Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2AC08922DA6B11EF9FFFF08B762E951A.roa
File: 2AC08922DA6B11EF9FFFF08B762E951A.roa (raw, json)
Hash identifier: gAhyQyiZPN509zpOWhS7H9o1fIeze5wJVEWAaZQF8tc=
Subject key identifier: F7:34:7F:7D:FB:E5:F7:86:B7:00:E2:A2:58:EA:E3:07:C3:30:52:3B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0148CB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2AC08922DA6B11EF9FFFF08B762E951A.roa
Signing time: Fri 24 Jan 2025 15:52:08 +0000
ROA not before: Fri 24 Jan 2025 15:52:05 +0000
ROA not after: Mon 03 Mar 2025 15:52:05 +0000
asID: 203020
IP address blocks: 154.223.186.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84171 (0x148cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 15:52:05 2025 GMT
Not After : Mar 3 15:52:05 2025 GMT
Subject: CN=6793b728-c69f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:12:d7:dd:39:27:cc:2c:c1:a2:ae:cc:a9:21:
ad:65:1c:5d:38:2a:c3:0c:d4:70:9e:17:49:fc:62:
3f:5c:b2:4c:10:21:bd:cd:05:07:eb:16:9d:82:1b:
b6:47:3f:c5:dc:cf:22:61:86:2e:77:fe:a6:b8:f8:
d5:74:3a:29:6d:c6:bc:f3:c8:02:94:32:5c:58:9e:
08:68:39:cc:00:83:c9:c2:40:77:be:ff:4e:5c:47:
7e:d8:04:86:84:7b:03:0d:99:fd:0f:12:50:ee:c4:
d6:16:25:24:4d:03:ef:e1:db:32:95:ce:58:7c:9e:
6b:d2:c6:c1:72:08:c3:db:25:0c:43:9a:5a:36:6b:
d9:67:b9:f5:d4:23:f0:17:33:74:74:52:a4:fd:81:
bc:03:e5:3a:f8:f8:fb:8a:4f:d6:84:46:d8:ef:43:
bb:50:a8:1b:a4:43:4a:8f:50:98:c3:b4:7f:0c:e4:
41:51:de:e5:e2:97:39:80:c4:4a:e8:92:e0:23:1a:
85:08:cf:2d:a6:27:61:df:f3:53:81:00:f1:ea:17:
f6:94:54:67:af:2b:e2:db:95:6c:dc:dc:40:33:cd:
1b:67:36:14:41:69:27:ec:73:3f:06:5f:a4:65:23:
40:d4:24:a8:8d:b0:6f:a4:6b:84:54:b8:f6:10:29:
23:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:34:7F:7D:FB:E5:F7:86:B7:00:E2:A2:58:EA:E3:07:C3:30:52:3B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2AC08922DA6B11EF9FFFF08B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.186.0/24
Signature Algorithm: sha256WithRSAEncryption
31:97:47:fc:7e:1f:ba:2b:3e:b8:f1:b8:a3:fd:5e:27:c3:b1:
97:a4:cc:8b:2a:6d:b6:da:74:27:95:12:8d:73:b1:97:7d:ad:
6b:d1:fa:55:d7:fd:5b:b7:69:c0:8c:20:43:b1:b2:df:ef:9a:
2f:48:71:1c:68:51:0e:10:e9:22:85:28:27:34:80:ef:50:11:
c6:9c:18:b1:36:7b:ba:12:91:42:2c:ff:b7:df:cc:6b:31:64:
a8:fa:95:27:38:71:5c:2c:da:3c:a4:e0:42:9c:f5:77:ae:d1:
74:10:d6:25:cc:2b:a4:e4:86:95:2b:cb:89:35:9c:d7:ef:67:
23:09:b1:5c:2f:e9:a8:38:56:2d:88:6a:53:ee:73:71:71:4f:
aa:6e:9a:0c:32:92:2d:0f:5a:cf:d7:43:5b:82:89:6b:15:ad:
bd:6b:8e:c1:20:df:b9:3e:86:7f:ab:df:55:c2:b1:52:4c:47:
aa:92:b8:20:e5:89:5d:ec:f9:f7:c0:ef:70:36:87:29:e4:3a:
33:f6:03:00:f9:c1:54:f8:72:31:76:35:a6:58:29:c2:14:49:
d1:69:a1:25:be:3b:16:37:42:6d:1b:b6:34:93:f2:e6:f5:66:
6c:84:81:7a:b4:87:43:88:b6:9c:de:64:a8:95:c5:e1:75:2c:
77:d3:18:fe
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUjLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTU1MjA1WhcNMjUwMzAzMTU1MjA1WjAYMRYw
FAYDVQQDEw02NzkzYjcyOC1jNjlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtxLX3TknzCzBoq7MqSGtZRxdOCrDDNRwnhdJ/GI/XLJMECG9zQUH6xad
ghu2Rz/F3M8iYYYud/6muPjVdDopbca888gClDJcWJ4IaDnMAIPJwkB3vv9OXEd+
2ASGhHsDDZn9DxJQ7sTWFiUkTQPv4dsylc5YfJ5r0sbBcgjD2yUMQ5paNmvZZ7n1
1CPwFzN0dFKk/YG8A+U6+Pj7ik/WhEbY70O7UKgbpENKj1CYw7R/DORBUd7l4pc5
gMRK6JLgIxqFCM8tpidh3/NTgQDx6hf2lFRnryvi25Vs3NxAM80bZzYUQWkn7HM/
Bl+kZSNA1CSojbBvpGuEVLj2ECkjYwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPc0
f3375feGtwDioljq4wfDMFI7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQUMwODkyMkRBNkIxMUVGOUZGRkYwOEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt+6MA0GCSqGSIb3DQEB
CwUAA4IBAQAxl0f8fh+6Kz648bij/V4nw7GXpMyLKm222nQnlRKNc7GXfa1r0fpV
1/1bt2nAjCBDsbLf75ovSHEcaFEOEOkihSgnNIDvUBHGnBixNnu6EpFCLP+338xr
MWSo+pUnOHFcLNo8pOBCnPV3rtF0ENYlzCuk5IaVK8uJNZzX72cjCbFcL+moOFYt
iGpT7nNxcU+qbpoMMpItD1rP10NbgolrFa29a47BIN+5PoZ/q99VwrFSTEeqkrgg
5Yld7Pn3wO9wNocp5Doz9gMA+cFU+HIxdjWmWCnCFEnRaaElvjsWN0JtG7Y0k/Lm
9WZshIF6tIdDiLac3mSolcXhdSx30xj+
-----END CERTIFICATE-----
Generated at Sat Apr 26 06:45:33 2025 by rpki-client