Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/24BF54DCCEF811EF9DA635BC762E951A.roa
File: 24BF54DCCEF811EF9DA635BC762E951A.roa (raw, json)
Hash identifier: hdAHQ5KBx/TlWOJ13p4/CYWKoBFyMnvM9FrzpfIWpdI=
Subject key identifier: 2A:93:DC:20:E2:FA:EE:64:58:D0:2C:B8:3A:8E:91:0D:26:8C:80:50
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013987
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/24BF54DCCEF811EF9DA635BC762E951A.roa
Signing time: Fri 10 Jan 2025 02:11:04 +0000
ROA not before: Fri 10 Jan 2025 02:11:00 +0000
ROA not after: Thu 13 Feb 2025 02:11:00 +0000
asID: 25198
IP address blocks: 154.197.104.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80263 (0x13987)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 10 02:11:00 2025 GMT
Not After : Feb 13 02:11:00 2025 GMT
Subject: CN=678081b7-d0ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:42:a3:9b:4d:e3:00:d3:f5:d0:64:5c:e0:21:
bd:03:c7:c1:bd:74:90:21:c1:8c:2d:9a:f9:57:e9:
1f:6b:23:6a:b3:49:4a:af:a4:cf:32:9e:58:24:c4:
cf:79:8f:87:f2:99:1b:62:d4:bb:c7:28:a5:fb:e9:
6d:a7:c8:bb:3e:6e:5a:c4:6b:bc:75:86:55:bc:97:
02:18:61:c1:47:9d:9a:26:6d:c5:9e:95:e5:c1:25:
f5:78:23:c1:2f:29:03:44:1a:be:c0:b0:f6:6d:03:
e7:f3:9a:5a:c0:04:d3:c6:d7:b6:98:4c:2d:8c:c2:
b7:57:25:10:86:a5:fa:2b:f1:08:ee:a9:c2:d0:36:
d1:41:a3:10:e3:0b:9a:7c:f0:12:ae:94:41:05:47:
3f:d7:cd:94:79:87:41:01:c5:30:08:44:14:bb:9a:
3c:58:aa:2a:92:d3:3a:24:db:d3:27:71:1c:39:af:
17:de:a0:11:9b:e1:a6:a5:82:2a:08:5a:09:eb:85:
28:02:5e:54:db:df:c6:3f:a4:52:28:b1:7e:f1:7b:
f7:80:7f:fc:ef:73:67:89:3c:12:22:01:a9:12:dc:
bd:28:9b:cd:57:47:a6:7f:98:90:e0:79:4e:58:cf:
6f:35:89:10:31:86:24:a0:ad:b7:65:6e:b6:3d:01:
cc:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:93:DC:20:E2:FA:EE:64:58:D0:2C:B8:3A:8E:91:0D:26:8C:80:50
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/24BF54DCCEF811EF9DA635BC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.104.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:8c:20:77:34:a7:f5:b8:b9:2b:7e:91:a2:0d:35:a0:20:ba:
e7:47:a0:58:0e:11:b0:80:5f:71:b6:fa:d2:2d:a6:d4:40:3e:
e4:dd:72:7b:de:3c:dd:65:57:ae:56:7e:a9:50:a1:f9:80:13:
a7:d4:dc:77:e2:fd:40:48:a7:bc:3f:54:c0:9f:ac:d7:69:3b:
14:26:53:b9:41:37:b5:df:3a:83:43:97:67:46:6f:e0:f2:41:
93:43:d9:c7:de:0f:98:a2:30:b1:36:78:0a:29:7c:63:10:a0:
8d:4d:11:8b:71:1c:4c:d1:23:cd:dd:78:fc:3b:a1:dc:d5:e0:
ae:f9:08:2a:d2:4a:61:b6:4e:59:ba:55:70:33:99:60:e0:15:
4e:2f:3b:b9:6a:64:89:3a:06:84:07:09:43:8b:c7:3c:f7:fd:
29:5b:7a:b3:2b:18:57:e3:02:7f:1f:fa:44:f1:1e:d1:a5:75:
e7:20:8c:f4:96:91:11:e3:b2:3b:03:2c:61:12:b3:8a:da:06:
da:40:95:3a:16:10:69:a3:b4:ca:14:71:b1:21:92:03:47:b7:
00:ef:bf:a7:8b:86:49:a0:48:80:b3:9a:ca:5c:ae:27:bc:28:
68:ed:cd:3a:8d:49:28:0d:6d:9e:f8:cb:33:dc:43:71:b7:dd:
77:01:e2:3e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATmHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTEwMDIxMTAwWhcNMjUwMjEzMDIxMTAwWjAYMRYw
FAYDVQQDEw02NzgwODFiNy1kMGVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxkKjm03jANP10GRc4CG9A8fBvXSQIcGMLZr5V+kfayNqs0lKr6TPMp5Y
JMTPeY+H8pkbYtS7xyil++ltp8i7Pm5axGu8dYZVvJcCGGHBR52aJm3FnpXlwSX1
eCPBLykDRBq+wLD2bQPn85pawATTxte2mEwtjMK3VyUQhqX6K/EI7qnC0DbRQaMQ
4wuafPASrpRBBUc/182UeYdBAcUwCEQUu5o8WKoqktM6JNvTJ3EcOa8X3qARm+Gm
pYIqCFoJ64UoAl5U29/GP6RSKLF+8Xv3gH/873NniTwSIgGpEty9KJvNV0emf5iQ
4HlOWM9vNYkQMYYkoK23ZW62PQHMWwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCqT
3CDi+u5kWNAsuDqOkQ0mjIBQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yNEJGNTREQ0NFRjgxMUVGOURBNjM1QkM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsVoMA0GCSqGSIb3DQEB
CwUAA4IBAQCMjCB3NKf1uLkrfpGiDTWgILrnR6BYDhGwgF9xtvrSLabUQD7k3XJ7
3jzdZVeuVn6pUKH5gBOn1Nx34v1ASKe8P1TAn6zXaTsUJlO5QTe13zqDQ5dnRm/g
8kGTQ9nH3g+YojCxNngKKXxjEKCNTRGLcRxM0SPN3Xj8O6Hc1eCu+Qgq0kphtk5Z
ulVwM5lg4BVOLzu5amSJOgaEBwlDi8c89/0pW3qzKxhX4wJ/H/pE8R7RpXXnIIz0
lpER47I7AyxhErOK2gbaQJU6FhBpo7TKFHGxIZIDR7cA77+ni4ZJoEiAs5rKXK4n
vCho7c06jUkoDW2e+Msz3ENxt913AeI+
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:47:20 2025 by rpki-client