Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/58DFA350DA3511EF82455C9E762E951A.roa
File: 58DFA350DA3511EF82455C9E762E951A.roa (raw, json)
Hash identifier: 9rZvFonnhT+wTXyzTALu4Sf46a+FImgPdF5aZJr3PI8=
Subject key identifier: F0:38:5E:62:29:DE:07:B7:7A:18:5E:42:59:AF:C6:7B:C5:BC:D7:54
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0144EB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/58DFA350DA3511EF82455C9E762E951A.roa
Signing time: Fri 24 Jan 2025 09:26:53 +0000
ROA not before: Fri 24 Jan 2025 09:26:49 +0000
ROA not after: Wed 05 Mar 2025 09:26:49 +0000
asID: 202656
IP address blocks: 154.219.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83179 (0x144eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 09:26:49 2025 GMT
Not After : Mar 5 09:26:49 2025 GMT
Subject: CN=67935cdd-245b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:dd:5e:6a:3f:03:b4:17:42:0b:e4:bd:f6:03:
bb:7d:5b:30:6f:a0:95:9d:71:2d:08:ad:cf:92:59:
d4:c8:af:a2:6d:7d:68:c9:26:d2:bc:99:68:67:8f:
76:a0:8d:23:fb:88:c2:ed:dd:5d:7f:a5:78:ab:3a:
22:e6:5d:ff:4a:ce:0d:f3:c0:fb:7e:a3:6d:14:4d:
30:ff:38:f2:aa:37:3c:25:d6:08:ab:3f:da:e0:76:
5a:ca:b1:24:5b:35:87:87:06:ad:fa:47:9d:5f:aa:
54:0a:f4:1f:a5:f2:5a:6b:41:fb:d0:54:76:6c:5d:
34:53:69:da:ce:70:2b:e7:e8:5d:40:2c:aa:91:4f:
75:b9:fa:c8:71:66:94:cb:b3:2e:7e:11:8e:07:05:
c2:1a:96:69:34:00:12:cf:ee:45:3d:b3:c3:fc:50:
72:7c:f7:d7:f8:ca:63:95:df:ca:9a:0c:d5:c2:a3:
cf:d8:90:9d:67:77:c8:8b:25:eb:7b:1e:d0:2d:f3:
e7:0b:dd:7a:73:17:38:2d:cf:6f:3f:72:9c:c2:1e:
c5:5d:06:f1:f6:bf:b6:0b:d4:0b:f4:63:33:ff:1f:
5a:c5:45:3b:fa:5d:52:02:fb:c9:5d:6d:0e:68:d3:
a9:c6:f5:4c:00:67:76:20:6b:20:84:67:36:3b:c3:
ca:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:38:5E:62:29:DE:07:B7:7A:18:5E:42:59:AF:C6:7B:C5:BC:D7:54
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/58DFA350DA3511EF82455C9E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.216.0/24
Signature Algorithm: sha256WithRSAEncryption
10:69:5b:c0:df:8a:e1:04:38:27:4f:e7:7c:be:53:a2:44:00:
ba:e7:88:2e:c1:91:ef:99:a1:06:31:19:a4:4c:d6:5c:de:ea:
de:90:ae:b5:00:47:ce:26:ef:70:dc:69:23:4f:21:3f:58:64:
7c:d5:45:79:0b:e2:ed:49:3e:ef:60:04:38:9a:a1:e4:02:0f:
58:5d:f6:cd:9f:4e:6d:3e:5a:86:a5:83:65:fb:7c:8d:29:39:
68:86:ad:80:fa:a4:ef:78:b5:82:71:c6:4b:c4:7b:ae:90:ee:
4e:32:85:57:85:e7:4a:84:05:3d:52:41:ed:0d:cc:e9:cc:57:
a8:22:53:7f:2a:f6:04:d5:4b:77:12:dc:59:29:05:fb:d6:91:
f0:66:66:35:e6:5f:13:6b:8f:28:c4:ee:8d:92:52:e3:da:18:
29:f2:6d:79:8a:1b:f9:b3:4c:35:71:83:5a:7a:cc:e2:85:9b:
37:d2:8e:6e:82:f8:23:68:a6:51:1d:8a:1d:8e:63:1f:a0:9b:
b0:3c:8d:d5:8b:26:d1:0c:94:0b:53:a1:c7:8a:d8:9f:69:88:
79:f3:95:dd:b8:c5:4a:8e:db:3a:f7:de:9f:c7:2a:8c:e8:f1:
7e:1d:1d:46:e1:65:db:d8:43:bd:d5:61:8d:e3:fd:f6:58:67:
2f:78:c9:b4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUTrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDkyNjQ5WhcNMjUwMzA1MDkyNjQ5WjAYMRYw
FAYDVQQDEw02NzkzNWNkZC0yNDViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA291eaj8DtBdCC+S99gO7fVswb6CVnXEtCK3PklnUyK+ibX1oySbSvJlo
Z492oI0j+4jC7d1df6V4qzoi5l3/Ss4N88D7fqNtFE0w/zjyqjc8JdYIqz/a4HZa
yrEkWzWHhwat+kedX6pUCvQfpfJaa0H70FR2bF00U2naznAr5+hdQCyqkU91ufrI
cWaUy7MufhGOBwXCGpZpNAASz+5FPbPD/FByfPfX+Mpjld/KmgzVwqPP2JCdZ3fI
iyXrex7QLfPnC916cxc4Lc9vP3Kcwh7FXQbx9r+2C9QL9GMz/x9axUU7+l1SAvvJ
XW0OaNOpxvVMAGd2IGsghGc2O8PKxwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPA4
XmIp3ge3ehheQlmvxnvFvNdUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81OERGQTM1MERBMzUxMUVGODI0NTVDOUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtvYMA0GCSqGSIb3DQEB
CwUAA4IBAQAQaVvA34rhBDgnT+d8vlOiRAC654guwZHvmaEGMRmkTNZc3urekK61
AEfOJu9w3GkjTyE/WGR81UV5C+LtST7vYAQ4mqHkAg9YXfbNn05tPlqGpYNl+3yN
KTlohq2A+qTveLWCccZLxHuukO5OMoVXhedKhAU9UkHtDczpzFeoIlN/KvYE1Ut3
EtxZKQX71pHwZmY15l8Ta48oxO6NklLj2hgp8m15ihv5s0w1cYNaeszihZs30o5u
gvgjaKZRHYodjmMfoJuwPI3ViybRDJQLU6HHitifaYh585XduMVKjts6996fxyqM
6PF+HR1G4WXb2EO91WGN4/32WGcveMm0
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:45:18 2025 by rpki-client