Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/24E66892DA6A11EFA7130E85762E951A.roa
File: 24E66892DA6A11EFA7130E85762E951A.roa (raw, json)
Hash identifier: DrIJS+8pprE+zyJ4TVPPOSvtSU6kJOszH7oiS2yKPYs=
Subject key identifier: 4C:D0:01:6D:B8:7E:0F:65:8A:99:87:C8:CD:2D:55:9D:D8:81:63:B4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0148C1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/24E66892DA6A11EFA7130E85762E951A.roa
Signing time: Fri 24 Jan 2025 15:44:49 +0000
ROA not before: Fri 24 Jan 2025 15:44:46 +0000
ROA not after: Mon 03 Mar 2025 15:44:46 +0000
asID: 203020
IP address blocks: 154.223.185.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84161 (0x148c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 15:44:46 2025 GMT
Not After : Mar 3 15:44:46 2025 GMT
Subject: CN=6793b571-dbe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:90:4c:3c:d5:f5:b8:8e:f8:95:5e:8a:9e:24:
c0:ba:50:28:87:a3:96:ba:ff:14:1e:18:19:12:90:
dd:e9:a6:88:89:7c:6d:ce:bd:e0:d7:73:44:b4:98:
b2:d6:b7:12:a8:10:f5:98:bc:9f:19:54:08:78:97:
75:68:62:d7:2a:8b:36:15:46:0b:4f:c0:9e:b5:ae:
48:b4:23:1d:6c:77:d7:90:d4:df:e0:48:47:c7:22:
88:fb:77:65:11:82:fc:c3:6e:5a:78:29:12:e3:8d:
6f:67:8b:e7:03:98:1b:b1:2e:e7:56:53:a9:28:df:
d3:94:78:ee:81:46:ce:e0:51:22:c8:48:2d:ca:2b:
bd:3c:c3:d8:4d:b3:63:64:7a:10:f5:44:bb:ee:16:
dd:c6:41:7b:68:90:f8:07:e6:65:45:5f:8e:e7:ff:
60:5e:4c:9b:ba:f1:d3:3f:df:99:30:c7:f7:05:ae:
f2:d4:09:14:cd:70:35:d6:a7:ed:e7:23:c3:79:10:
19:53:0d:82:2c:dc:a4:25:c9:a4:fa:d0:35:ca:32:
2c:e8:57:ed:6d:72:37:db:23:c2:56:2c:f2:d4:ac:
13:5f:ec:09:fe:bb:03:22:bd:7e:dd:a7:42:8e:84:
d9:c7:8e:0e:f3:83:33:83:65:a0:71:8a:2f:35:9d:
ee:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D0:01:6D:B8:7E:0F:65:8A:99:87:C8:CD:2D:55:9D:D8:81:63:B4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/24E66892DA6A11EFA7130E85762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.185.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:0e:66:a2:0e:01:2d:d9:dd:58:82:6e:d8:df:c1:59:d0:87:
27:9d:62:36:19:a9:26:ac:76:05:75:b7:b3:f0:ac:24:27:e0:
64:74:6f:6b:8e:0f:54:c4:df:2c:f3:f5:5c:2d:8a:a9:fe:d4:
93:bc:28:2f:0e:7e:41:73:c8:62:d3:bf:ea:24:01:11:ec:5c:
26:c0:da:0c:d3:07:bc:b9:dc:24:95:16:d6:bb:f8:b2:d5:59:
73:44:25:64:03:31:1b:b8:35:2a:cb:3c:da:b7:b5:d9:c7:52:
3d:56:46:94:a1:74:42:e9:5d:42:05:c3:26:46:de:fd:de:2d:
18:e4:70:a9:d3:ec:7a:3d:67:25:5c:dc:d6:f7:06:4e:ff:7d:
12:84:92:27:0b:8d:03:91:a7:12:ab:f8:bc:7d:1b:bd:a7:13:
57:a8:b2:bd:7b:bf:fa:4b:43:23:48:01:19:c2:50:9c:9c:78:
f3:78:c4:bd:9e:17:fa:74:bd:68:af:fe:48:42:6c:9f:36:46:
13:76:7b:3b:25:00:73:0b:f0:06:47:e1:43:75:98:ab:bf:18:
8d:79:77:8b:2b:bd:ff:09:4c:8c:d4:a6:b6:1e:94:e6:22:37:
45:32:07:95:c9:c9:d2:0b:ae:59:fb:8a:82:49:42:57:45:fd:
3c:03:6e:04
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUjBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTU0NDQ2WhcNMjUwMzAzMTU0NDQ2WjAYMRYw
FAYDVQQDEw02NzkzYjU3MS1kYmU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyJBMPNX1uI74lV6KniTAulAoh6OWuv8UHhgZEpDd6aaIiXxtzr3g13NE
tJiy1rcSqBD1mLyfGVQIeJd1aGLXKos2FUYLT8Ceta5ItCMdbHfXkNTf4EhHxyKI
+3dlEYL8w25aeCkS441vZ4vnA5gbsS7nVlOpKN/TlHjugUbO4FEiyEgtyiu9PMPY
TbNjZHoQ9US77hbdxkF7aJD4B+ZlRV+O5/9gXkybuvHTP9+ZMMf3Ba7y1AkUzXA1
1qft5yPDeRAZUw2CLNykJcmk+tA1yjIs6FftbXI32yPCVizy1KwTX+wJ/rsDIr1+
3adCjoTZx44O84Mzg2WgcYovNZ3uHwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEzQ
AW24fg9lipmHyM0tVZ3YgWO0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yNEU2Njg5MkRBNkExMUVGQTcxMzBFODU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt+5MA0GCSqGSIb3DQEB
CwUAA4IBAQCjDmaiDgEt2d1Ygm7Y38FZ0IcnnWI2GakmrHYFdbez8KwkJ+BkdG9r
jg9UxN8s8/VcLYqp/tSTvCgvDn5Bc8hi07/qJAER7FwmwNoM0we8udwklRbWu/iy
1VlzRCVkAzEbuDUqyzzat7XZx1I9VkaUoXRC6V1CBcMmRt793i0Y5HCp0+x6PWcl
XNzW9wZO/30ShJInC40DkacSq/i8fRu9pxNXqLK9e7/6S0MjSAEZwlCcnHjzeMS9
nhf6dL1or/5IQmyfNkYTdns7JQBzC/AGR+FDdZirvxiNeXeLK73/CUyM1Ka2HpTm
IjdFMgeVycnSC65Z+4qCSUJXRf08A24E
-----END CERTIFICATE-----
Generated at Fri Apr 25 16:55:19 2025 by rpki-client