Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5B2254D4C47611EFB2291667762E951A.roa
File: 5B2254D4C47611EFB2291667762E951A.roa (raw, json)
Hash identifier: JqqKRKaBsvWvZXTILi3NnKpoxPLkiZt48kHI7gHN9Sg=
Subject key identifier: CD:F3:61:66:2F:43:7A:2B:E7:3A:85:FD:97:07:F4:C8:4A:70:42:5D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012ACE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5B2254D4C47611EFB2291667762E951A.roa
Signing time: Fri 27 Dec 2024 17:16:49 +0000
ROA not before: Fri 27 Dec 2024 17:16:45 +0000
ROA not after: Sat 01 Feb 2025 17:16:45 +0000
asID: 203020
IP address blocks: 154.200.213.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76494 (0x12ace)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Dec 27 17:16:45 2024 GMT
Not After : Feb 1 17:16:45 2025 GMT
Subject: CN=676ee100-e339
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:11:2c:53:78:c0:5c:e2:33:b9:ff:e4:01:67:
71:d0:e0:5f:4a:d6:e8:47:1f:2d:9f:1e:aa:a3:c1:
cd:d5:0a:c4:0a:b9:86:cc:f6:4d:c2:fd:01:bc:74:
51:15:4c:97:77:e6:6e:61:95:3c:1d:40:a3:e0:d2:
e5:8c:d6:75:1f:6e:00:b8:7b:1b:31:64:7e:2a:a8:
e4:6d:16:25:a9:bc:43:07:c4:3e:33:72:81:11:de:
f3:34:67:2b:a8:0b:04:e4:85:60:d3:20:af:2e:83:
30:68:b2:37:3b:bc:97:05:ca:12:cd:35:ac:3d:6f:
ee:fa:ea:9d:a0:bb:bd:2d:f4:86:d8:df:e9:1f:06:
75:ee:a7:56:7c:9d:53:43:5e:27:5e:d3:e3:13:4c:
46:ad:89:67:d8:03:fd:1a:92:54:ef:6c:b4:1d:c4:
23:52:4c:05:fc:db:9b:fd:41:09:81:63:61:bc:9e:
f8:80:71:0d:d2:65:c7:ac:c8:6e:b7:a0:82:69:a8:
7b:2c:25:8e:9b:bd:47:75:ff:1c:14:33:28:bb:4c:
25:6d:90:61:10:d8:22:d4:0d:d4:48:48:eb:4c:49:
73:0d:bf:53:44:ee:b8:9e:c9:39:72:f8:f3:f4:fb:
e4:f7:43:85:ed:5e:65:74:d7:c7:81:31:fe:e3:31:
fa:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F3:61:66:2F:43:7A:2B:E7:3A:85:FD:97:07:F4:C8:4A:70:42:5D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5B2254D4C47611EFB2291667762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.213.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:09:44:cf:2b:ff:35:3a:90:3c:15:e2:92:4d:0f:d7:e7:67:
f8:2d:61:d7:1b:fd:df:ae:fa:73:1a:f1:f8:85:6b:2e:8a:0f:
df:a6:a8:fa:d9:99:9c:84:ef:08:13:f0:a3:29:8c:24:04:0e:
77:dc:de:90:5a:89:85:1d:59:ac:84:7d:62:9b:b1:1c:08:37:
27:96:96:60:b5:24:ca:65:83:d1:1e:6d:a0:4e:63:ca:c1:ee:
0e:81:e5:d3:4f:fb:f9:17:dc:a5:53:21:33:0c:70:d3:1e:4e:
bc:23:0e:36:8f:ed:7d:d3:32:43:2f:e4:64:13:4c:c8:85:10:
6f:c0:33:90:c2:e3:68:5b:e7:fb:6f:e4:82:b4:3f:16:62:63:
7e:38:3d:38:78:43:54:dd:a2:e6:23:c8:32:d5:52:3d:6f:f2:
b5:29:9d:59:b5:18:14:43:aa:be:c6:08:84:c8:01:56:90:15:
89:47:f0:04:04:7e:cc:92:bc:7d:38:66:79:d9:28:ff:16:39:
59:3d:ba:3d:82:13:71:29:df:dd:19:7d:61:58:c2:e1:fa:d3:
9d:71:37:c8:d1:af:ac:37:7f:f4:e4:4e:06:18:90:ff:9a:b5:
85:77:e3:84:60:7e:9d:b0:22:fa:6e:3e:8b:61:74:12:e8:01:
4e:db:b2:e1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASrOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI3MTcxNjQ1WhcNMjUwMjAxMTcxNjQ1WjAYMRYw
FAYDVQQDEw02NzZlZTEwMC1lMzM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAthEsU3jAXOIzuf/kAWdx0OBfStboRx8tnx6qo8HN1QrECrmGzPZNwv0B
vHRRFUyXd+ZuYZU8HUCj4NLljNZ1H24AuHsbMWR+KqjkbRYlqbxDB8Q+M3KBEd7z
NGcrqAsE5IVg0yCvLoMwaLI3O7yXBcoSzTWsPW/u+uqdoLu9LfSG2N/pHwZ17qdW
fJ1TQ14nXtPjE0xGrYln2AP9GpJU72y0HcQjUkwF/Nub/UEJgWNhvJ74gHEN0mXH
rMhut6CCaah7LCWOm71Hdf8cFDMou0wlbZBhENgi1A3USEjrTElzDb9TRO64nsk5
cvjz9Pvk90OF7V5ldNfHgTH+4zH6twIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM3z
YWYvQ3or5zqF/ZcH9MhKcEJdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81QjIyNTRENEM0NzYxMUVGQjIyOTE2Njc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsjVMA0GCSqGSIb3DQEB
CwUAA4IBAQCgCUTPK/81OpA8FeKSTQ/X52f4LWHXG/3frvpzGvH4hWsuig/fpqj6
2ZmchO8IE/CjKYwkBA533N6QWomFHVmshH1im7EcCDcnlpZgtSTKZYPRHm2gTmPK
we4OgeXTT/v5F9ylUyEzDHDTHk68Iw42j+190zJDL+RkE0zIhRBvwDOQwuNoW+f7
b+SCtD8WYmN+OD04eENU3aLmI8gy1VI9b/K1KZ1ZtRgUQ6q+xgiEyAFWkBWJR/AE
BH7Mkrx9OGZ52Sj/FjlZPbo9ghNxKd/dGX1hWMLh+tOdcTfI0a+sN3/05E4GGJD/
mrWFd+OEYH6dsCL6bj6LYXQS6AFO27Lh
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:00:32 2025 by rpki-client