Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FF29F1CDCC211EF905B5954762E951A.roa
File: 2FF29F1CDCC211EF905B5954762E951A.roa (raw, json)
Hash identifier: zJ/sNGVgtEytII6/1JuvtiLu4ka0e/j2tVIHnQvFuJ0=
Subject key identifier: B1:47:FC:69:0E:9C:B3:BF:CF:15:25:9E:20:E3:52:14:D5:11:A0:A4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014C3B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FF29F1CDCC211EF905B5954762E951A.roa
Signing time: Mon 27 Jan 2025 15:20:06 +0000
ROA not before: Mon 27 Jan 2025 15:20:02 +0000
ROA not after: Sun 09 Feb 2025 15:20:02 +0000
asID: 5065
IP address blocks: 154.86.109.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85051 (0x14c3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 27 15:20:02 2025 GMT
Not After : Feb 9 15:20:02 2025 GMT
Subject: CN=6797a426-a112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:03:c9:61:11:a7:f3:18:cd:71:54:85:67:b3:
d1:4c:13:49:82:79:61:b4:19:c3:56:f8:67:9b:b5:
37:fc:a4:a1:69:2c:8a:d0:15:66:59:07:4e:0b:1b:
ee:d6:c0:02:26:27:b2:78:fc:2b:ba:c7:d1:2e:1b:
3c:f1:dd:83:5d:53:72:a7:d7:43:40:d3:d6:c9:b9:
7f:f7:a9:19:25:94:24:cb:c5:16:28:56:28:2f:3a:
8f:a2:1e:dc:e8:33:b3:14:34:fe:0f:d0:38:cc:2b:
c5:72:cf:aa:78:d2:34:b9:28:b1:c6:8c:38:ce:49:
99:fd:ba:1e:f4:1c:30:88:6a:61:ad:e8:2e:91:f9:
bd:5a:50:43:73:80:e9:96:fe:7e:b8:d7:4b:1d:36:
a4:aa:ef:a9:6c:1f:9e:da:e8:0e:36:d5:02:47:25:
c1:6e:24:40:6c:df:0a:e5:c2:de:48:ad:fd:84:8b:
79:7d:dd:39:e8:e2:a3:6f:40:02:af:5b:1e:8c:73:
99:e1:da:fb:12:6d:e5:5b:01:96:32:6d:d0:8d:ee:
e2:32:d7:ed:49:ec:c2:a5:61:81:e6:a3:e1:47:64:
11:50:04:88:62:42:a8:ac:dc:86:d4:26:d4:d3:b0:
d2:e2:0f:c9:9e:f2:3c:96:f4:49:a0:c9:8f:71:38:
40:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:47:FC:69:0E:9C:B3:BF:CF:15:25:9E:20:E3:52:14:D5:11:A0:A4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FF29F1CDCC211EF905B5954762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.109.0/24
Signature Algorithm: sha256WithRSAEncryption
34:cc:dd:a7:a1:fd:7c:60:af:57:5d:ae:a0:37:63:9f:a2:fb:
1b:2c:83:3d:c7:27:16:d0:06:a6:79:16:5e:33:55:91:3c:78:
02:06:7f:c5:fc:ff:6d:cd:6b:af:71:3f:33:90:69:97:b8:76:
32:b7:76:b4:3f:38:18:c0:11:84:01:23:1e:4d:99:af:6d:3b:
91:3e:1b:85:6d:70:ed:81:ce:1e:86:91:10:ca:fc:49:0e:d8:
10:53:31:35:e4:65:08:6f:04:b6:84:df:b6:f9:64:76:fd:9f:
a1:84:1b:2d:0d:a6:d4:99:cc:a7:3f:58:3c:f6:f3:da:9f:e5:
66:d6:99:6b:04:e1:46:11:89:b0:2a:87:2e:d5:30:8e:69:33:
5a:bd:6e:67:f1:90:c6:4a:ed:7f:10:c2:de:c5:31:9c:6c:a9:
1d:30:cf:0a:c7:18:fc:ad:eb:99:a1:c3:a0:16:c4:09:47:e8:
25:18:38:6a:38:0f:2b:8c:65:88:99:14:85:fd:12:be:2b:da:
5a:bd:c3:17:29:58:b8:8f:61:be:fa:bf:8b:e1:5b:be:2a:7b:
ef:2e:e2:34:7f:02:a1:c7:45:22:2d:42:2c:d5:b6:60:28:2a:
e5:ec:99:b3:cc:fb:7d:0d:a4:a5:a8:ba:9d:25:43:25:85:5f:
7e:81:d3:06
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUw7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI3MTUyMDAyWhcNMjUwMjA5MTUyMDAyWjAYMRYw
FAYDVQQDEw02Nzk3YTQyNi1hMTEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuQPJYRGn8xjNcVSFZ7PRTBNJgnlhtBnDVvhnm7U3/KShaSyK0BVmWQdO
Cxvu1sACJieyePwrusfRLhs88d2DXVNyp9dDQNPWybl/96kZJZQky8UWKFYoLzqP
oh7c6DOzFDT+D9A4zCvFcs+qeNI0uSixxow4zkmZ/boe9BwwiGphregukfm9WlBD
c4Dplv5+uNdLHTakqu+pbB+e2ugONtUCRyXBbiRAbN8K5cLeSK39hIt5fd056OKj
b0ACr1sejHOZ4dr7Em3lWwGWMm3Qje7iMtftSezCpWGB5qPhR2QRUASIYkKorNyG
1CbU07DS4g/JnvI8lvRJoMmPcThAqwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLFH
/GkOnLO/zxUlniDjUhTVEaCkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRkYyOUYxQ0RDQzIxMUVGOTA1QjU5NTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlZtMA0GCSqGSIb3DQEB
CwUAA4IBAQA0zN2nof18YK9XXa6gN2OfovsbLIM9xycW0AameRZeM1WRPHgCBn/F
/P9tzWuvcT8zkGmXuHYyt3a0PzgYwBGEASMeTZmvbTuRPhuFbXDtgc4ehpEQyvxJ
DtgQUzE15GUIbwS2hN+2+WR2/Z+hhBstDabUmcynP1g89vPan+Vm1plrBOFGEYmw
Kocu1TCOaTNavW5n8ZDGSu1/EMLexTGcbKkdMM8Kxxj8reuZocOgFsQJR+glGDhq
OA8rjGWImRSF/RK+K9pavcMXKVi4j2G++r+L4Vu+KnvvLuI0fwKhx0UiLUIs1bZg
KCrl7JmzzPt9DaSlqLqdJUMlhV9+gdMG
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:46:15 2025 by rpki-client