Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/24EDE61EDD5B11EF9CD69260762E951A.roa
File: 24EDE61EDD5B11EF9CD69260762E951A.roa (raw, json)
Hash identifier: gdvcDcKqykaYtsp+6z3A+gillV8Z2MWM9GuLBRUuAAY=
Subject key identifier: 89:E0:39:B3:15:61:6E:5F:AA:5B:FA:3D:26:F4:D4:87:B7:5E:96:C6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014CA2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/24EDE61EDD5B11EF9CD69260762E951A.roa
Signing time: Tue 28 Jan 2025 09:35:00 +0000
ROA not before: Tue 28 Jan 2025 09:34:56 +0000
ROA not after: Tue 04 Feb 2025 09:34:56 +0000
asID: 5065
IP address blocks: 154.206.41.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85154 (0x14ca2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 28 09:34:56 2025 GMT
Not After : Feb 4 09:34:56 2025 GMT
Subject: CN=6798a4c4-3633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:89:27:b7:be:7d:ee:f8:24:51:c2:4c:72:9f:
cd:2a:e4:e5:5e:f6:c9:2a:47:d4:bc:df:ea:4c:be:
98:2a:96:35:f4:a7:be:b9:0b:3c:21:1d:a8:0d:c3:
50:9d:6b:8b:7b:9b:63:9a:7d:a0:a7:4b:d4:7c:d7:
5e:42:05:e6:4a:58:2a:d2:d0:8d:86:ea:ea:75:1c:
23:26:f7:7d:c4:bd:2f:54:1c:b7:5f:fd:c4:72:42:
18:36:fb:ef:03:e1:50:0a:df:ab:9b:eb:c2:db:b8:
89:1d:fc:12:64:9b:52:5c:59:7b:1f:3e:e2:3d:8d:
79:4c:70:90:8a:71:a1:50:6e:8f:d4:df:f3:be:c3:
0c:8f:b5:ea:ab:90:bf:11:85:fc:5f:f4:a0:0a:e7:
6e:a9:e4:22:49:3e:27:3a:e3:48:f5:f7:ec:49:df:
b4:6c:c9:ac:41:f8:f7:66:03:46:48:55:e9:d0:b6:
77:36:2f:ba:ce:23:57:e3:95:d7:f5:fc:93:9e:2a:
47:68:df:6f:69:09:10:1f:c8:fc:63:a5:e8:e8:db:
27:27:ca:56:11:a1:9f:cb:0e:8f:d5:d0:d9:22:d7:
15:71:ef:86:0b:16:80:ed:58:fd:1c:22:8d:12:7e:
88:79:16:5d:f4:86:3a:f4:29:06:bb:7e:78:76:8c:
c8:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E0:39:B3:15:61:6E:5F:AA:5B:FA:3D:26:F4:D4:87:B7:5E:96:C6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/24EDE61EDD5B11EF9CD69260762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.41.0/24
Signature Algorithm: sha256WithRSAEncryption
37:72:ab:81:c9:1b:d8:d2:62:92:94:56:dc:26:8c:9a:6d:74:
41:94:90:69:df:a5:f8:91:23:d8:08:08:52:42:5e:00:82:16:
df:f1:84:15:6a:89:33:80:79:17:49:b4:ae:67:fa:5c:88:dd:
0c:7e:e1:f1:8d:89:47:94:33:70:eb:59:be:1b:be:99:c9:b1:
18:e5:de:92:7c:7c:1d:80:88:d8:35:f4:4f:f3:92:a9:14:8c:
8b:ed:7a:bd:d3:a5:d9:59:02:08:7b:b3:96:21:72:07:32:a4:
dd:14:5f:c3:65:07:63:e2:b0:f7:d4:21:00:4b:f8:2e:17:b2:
ba:0a:5e:c1:0d:d0:ad:15:7f:b9:2f:2f:44:35:41:2e:7c:fe:
58:e7:fe:9d:74:74:99:e7:43:ec:11:a3:df:cb:40:4e:ee:14:
f5:59:61:6d:d0:50:cf:86:6b:fc:81:4e:57:1a:2d:87:05:8f:
36:e2:e1:83:12:22:f4:0c:3a:77:9c:1d:c8:4f:0e:aa:40:d9:
6c:e1:38:bc:a5:09:b5:c7:6c:7a:43:4f:7f:02:57:c2:28:ec:
c2:8b:8e:b8:d6:b1:92:08:0d:a4:7f:de:f3:fa:b0:4f:14:40:
f8:2b:2d:af:8b:2d:01:32:95:3f:f1:36:25:80:6d:55:5f:99:
9d:8f:36:8e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUyiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI4MDkzNDU2WhcNMjUwMjA0MDkzNDU2WjAYMRYw
FAYDVQQDEw02Nzk4YTRjNC0zNjMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0Yknt7597vgkUcJMcp/NKuTlXvbJKkfUvN/qTL6YKpY19Ke+uQs8IR2o
DcNQnWuLe5tjmn2gp0vUfNdeQgXmSlgq0tCNhurqdRwjJvd9xL0vVBy3X/3EckIY
NvvvA+FQCt+rm+vC27iJHfwSZJtSXFl7Hz7iPY15THCQinGhUG6P1N/zvsMMj7Xq
q5C/EYX8X/SgCuduqeQiST4nOuNI9ffsSd+0bMmsQfj3ZgNGSFXp0LZ3Ni+6ziNX
45XX9fyTnipHaN9vaQkQH8j8Y6Xo6NsnJ8pWEaGfyw6P1dDZItcVce+GCxaA7Vj9
HCKNEn6IeRZd9IY69CkGu354dozI6wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIng
ObMVYW5fqlv6PSb01Ie3XpbGMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yNEVERTYxRURENUIxMUVGOUNENjkyNjA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms4pMA0GCSqGSIb3DQEB
CwUAA4IBAQA3cquByRvY0mKSlFbcJoyabXRBlJBp36X4kSPYCAhSQl4Aghbf8YQV
aokzgHkXSbSuZ/pciN0MfuHxjYlHlDNw61m+G76ZybEY5d6SfHwdgIjYNfRP85Kp
FIyL7Xq906XZWQIIe7OWIXIHMqTdFF/DZQdj4rD31CEAS/guF7K6Cl7BDdCtFX+5
Ly9ENUEufP5Y5/6ddHSZ50PsEaPfy0BO7hT1WWFt0FDPhmv8gU5XGi2HBY824uGD
EiL0DDp3nB3ITw6qQNls4Ti8pQm1x2x6Q09/AlfCKOzCi4641rGSCA2kf97z+rBP
FED4Ky2viy0BMpU/8TYlgG1VX5mdjzaO
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:01:11 2025 by rpki-client