Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1DF85C68BED911EFBF39A450762E951A.roa
File: 1DF85C68BED911EFBF39A450762E951A.roa (raw, json)
Hash identifier: ccmoWpUkB/y27+JBDH/hq9zt9iPG47EbRPhOba1UEfg=
Subject key identifier: A9:A6:EA:B9:32:6F:0F:38:B0:D8:DD:50:F2:2D:D7:A2:FB:AD:0F:1C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011D0A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1DF85C68BED911EFBF39A450762E951A.roa
Signing time: Fri 20 Dec 2024 13:48:39 +0000
ROA not before: Fri 20 Dec 2024 13:48:36 +0000
ROA not after: Sun 02 Feb 2025 13:48:36 +0000
asID: 48031
IP address blocks: 154.218.1.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72970 (0x11d0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Dec 20 13:48:36 2024 GMT
Not After : Feb 2 13:48:36 2025 GMT
Subject: CN=676575b7-0cb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:29:ce:5e:ca:b0:5f:d0:ed:53:14:4b:1b:26:
a8:fb:f8:a7:5c:e4:6c:45:6a:d1:86:aa:7e:d7:e5:
72:34:30:f8:37:f9:8b:fc:e1:3c:15:47:92:da:7f:
45:66:89:76:07:3a:02:0a:ef:1f:83:d6:68:4a:2a:
5d:67:39:d8:ad:7d:08:89:1c:b3:ab:96:92:1d:c7:
83:47:17:73:bf:3b:e8:8c:fd:9c:88:1a:c2:f3:af:
6a:1a:92:40:db:e1:f3:34:1b:4c:08:bc:39:55:0d:
65:78:90:a5:49:0d:95:b2:9d:9c:31:a7:9e:05:5b:
52:24:1b:8d:ee:da:c7:3d:1d:a8:a7:8d:a1:e9:9b:
a8:59:d9:ce:77:e8:9c:b6:cc:f7:69:c5:34:b4:6e:
ab:2d:29:29:45:2e:c5:e3:3d:57:56:47:03:90:20:
fe:df:7d:56:eb:aa:dc:c8:af:55:5f:ba:17:a4:0b:
83:77:1a:bd:56:2c:31:5c:ee:48:4c:28:88:f3:15:
23:27:27:9c:ea:e7:d9:da:a6:bc:b4:e6:4e:5e:91:
c1:e9:f5:72:76:86:cb:4b:17:73:ca:0f:3a:bf:b1:
12:d2:f7:ec:ea:1c:d5:9f:b2:fb:cd:29:0a:76:74:
4b:0e:ca:07:a3:7c:fb:72:3b:85:4e:63:4a:cc:14:
a0:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A6:EA:B9:32:6F:0F:38:B0:D8:DD:50:F2:2D:D7:A2:FB:AD:0F:1C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1DF85C68BED911EFBF39A450762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.1.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:26:0a:aa:a7:5b:ae:c2:95:c6:66:13:fb:31:07:6d:22:bc:
0e:25:8d:2b:12:d3:d1:39:c0:5a:91:a9:14:24:ab:2b:92:ab:
b0:31:d3:05:2b:11:34:3c:e1:87:ad:29:d2:27:2a:26:d0:21:
1a:b5:8f:5e:d7:58:bb:aa:ba:69:f1:67:20:78:7c:8d:69:db:
2a:ff:22:e7:38:5b:f9:b0:64:8b:29:36:10:1e:26:02:53:90:
62:aa:02:59:07:f9:0e:87:0e:92:1d:c5:1e:08:2d:ae:ed:f3:
08:10:26:98:38:4c:96:72:7f:44:17:f6:7a:da:a7:48:e0:b8:
be:b3:4c:7f:23:4a:4f:1c:e3:79:fc:a2:9c:dc:79:eb:93:00:
2e:1f:fc:02:c9:fa:57:37:cf:1a:4c:c5:fd:a9:59:2e:94:fb:
d0:fb:f3:e2:4f:6f:a3:0d:53:13:4f:c5:19:c5:40:20:73:dd:
1f:65:6c:d3:9e:1c:6f:b4:60:d4:21:9d:71:ae:46:47:f9:5d:
26:63:93:52:6a:4f:2f:26:9b:74:09:78:55:8c:37:7c:19:39:
17:98:b5:5f:55:cc:d2:ef:2a:3f:04:05:cf:b7:54:e7:24:94:
12:c0:42:08:20:44:0f:1f:0c:78:b3:c1:95:bc:de:d6:50:a2:
14:b2:0f:d5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR0KMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIwMTM0ODM2WhcNMjUwMjAyMTM0ODM2WjAYMRYw
FAYDVQQDEw02NzY1NzViNy0wY2I3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwCnOXsqwX9DtUxRLGyao+/inXORsRWrRhqp+1+VyNDD4N/mL/OE8FUeS
2n9FZol2BzoCCu8fg9ZoSipdZznYrX0IiRyzq5aSHceDRxdzvzvojP2ciBrC869q
GpJA2+HzNBtMCLw5VQ1leJClSQ2Vsp2cMaeeBVtSJBuN7trHPR2op42h6ZuoWdnO
d+ictsz3acU0tG6rLSkpRS7F4z1XVkcDkCD+331W66rcyK9VX7oXpAuDdxq9Viwx
XO5ITCiI8xUjJyec6ufZ2qa8tOZOXpHB6fVydobLSxdzyg86v7ES0vfs6hzVn7L7
zSkKdnRLDsoHo3z7cjuFTmNKzBSgXQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKmm
6rkybw84sNjdUPIt16L7rQ8cMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xREY4NUM2OEJFRDkxMUVGQkYzOUE0NTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtoBMA0GCSqGSIb3DQEB
CwUAA4IBAQDCJgqqp1uuwpXGZhP7MQdtIrwOJY0rEtPROcBakakUJKsrkquwMdMF
KxE0POGHrSnSJyom0CEatY9e11i7qrpp8WcgeHyNadsq/yLnOFv5sGSLKTYQHiYC
U5BiqgJZB/kOhw6SHcUeCC2u7fMIECaYOEyWcn9EF/Z62qdI4Li+s0x/I0pPHON5
/KKc3HnrkwAuH/wCyfpXN88aTMX9qVkulPvQ+/PiT2+jDVMTT8UZxUAgc90fZWzT
nhxvtGDUIZ1xrkZH+V0mY5NSak8vJpt0CXhVjDd8GTkXmLVfVczS7yo/BAXPt1Tn
JJQSwEIIIEQPHwx4s8GVvN7WUKIUsg/V
-----END CERTIFICATE-----
Generated at Sat Apr 26 02:14:43 2025 by rpki-client