Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/296EC57ADA4811EFA9F2049E762E951A.roa
File: 296EC57ADA4811EFA9F2049E762E951A.roa (raw, json)
Hash identifier: nyxUCEaAQjFXBASmQCcyVlKaUX6ViU5HMkpURrwzr70=
Subject key identifier: 2C:D0:46:9D:A6:95:96:5A:52:C6:50:78:C1:0B:B2:F5:08:6E:3D:D6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014634
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/296EC57ADA4811EFA9F2049E762E951A.roa
Signing time: Fri 24 Jan 2025 11:41:34 +0000
ROA not before: Fri 24 Jan 2025 11:41:28 +0000
ROA not after: Fri 28 Feb 2025 11:41:28 +0000
asID: 62240
IP address blocks: 154.195.106.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83508 (0x14634)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 11:41:28 2025 GMT
Not After : Feb 28 11:41:28 2025 GMT
Subject: CN=67937c6e-1498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ab:fd:00:cc:bd:68:4d:64:e6:8c:97:92:4b:
8f:fa:aa:e8:34:d4:7b:01:2c:f8:06:d7:9d:05:f0:
c4:12:71:a6:38:92:1e:47:21:43:6a:3f:31:02:b3:
9d:a6:48:df:b0:d9:ba:af:75:ee:b3:6e:70:6d:d9:
c2:57:42:ac:25:3f:18:32:23:85:fa:49:e6:74:d5:
fb:21:b6:05:df:b0:79:90:69:a6:f9:ed:a1:26:64:
5a:02:90:57:ab:dd:89:13:8e:14:90:61:80:92:da:
07:3a:76:96:fb:2b:62:a9:9b:aa:d5:38:1c:2c:a6:
52:3f:c6:4d:46:c0:ed:1f:34:6e:ab:e1:af:c5:36:
43:ff:03:35:50:a2:31:dc:a2:6c:36:b0:5b:28:ab:
c9:53:b0:ca:c4:f4:7a:cc:80:91:d6:99:3d:5c:25:
2d:6a:a4:10:38:ee:d1:65:f2:fc:2f:79:cb:f3:52:
f5:45:83:1d:cf:a8:4a:01:03:78:f2:3e:3c:28:db:
10:8c:92:74:ce:12:0c:b1:8a:9a:be:ce:d3:75:f5:
c7:64:e5:62:2e:58:3a:9e:e7:78:f4:fa:cf:3b:10:
39:2a:0b:c8:9a:e2:df:9f:9c:e3:21:ed:4e:e5:9a:
57:19:8c:99:ce:6a:f0:06:53:eb:41:2d:d0:37:aa:
45:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:D0:46:9D:A6:95:96:5A:52:C6:50:78:C1:0B:B2:F5:08:6E:3D:D6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/296EC57ADA4811EFA9F2049E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.106.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:f8:3d:d4:ba:7d:5a:4c:02:ff:5a:1e:a4:90:5f:2c:b5:2a:
8b:a6:09:4d:ed:ae:46:da:7a:50:d5:39:9d:ab:62:c0:cd:77:
ef:01:1e:a7:89:f2:3e:5a:6a:7c:9f:e5:f9:43:02:de:7e:6a:
2c:aa:df:b5:5a:c7:f7:6e:8d:93:a3:4b:d8:c8:57:a1:22:69:
f5:1e:7b:a3:8c:e4:17:86:13:0e:7b:c0:e8:ce:a5:1e:fc:d5:
3d:6f:78:7a:ec:06:2a:10:cb:ee:e4:7e:46:6c:2c:6f:e0:42:
19:85:86:56:bb:15:97:85:90:cd:8c:a5:5f:b8:97:2e:74:14:
aa:89:e5:bf:51:ef:15:b1:17:95:7e:46:e8:3e:ba:be:68:bd:
37:c4:3f:15:1e:48:03:7a:ba:cf:b7:4d:6b:d4:bb:fe:3b:ee:
a2:66:ac:2c:69:5f:6a:b5:cf:91:50:88:1f:05:a2:b8:5f:bb:
52:b6:11:52:52:b3:ba:18:d9:b8:4a:ed:45:fa:99:8e:49:da:
47:7c:d6:7e:72:c6:f5:97:10:d0:14:4a:54:25:16:91:4b:bb:
a6:4f:8f:7f:84:ee:91:a5:45:72:7b:42:6e:e4:3c:09:35:e7:
bc:4b:82:63:a0:3a:e6:61:a9:9f:b3:94:5d:89:e2:09:32:ae:
c2:e1:ef:20
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUY0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTE0MTI4WhcNMjUwMjI4MTE0MTI4WjAYMRYw
FAYDVQQDEw02NzkzN2M2ZS0xNDk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwKv9AMy9aE1k5oyXkkuP+qroNNR7ASz4BtedBfDEEnGmOJIeRyFDaj8x
ArOdpkjfsNm6r3Xus25wbdnCV0KsJT8YMiOF+knmdNX7IbYF37B5kGmm+e2hJmRa
ApBXq92JE44UkGGAktoHOnaW+ytiqZuq1TgcLKZSP8ZNRsDtHzRuq+GvxTZD/wM1
UKIx3KJsNrBbKKvJU7DKxPR6zICR1pk9XCUtaqQQOO7RZfL8L3nL81L1RYMdz6hK
AQN48j48KNsQjJJ0zhIMsYqavs7TdfXHZOViLlg6nud49PrPOxA5KgvImuLfn5zj
Ie1O5ZpXGYyZzmrwBlPrQS3QN6pFZQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCzQ
Rp2mlZZaUsZQeMELsvUIbj3WMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOTZFQzU3QURBNDgxMUVGQTlGMjA0OUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsNqMA0GCSqGSIb3DQEB
CwUAA4IBAQAs+D3Uun1aTAL/Wh6kkF8stSqLpglN7a5G2npQ1Tmdq2LAzXfvAR6n
ifI+Wmp8n+X5QwLefmosqt+1Wsf3bo2To0vYyFehImn1HnujjOQXhhMOe8DozqUe
/NU9b3h67AYqEMvu5H5GbCxv4EIZhYZWuxWXhZDNjKVfuJcudBSqieW/Ue8VsReV
fkboPrq+aL03xD8VHkgDerrPt01r1Lv+O+6iZqwsaV9qtc+RUIgfBaK4X7tSthFS
UrO6GNm4Su1F+pmOSdpHfNZ+csb1lxDQFEpUJRaRS7umT49/hO6RpUVye0Ju5DwJ
Nee8S4JjoDrmYamfs5RdieIJMq7C4e8g
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:55:28 2025 by rpki-client