Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CBE32FCD51011EFA25B1694762E951A.roa
File: 2CBE32FCD51011EFA25B1694762E951A.roa (raw, json)
Hash identifier: ntdshnNmD2wWZI7FxIJ0iQp6nhNIW0/PWO4oBT0w8Ww=
Subject key identifier: E0:D4:19:EA:5A:AB:64:21:AE:E7:4C:27:6D:34:01:F1:0E:44:0F:DC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013D39
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CBE32FCD51011EFA25B1694762E951A.roa
Signing time: Fri 17 Jan 2025 20:18:12 +0000
ROA not before: Fri 17 Jan 2025 20:18:08 +0000
ROA not after: Sat 22 Feb 2025 20:18:08 +0000
asID: 141883
IP address blocks: 154.221.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81209 (0x13d39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 17 20:18:08 2025 GMT
Not After : Feb 22 20:18:08 2025 GMT
Subject: CN=678abb04-db00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a6:4c:1b:08:d9:7d:35:8f:b8:ec:87:52:5d:
db:9f:7a:d6:04:f4:13:d9:07:75:38:44:f1:40:3a:
7a:87:bb:9b:66:b5:7e:8e:31:34:6b:cb:8c:31:ca:
01:7d:d7:3c:ce:1b:41:2b:f3:30:96:7a:9a:8a:8a:
d6:da:94:62:f5:03:64:d6:ce:99:1b:4c:04:2e:79:
34:54:06:be:c2:2d:6e:20:46:93:03:73:3f:bf:58:
0c:a8:f1:8d:15:b6:15:a9:59:1a:45:e2:97:dc:db:
5e:f4:e6:5d:79:f5:be:aa:74:ae:14:c9:38:3f:cb:
2d:41:5e:7e:33:4a:2a:4f:f1:2f:51:97:b7:c7:ca:
cf:9a:04:17:20:1b:01:de:c3:77:fa:8d:2e:90:db:
26:12:cb:29:2c:e7:3f:82:a7:44:c3:4c:ec:2a:a1:
44:4a:8d:6f:0c:3e:e3:0d:a7:b7:ef:a2:7a:a3:ec:
e9:54:75:3b:19:6d:84:5f:ed:b8:d4:32:24:68:27:
df:29:4a:1f:10:63:5d:ad:62:ab:15:7f:6a:4c:77:
e6:e5:e7:7d:6c:08:88:6a:be:23:ba:c9:d3:47:82:
31:4d:f9:0e:26:9a:25:76:95:95:cf:b8:67:a0:52:
20:2b:eb:75:45:e9:59:57:d1:f6:61:ca:41:49:1b:
60:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:D4:19:EA:5A:AB:64:21:AE:E7:4C:27:6D:34:01:F1:0E:44:0F:DC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CBE32FCD51011EFA25B1694762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.0.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:90:cb:98:7a:23:d5:37:18:f7:a8:e4:8c:d4:92:bd:86:b0:
ae:89:3d:83:07:b0:28:fa:c7:c4:47:25:0f:4f:6d:55:8c:86:
07:52:e9:b3:90:9e:bc:aa:6e:b5:1b:42:a4:71:b9:7f:d5:bc:
91:22:80:29:db:ce:93:a7:e6:58:02:a8:ac:49:07:5d:d9:fd:
8a:93:a5:fb:e3:ba:b2:8d:61:68:ec:8b:7a:83:00:60:6d:df:
9d:d2:d9:8e:c5:96:9e:2d:77:10:81:4f:e8:c4:82:0d:f4:51:
77:a7:9c:d9:c0:51:3e:b6:e8:17:e3:9a:11:d8:09:80:c7:fe:
72:d1:a4:36:44:fd:9e:f0:0d:f8:e4:b9:05:15:ae:40:5c:5d:
f1:e9:0f:cc:f8:3c:bb:c4:b4:81:a2:ba:7c:5c:ad:06:c5:e0:
09:25:d8:22:d4:b1:09:68:8f:c3:f6:2d:0d:94:c7:09:ce:1e:
f0:7b:76:66:74:36:ef:9f:4f:13:40:9d:51:6d:48:da:22:ad:
a5:5d:67:eb:63:4e:d1:aa:23:bf:a0:c7:85:e6:5b:d5:e6:8c:
61:1f:ce:fc:56:b0:1f:58:4f:c0:28:2e:9f:cc:dd:cc:b7:5c:
7e:5d:4f:65:47:b3:e2:38:db:51:f6:aa:00:49:6a:67:56:e8:
e8:e3:fe:02
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT05MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE3MjAxODA4WhcNMjUwMjIyMjAxODA4WjAYMRYw
FAYDVQQDEw02NzhhYmIwNC1kYjAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1qZMGwjZfTWPuOyHUl3bn3rWBPQT2Qd1OETxQDp6h7ubZrV+jjE0a8uM
McoBfdc8zhtBK/MwlnqaiorW2pRi9QNk1s6ZG0wELnk0VAa+wi1uIEaTA3M/v1gM
qPGNFbYVqVkaReKX3Nte9OZdefW+qnSuFMk4P8stQV5+M0oqT/EvUZe3x8rPmgQX
IBsB3sN3+o0ukNsmEsspLOc/gqdEw0zsKqFESo1vDD7jDae376J6o+zpVHU7GW2E
X+241DIkaCffKUofEGNdrWKrFX9qTHfm5ed9bAiIar4jusnTR4IxTfkOJpoldpWV
z7hnoFIgK+t1RelZV9H2YcpBSRtgrwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFODU
Gepaq2QhrudMJ200AfEORA/cMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQ0JFMzJGQ0Q1MTAxMUVGQTI1QjE2OTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt0AMA0GCSqGSIb3DQEB
CwUAA4IBAQCtkMuYeiPVNxj3qOSM1JK9hrCuiT2DB7Ao+sfERyUPT21VjIYHUumz
kJ68qm61G0Kkcbl/1byRIoAp286Tp+ZYAqisSQdd2f2Kk6X747qyjWFo7It6gwBg
bd+d0tmOxZaeLXcQgU/oxIIN9FF3p5zZwFE+tugX45oR2AmAx/5y0aQ2RP2e8A34
5LkFFa5AXF3x6Q/M+Dy7xLSBorp8XK0GxeAJJdgi1LEJaI/D9i0NlMcJzh7we3Zm
dDbvn08TQJ1RbUjaIq2lXWfrY07RqiO/oMeF5lvV5oxhH878VrAfWE/AKC6fzN3M
t1x+XU9lR7PiONtR9qoASWpnVujo4/4C
-----END CERTIFICATE-----
Generated at Sun Apr 27 10:02:09 2025 by rpki-client