Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4CACB2CCDA2511EFB333ABB1762E951A.roa
File: 4CACB2CCDA2511EFB333ABB1762E951A.roa (raw, json)
Hash identifier: AU3ZG+g+otXt3qj7mDzaDJFR4xt0WWesf/l7uVgHbnc=
Subject key identifier: 71:73:8C:32:DD:80:D9:A1:60:4C:E6:C4:61:6E:43:20:5C:13:73:7F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01441A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4CACB2CCDA2511EFB333ABB1762E951A.roa
Signing time: Fri 24 Jan 2025 07:32:01 +0000
ROA not before: Fri 24 Jan 2025 07:31:56 +0000
ROA not after: Wed 05 Mar 2025 07:31:56 +0000
asID: 48031
IP address blocks: 154.222.218.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82970 (0x1441a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 07:31:56 2025 GMT
Not After : Mar 5 07:31:56 2025 GMT
Subject: CN=679341f1-0c89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:49:dc:0b:3e:41:eb:33:26:3d:df:c1:01:c5:
17:02:ba:ac:d0:4a:b4:bb:a9:b2:f5:27:67:90:f4:
a2:f7:ad:fb:66:6a:0f:e5:3f:51:0c:d9:12:d0:2f:
1f:cc:b8:54:d6:d0:65:39:f9:2a:b1:29:18:cc:43:
b2:40:dd:93:87:61:f7:24:fb:77:ca:0e:9c:72:92:
10:7a:27:28:18:58:cb:a4:7c:4c:d4:59:28:e1:82:
f9:38:31:d7:82:ab:25:7e:88:6f:42:c9:ad:cf:d6:
f3:47:9e:a6:a0:fa:65:5c:5e:4b:3b:e9:fc:40:9e:
89:e3:fa:54:70:6d:25:25:ba:e2:07:4a:ec:97:60:
58:f1:9a:65:e3:4b:df:29:c0:60:52:e0:38:55:a1:
43:71:36:45:ab:ab:6a:32:a8:3e:a5:8d:09:47:72:
f6:4e:5a:14:8d:be:37:e4:b2:4f:65:0c:b7:a1:9f:
eb:cd:b0:ed:0e:74:ff:8e:e4:ed:ad:06:be:d8:ae:
bd:e6:67:a6:de:70:7e:91:c5:09:e8:01:36:fb:d5:
72:96:76:59:1b:80:16:cf:2a:7d:c4:cf:d9:61:7c:
2a:bf:6b:ab:da:4c:5e:3c:55:49:14:03:35:29:12:
07:db:09:95:18:88:3e:c3:22:de:b3:2f:f1:31:44:
60:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:73:8C:32:DD:80:D9:A1:60:4C:E6:C4:61:6E:43:20:5C:13:73:7F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4CACB2CCDA2511EFB333ABB1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.218.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:69:6d:be:16:f8:eb:57:90:fc:65:31:f7:0c:58:12:af:e2:
2d:0b:48:6e:e8:12:0e:89:67:6c:65:15:f5:4c:68:9a:f6:b8:
3d:72:7c:3d:8a:90:f8:99:79:fb:81:73:10:1a:37:53:1c:f8:
6c:5f:c0:8c:62:4f:e4:ed:a3:7a:8f:ed:2f:96:b2:61:6a:aa:
8d:11:de:c2:3a:60:32:4c:76:ca:19:ac:a4:14:62:16:09:b9:
01:cd:bf:86:bf:a9:53:e4:d7:76:0e:53:fc:80:45:85:d7:3f:
6a:5e:81:6e:da:90:10:7d:f1:54:c0:46:61:84:4a:35:3c:53:
67:4d:f4:ce:09:62:80:c6:a4:5a:9f:94:0e:6b:03:26:4c:85:
30:a3:8b:19:3d:cb:9c:6f:ba:28:b9:c7:6c:b1:9b:ad:6a:5a:
79:81:d8:8a:c1:61:42:cf:e2:cd:1d:88:92:7c:36:9f:bf:89:
9b:92:47:21:6a:21:53:45:58:8d:2c:f8:76:a4:b0:40:83:a1:
97:24:b4:10:12:ef:1d:eb:b7:be:9b:08:f1:01:a8:cd:15:d6:
4a:25:b7:93:f1:84:48:fc:b1:5b:65:99:f1:7b:8f:3c:7b:7a:
bd:f5:2f:01:99:f3:8f:20:b5:eb:39:6a:34:e2:bc:2a:fe:95:
90:06:9f:6f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUQaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDczMTU2WhcNMjUwMzA1MDczMTU2WjAYMRYw
FAYDVQQDEw02NzkzNDFmMS0wYzg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA40ncCz5B6zMmPd/BAcUXArqs0Eq0u6my9SdnkPSi9637ZmoP5T9RDNkS
0C8fzLhU1tBlOfkqsSkYzEOyQN2Th2H3JPt3yg6ccpIQeicoGFjLpHxM1Fko4YL5
ODHXgqslfohvQsmtz9bzR56moPplXF5LO+n8QJ6J4/pUcG0lJbriB0rsl2BY8Zpl
40vfKcBgUuA4VaFDcTZFq6tqMqg+pY0JR3L2TloUjb435LJPZQy3oZ/rzbDtDnT/
juTtrQa+2K695mem3nB+kcUJ6AE2+9VylnZZG4AWzyp9xM/ZYXwqv2ur2kxePFVJ
FAM1KRIH2wmVGIg+wyLesy/xMURgbQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHFz
jDLdgNmhYEzmxGFuQyBcE3N/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80Q0FDQjJDQ0RBMjUxMUVGQjMzM0FCQjE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt7aMA0GCSqGSIb3DQEB
CwUAA4IBAQCfaW2+FvjrV5D8ZTH3DFgSr+ItC0hu6BIOiWdsZRX1TGia9rg9cnw9
ipD4mXn7gXMQGjdTHPhsX8CMYk/k7aN6j+0vlrJhaqqNEd7COmAyTHbKGaykFGIW
CbkBzb+Gv6lT5Nd2DlP8gEWF1z9qXoFu2pAQffFUwEZhhEo1PFNnTfTOCWKAxqRa
n5QOawMmTIUwo4sZPcucb7ooucdssZutalp5gdiKwWFCz+LNHYiSfDafv4mbkkch
aiFTRViNLPh2pLBAg6GXJLQQEu8d67e+mwjxAajNFdZKJbeT8YRI/LFbZZnxe488
e3q99S8BmfOPILXrOWo04rwq/pWQBp9v
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:26:30 2025 by rpki-client