Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2149B268D98C11EF9E2487A7762E951A.roa
File: 2149B268D98C11EF9E2487A7762E951A.roa (raw, json)
Hash identifier: J0gtc0QRDZTpObv1LkQ8X7sV3oraE3Cjntf6LJ9DqoI=
Subject key identifier: 28:FE:55:63:D7:26:17:A5:44:FD:AA:D5:8A:00:D3:9C:0D:F8:25:BA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01426C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2149B268D98C11EF9E2487A7762E951A.roa
Signing time: Thu 23 Jan 2025 13:15:35 +0000
ROA not before: Thu 23 Jan 2025 13:15:31 +0000
ROA not after: Thu 13 Mar 2025 13:15:31 +0000
asID: 138915
IP address blocks: 154.203.128.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82540 (0x1426c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 23 13:15:31 2025 GMT
Not After : Mar 13 13:15:31 2025 GMT
Subject: CN=679240f7-2bfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:4e:c3:d8:48:6c:b5:33:9b:de:cf:cb:7c:56:
2a:0d:0f:22:84:45:a0:b6:3c:b5:da:77:d1:37:34:
cf:31:c7:f7:bb:b9:ee:19:67:4f:60:ec:e8:25:93:
b2:b5:15:9b:62:e5:fa:36:f0:21:87:af:de:ad:c8:
6f:2d:85:0d:37:5c:ee:fa:be:ec:bd:0c:89:5b:8d:
1f:34:12:3b:21:77:b9:46:bd:a6:99:d6:c8:63:8b:
e4:68:5c:93:7f:f4:72:3d:7a:5b:ba:a8:e3:dd:79:
44:14:90:20:12:6f:c2:f6:f8:8d:ee:9a:11:60:e3:
71:45:06:58:7e:49:1b:14:ea:39:26:97:12:dc:a7:
db:c2:e1:d4:b4:1e:82:c3:64:fd:cd:84:3a:59:75:
96:93:8e:5a:fa:96:c1:93:74:a3:2b:8d:ff:42:60:
80:27:4d:5b:69:d9:17:00:59:ab:ca:96:b2:ff:dc:
68:83:0e:b3:6d:c2:3c:93:d4:1e:0d:bd:7f:67:79:
b6:ea:a6:8d:19:79:21:87:ca:03:1e:ab:f3:10:7f:
63:42:09:6b:03:3a:b5:94:aa:f8:bc:73:4b:07:3a:
85:8f:45:67:85:ab:12:23:70:f2:e2:c7:88:5a:f7:
6b:25:b3:50:75:1b:f2:86:49:43:55:07:36:dc:01:
fd:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:FE:55:63:D7:26:17:A5:44:FD:AA:D5:8A:00:D3:9C:0D:F8:25:BA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2149B268D98C11EF9E2487A7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.128.0/23
Signature Algorithm: sha256WithRSAEncryption
d6:40:3a:53:5d:d9:58:53:8e:1e:68:1f:f7:51:d9:99:30:57:
2e:1a:17:28:79:a9:8b:77:d0:fb:a5:3d:61:3e:34:59:36:3a:
84:30:2b:79:46:01:70:a4:4a:80:38:9a:b1:b2:a2:d9:19:84:
0f:86:c1:8d:46:e6:cb:64:c2:01:c5:e8:96:c4:50:75:06:ab:
d4:3e:ad:3d:e6:25:9c:a9:86:0f:9b:58:59:7a:b2:dd:2f:cb:
d2:03:69:ea:ff:89:e9:6a:35:29:e4:fa:ce:97:a8:e6:32:f3:
78:9d:87:bb:f2:3e:d0:4a:b8:eb:86:bd:7a:97:96:ec:0f:26:
41:7b:31:07:c6:a2:4b:70:fa:d3:15:25:92:0a:dc:d8:b8:c1:
91:e8:3d:95:d8:dc:ba:ee:0f:e9:b9:d1:d2:78:49:05:9c:79:
bb:13:a1:63:c8:a5:74:2e:1c:0c:ce:f6:ff:d0:a4:83:f3:f9:
0f:2b:9d:0b:54:8a:53:f2:fb:11:fe:08:a8:ae:ee:4b:13:1a:
fc:b5:44:c7:3d:9a:29:21:26:e8:15:c9:25:dd:59:82:12:64:
9d:54:84:3c:1f:a9:73:1e:d8:92:0b:6b:5c:0e:a7:b2:11:ad:
11:35:ab:7b:cb:7f:21:34:04:fd:0f:04:69:78:84:2f:9e:40:
58:8b:e1:f5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUJsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMTMxNTMxWhcNMjUwMzEzMTMxNTMxWjAYMRYw
FAYDVQQDEw02NzkyNDBmNy0yYmZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3k7D2EhstTOb3s/LfFYqDQ8ihEWgtjy12nfRNzTPMcf3u7nuGWdPYOzo
JZOytRWbYuX6NvAhh6/erchvLYUNN1zu+r7svQyJW40fNBI7IXe5Rr2mmdbIY4vk
aFyTf/RyPXpbuqjj3XlEFJAgEm/C9viN7poRYONxRQZYfkkbFOo5JpcS3KfbwuHU
tB6Cw2T9zYQ6WXWWk45a+pbBk3SjK43/QmCAJ01badkXAFmrypay/9xogw6zbcI8
k9QeDb1/Z3m26qaNGXkhh8oDHqvzEH9jQglrAzq1lKr4vHNLBzqFj0VnhasSI3Dy
4seIWvdrJbNQdRvyhklDVQc23AH96QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCj+
VWPXJhelRP2q1YoA05wN+CW6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMTQ5QjI2OEQ5OEMxMUVGOUUyNDg3QTc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsuAMA0GCSqGSIb3DQEB
CwUAA4IBAQDWQDpTXdlYU44eaB/3UdmZMFcuGhcoeamLd9D7pT1hPjRZNjqEMCt5
RgFwpEqAOJqxsqLZGYQPhsGNRubLZMIBxeiWxFB1BqvUPq095iWcqYYPm1hZerLd
L8vSA2nq/4npajUp5PrOl6jmMvN4nYe78j7QSrjrhr16l5bsDyZBezEHxqJLcPrT
FSWSCtzYuMGR6D2V2Ny67g/pudHSeEkFnHm7E6FjyKV0LhwMzvb/0KSD8/kPK50L
VIpT8vsR/gioru5LExr8tUTHPZopISboFckl3VmCEmSdVIQ8H6lzHtiSC2tcDqey
Ea0RNat7y38hNAT9DwRpeIQvnkBYi+H1
-----END CERTIFICATE-----
Generated at Sat Apr 26 11:40:52 2025 by rpki-client