:3b:c6:42:72:85:9b:6e:
9f:dc:05:0a:5a:7a:50:68:b7:91:7a:4b:7a:ff:3b:
91:c9:e3:18:ea:34:24:bd:6e:f6:ef:02:9d:70:f5:
ef:34:14:f1:01:9a:1a:97:94:f3:bd:cf:4d:97:27:
00:a6:9d:e0:71:a9:8c:77:1c:75:c1:8b:f0:06:72:
a3:9a:ca:84:8a:4f:e1:e5:20:3b:55:77:70:de:b1:
79:bd:51:0d:25:d1:0d:e6:25:c1:8e:81:00:ed:54:
f6:99:48:28:2f:61:af:6e:ff:a1:c3:29:39:f2:c6:
53:62:e2:c6:8c:a5:c4:6f:42:b7:1f:80:93:85:59:
b3:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:76:C8:D2:EF:9C:AF:72:A6:3A:72:60:29:4C:7C:85:D3:2B:5B:D9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1C92311ED97811EFAEB03EA3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.173.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:85:d5:56:67:68:3a:46:4b:a9:6e:fb:ba:a9:3b:f4:9d:a6:
e0:67:0b:56:cd:8c:6f:0a:16:ba:43:9f:b6:ff:f6:a0:5e:ef:
2b:c8:b7:02:05:89:94:e3:78:cb:68:32:83:be:13:c3:04:2d:
27:b0:bd:e9:4c:bf:7e:a3:19:2f:32:d6:07:5d:a2:1d:fe:69:
48:2b:6a:ac:70:dc:09:52:0b:e7:a9:90:d8:21:78:98:57:5f:
58:79:b1:ce:d7:48:99:53:45:24:82:4d:d2:5b:06:8a:aa:c6:
61:e1:ec:5a:11:24:54:cd:8d:62:d3:65:74:b5:d3:22:58:57:
6c:1f:e9:cb:4b:74:c0:ca:76:e1:07:2f:45:0b:0b:9a:50:52:
27:45:64:b1:19:42:9b:19:d6:ca:2e:84:f6:58:a7:56:55:c6:
de:86:a0:e6:be:4b:d4:c2:4c:bc:46:85:78:06:14:8a:ea:7d:
86:a7:7c:4c:dd:4b:38:55:62:a1:44:fb:16:58:73:35:27:49:
eb:c1:ca:ad:8f:db:89:bf:4e:2f:f7:2a:cb:a3:a7:fb:db:4f:
72:71:ab:b6:39:64:ec:f0:79:31:2b:60:20:ca:f2:67:9c:0b:
54:9d:69:4b:de:57:dc:00:47:b8:26:b9:47:cc:74:3d:b5:f5:
02:1f:d2:ea
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUFYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMTA1MjEzWhcNMjUwMzEzMTA1MjEzWjAYMRYw
FAYDVQQDEw02NzkyMWY2MS05ZjMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvbeDOewXas4siIIGJdGeBWqSR2OKRmhmr5sFCMtKWJul38sA32rLZc3U
t8WkfXL2gdUkq0BjeEmk1Y5CiT1RgGld83dSMYBc1H4v++4GJPlDivPxR+A/N/Nk
lOlXXvp3yxeIQKt81FaEX0xp9k97h6XOf2r0IT3dCjr9s5SDSjvGQnKFm26f3AUK
WnpQaLeRekt6/zuRyeMY6jQkvW727wKdcPXvNBTxAZoal5Tzvc9NlycApp3gcamM
dxx1wYvwBnKjmsqEik/h5SA7VXdw3rF5vVENJdEN5iXBjoEA7VT2mUgoL2Gvbv+h
wyk58sZTYuLGjKXEb0K3H4CThVmzFQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEZ2
yNLvnK9ypjpyYClMfIXTK1vZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQzkyMzExRUQ5NzgxMUVGQUVCMDNFQTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsutMA0GCSqGSIb3DQEB
CwUAA4IBAQCghdVWZ2g6Rkupbvu6qTv0nabgZwtWzYxvCha6Q5+2//agXu8ryLcC
BYmU43jLaDKDvhPDBC0nsL3pTL9+oxkvMtYHXaId/mlIK2qscNwJUgvnqZDYIXiY
V19YebHO10iZU0Ukgk3SWwaKqsZh4exaESRUzY1i02V0tdMiWFdsH+nLS3TAynbh
By9FCwuaUFInRWSxGUKbGdbKLoT2WKdWVcbehqDmvkvUwky8RoV4BhSK6n2Gp3xM
3Us4VWKhRPsWWHM1J0nrwcqtj9uJv04v9yrLo6f7209ycau2OWTs8HkxK2AgyvJn
nAtUnWlL3lfcAEe4JrlHzHQ9tfUCH9Lq
-----END CERTIFICATE-----
Generated at Sat Apr 26 11:36:41 2025 by rpki-client