Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/30DECD78D97B11EFA41509B6762E951A.roa
File: 30DECD78D97B11EFA41509B6762E951A.roa (raw, json)
Hash identifier: a1fguwbwv8OU7C6vNx8O3IGs+gR15OcLoqLNaGq9Qcc=
Subject key identifier: 86:3A:07:8A:6F:CA:5D:29:3F:3D:04:89:69:0E:0E:CB:03:60:5F:DE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014184
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/30DECD78D97B11EFA41509B6762E951A.roa
Signing time: Thu 23 Jan 2025 11:14:20 +0000
ROA not before: Thu 23 Jan 2025 11:14:15 +0000
ROA not after: Fri 28 Feb 2025 11:14:15 +0000
asID: 62240
IP address blocks: 154.195.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82308 (0x14184)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 23 11:14:15 2025 GMT
Not After : Feb 28 11:14:15 2025 GMT
Subject: CN=6792248c-66be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9e:7b:46:5d:5e:ed:81:d0:81:b0:16:50:48:
f1:99:90:f7:5b:04:f1:dd:62:22:17:d4:7a:3e:cd:
e7:63:39:e0:97:42:b9:2f:0c:65:e6:8a:a3:7a:39:
d4:38:22:7b:af:37:77:57:60:27:4a:95:c2:1a:40:
24:9e:a8:da:83:ff:fd:65:8f:be:73:2f:0d:22:cc:
f5:23:c0:e3:c8:d4:45:3d:1e:f8:6b:b6:83:f3:5c:
2f:ad:03:cc:c1:4d:14:9f:02:d4:53:83:f3:04:20:
95:ca:73:fb:70:e3:90:e2:db:46:da:75:5c:c2:97:
74:8a:d2:a2:11:ee:7f:e3:8e:f3:f1:86:94:a4:07:
cf:ed:a6:1f:52:06:cb:44:53:8d:b2:b6:58:1b:28:
5e:f2:26:75:c3:73:fd:1c:44:ad:26:62:50:f3:ab:
6e:a7:a9:7e:ec:9d:5e:f9:24:97:00:40:fc:75:34:
f8:75:e7:a9:d3:d7:4f:04:5a:07:79:0f:89:24:52:
84:0b:69:b8:bb:70:f7:07:81:13:36:9d:99:8e:c3:
ed:cc:91:91:97:f6:2c:89:e4:a9:82:34:44:5b:e3:
eb:6f:2e:12:18:55:7f:a9:f5:0b:5e:8b:d9:b8:7a:
bb:e8:7b:9e:67:02:87:79:0a:d1:72:cb:ee:81:6c:
53:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:3A:07:8A:6F:CA:5D:29:3F:3D:04:89:69:0E:0E:CB:03:60:5F:DE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/30DECD78D97B11EFA41509B6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.152.0/24
Signature Algorithm: sha256WithRSAEncryption
48:55:6f:e6:59:23:7d:8e:08:57:8e:36:88:13:46:3c:eb:b0:
fb:c4:6c:cc:4a:cd:52:47:b1:3c:94:26:58:da:51:cf:d9:af:
58:2d:dd:2b:a7:64:ee:9a:46:fe:41:69:af:f4:60:94:c7:79:
10:3b:16:17:b7:71:9b:6f:44:4c:92:95:fc:83:3d:87:57:4d:
e3:45:5b:7d:8e:08:9e:0a:b1:ec:92:a3:b5:18:96:64:1d:e3:
30:a7:b8:a6:95:e5:3e:4f:46:bc:83:d1:8c:df:4b:5f:9a:2d:
c6:25:d2:65:59:fc:e2:81:1b:3a:6d:6a:8b:b3:55:02:e5:48:
02:e3:9d:59:eb:23:20:57:75:83:1f:a0:18:88:06:80:03:e1:
a7:94:6a:db:ec:9d:d9:a3:53:46:96:3d:a9:1f:4d:c4:4c:5f:
4c:87:65:49:df:58:58:45:7a:6d:7d:30:b0:0e:dd:bf:c5:fc:
6c:3b:d4:8b:c1:30:75:8d:9f:87:7f:82:23:cc:cf:9e:65:d6:
24:c7:77:55:64:bd:17:cd:90:f5:54:c3:35:e3:c8:c1:f6:37:
8e:e8:79:67:69:9f:8c:0c:31:3c:86:82:b7:eb:f6:2b:35:c0:
80:62:d8:6a:7e:0e:3b:4f:76:9d:9e:b7:b4:45:c2:55:8c:a9:
04:f2:52:d3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUGEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMTExNDE1WhcNMjUwMjI4MTExNDE1WjAYMRYw
FAYDVQQDEw02NzkyMjQ4Yy02NmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt557Rl1e7YHQgbAWUEjxmZD3WwTx3WIiF9R6Ps3nYzngl0K5Lwxl5oqj
ejnUOCJ7rzd3V2AnSpXCGkAknqjag//9ZY++cy8NIsz1I8DjyNRFPR74a7aD81wv
rQPMwU0UnwLUU4PzBCCVynP7cOOQ4ttG2nVcwpd0itKiEe5/447z8YaUpAfP7aYf
UgbLRFONsrZYGyhe8iZ1w3P9HEStJmJQ86tup6l+7J1e+SSXAED8dTT4deep09dP
BFoHeQ+JJFKEC2m4u3D3B4ETNp2ZjsPtzJGRl/YsieSpgjREW+Prby4SGFV/qfUL
XovZuHq76HueZwKHeQrRcsvugWxTpwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIY6
B4pvyl0pPz0EiWkODssDYF/eMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMERFQ0Q3OEQ5N0IxMUVGQTQxNTA5QjY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsOYMA0GCSqGSIb3DQEB
CwUAA4IBAQBIVW/mWSN9jghXjjaIE0Y867D7xGzMSs1SR7E8lCZY2lHP2a9YLd0r
p2Tumkb+QWmv9GCUx3kQOxYXt3Gbb0RMkpX8gz2HV03jRVt9jgieCrHskqO1GJZk
HeMwp7imleU+T0a8g9GM30tfmi3GJdJlWfzigRs6bWqLs1UC5UgC451Z6yMgV3WD
H6AYiAaAA+GnlGrb7J3Zo1NGlj2pH03ETF9Mh2VJ31hYRXptfTCwDt2/xfxsO9SL
wTB1jZ+Hf4IjzM+eZdYkx3dVZL0XzZD1VMM148jB9jeO6HlnaZ+MDDE8hoK36/Yr
NcCAYthqfg47T3adnre0RcJVjKkE8lLT
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:48:03 2025 by rpki-client