Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FF02068D56D11EF968F0084762E951A.roa
File: 2FF02068D56D11EF968F0084762E951A.roa (raw, json)
Hash identifier: EE1Y3j85nvQWHxV7K5leQ8qEa16Ty3dOdj1nQTMulJY=
Subject key identifier: 24:9F:94:91:17:A5:83:21:67:24:13:85:B8:72:62:12:D4:A6:B8:FA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013D96
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FF02068D56D11EF968F0084762E951A.roa
Signing time: Sat 18 Jan 2025 07:24:00 +0000
ROA not before: Sat 18 Jan 2025 07:23:57 +0000
ROA not after: Sat 22 Feb 2025 07:23:57 +0000
asID: 18013
IP address blocks: 154.217.234.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81302 (0x13d96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 18 07:23:57 2025 GMT
Not After : Feb 22 07:23:57 2025 GMT
Subject: CN=678b5710-dec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:66:a3:52:bf:bc:b8:45:cf:1c:c2:74:9e:45:
5e:2b:dd:be:2a:73:25:ad:02:06:e4:a0:72:85:90:
2f:ea:fd:67:30:fe:35:dc:7a:e0:cb:e9:7e:ed:f4:
2a:33:56:cd:73:b2:4c:a6:a6:a6:9f:02:cb:3b:99:
b3:d1:e3:7a:c8:b7:e5:01:c7:20:85:7e:1f:dc:5b:
41:cd:12:d9:05:f9:8e:3f:1e:9b:fd:10:2d:a8:73:
e7:86:49:04:a9:0c:bb:85:41:f0:50:33:46:3d:85:
eb:92:55:c7:67:85:45:ca:5b:42:9e:6d:12:70:09:
b4:f6:42:3f:dd:3a:3c:bd:1a:63:da:c4:c5:a7:5e:
0a:9a:5b:99:a4:49:df:af:7c:1a:9e:bd:c7:10:7b:
d0:39:f0:77:c6:45:25:2c:13:ef:d9:94:66:7f:38:
10:79:ca:ae:25:22:d8:a9:6a:33:ae:6b:45:ab:11:
28:5f:94:51:51:f9:bd:25:75:bc:53:a7:25:f3:4a:
07:19:7b:07:13:54:ba:2b:03:17:b7:5d:2e:29:9a:
ed:07:a8:91:7e:8d:b9:80:2b:07:53:3c:13:bf:6a:
6b:f4:35:3b:79:42:fb:64:1d:74:f6:ec:ce:1b:8b:
c6:2a:19:2b:f7:8e:7d:5b:ad:52:68:98:d5:45:ff:
25:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:9F:94:91:17:A5:83:21:67:24:13:85:B8:72:62:12:D4:A6:B8:FA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FF02068D56D11EF968F0084762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.234.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:e8:9f:a7:5a:d2:a9:db:76:3a:9b:7d:f4:32:69:d9:c9:af:
74:fe:f7:33:c0:ac:aa:85:fb:62:81:66:51:b9:91:35:bd:99:
c1:17:11:b2:b9:58:c5:b9:ff:1b:a6:ee:8f:1e:75:d9:dc:a4:
8e:c4:05:ba:d4:7b:9a:aa:ff:55:fd:7c:98:c3:a9:96:4f:da:
36:39:dc:c3:88:a8:15:08:80:3b:90:53:01:da:92:01:3d:8b:
87:93:c2:a1:c8:43:e4:2c:b8:ed:8b:b1:45:9c:7d:19:98:7e:
d9:60:58:b9:a3:3f:73:4c:9c:60:c6:a7:f8:31:0a:f7:05:61:
42:3a:b4:9e:fb:9c:3f:2d:50:2a:47:ce:18:f0:8a:e1:7c:8a:
38:be:d1:50:9e:2c:bd:1a:86:d9:18:80:d6:4e:83:a8:28:55:
a4:88:b9:e4:17:5b:1b:0e:89:3d:26:0b:00:92:fe:34:12:f4:
84:40:46:c5:fa:b0:1e:f8:aa:51:c8:4a:86:cb:83:6f:0d:6b:
46:95:44:1a:47:12:57:2d:ec:10:1e:aa:a1:69:0e:e4:56:87:
71:1e:0c:9f:0f:0d:0d:7c:74:5e:60:84:8e:28:d4:2b:57:e3:
eb:04:4e:1c:8a:b5:b0:ef:98:63:27:3f:22:be:84:37:4c:8b:
01:85:a8:d8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT2WMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE4MDcyMzU3WhcNMjUwMjIyMDcyMzU3WjAYMRYw
FAYDVQQDEw02NzhiNTcxMC1kZWMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2WajUr+8uEXPHMJ0nkVeK92+KnMlrQIG5KByhZAv6v1nMP413Hrgy+l+
7fQqM1bNc7JMpqamnwLLO5mz0eN6yLflAccghX4f3FtBzRLZBfmOPx6b/RAtqHPn
hkkEqQy7hUHwUDNGPYXrklXHZ4VFyltCnm0ScAm09kI/3To8vRpj2sTFp14KmluZ
pEnfr3wanr3HEHvQOfB3xkUlLBPv2ZRmfzgQecquJSLYqWozrmtFqxEoX5RRUfm9
JXW8U6cl80oHGXsHE1S6KwMXt10uKZrtB6iRfo25gCsHUzwTv2pr9DU7eUL7ZB10
9uzOG4vGKhkr9459W61SaJjVRf8lHwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCSf
lJEXpYMhZyQThbhyYhLUprj6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRkYwMjA2OEQ1NkQxMUVGOTY4RjAwODQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtnqMA0GCSqGSIb3DQEB
CwUAA4IBAQAu6J+nWtKp23Y6m330MmnZya90/vczwKyqhftigWZRuZE1vZnBFxGy
uVjFuf8bpu6PHnXZ3KSOxAW61Huaqv9V/XyYw6mWT9o2OdzDiKgVCIA7kFMB2pIB
PYuHk8KhyEPkLLjti7FFnH0ZmH7ZYFi5oz9zTJxgxqf4MQr3BWFCOrSe+5w/LVAq
R84Y8IrhfIo4vtFQniy9GobZGIDWToOoKFWkiLnkF1sbDok9JgsAkv40EvSEQEbF
+rAe+KpRyEqGy4NvDWtGlUQaRxJXLewQHqqhaQ7kVodxHgyfDw0NfHReYISOKNQr
V+PrBE4cirWw75hjJz8ivoQ3TIsBhajY
-----END CERTIFICATE-----
Generated at Sun Apr 27 09:49:58 2025 by rpki-client