Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/621216E8BEB911EFA4F0D58C762E951A.roa
File: 621216E8BEB911EFA4F0D58C762E951A.roa (raw, json)
Hash identifier: 0SnAi1RorVkAkMFj/33MkQNkKRh/Kq/SnOU7BMQ6TKw=
Subject key identifier: 89:B7:05:4A:23:DD:44:79:61:AB:1F:7C:71:7B:10:84:6D:56:8E:8C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011CE4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/621216E8BEB911EFA4F0D58C762E951A.roa
Signing time: Fri 20 Dec 2024 10:01:30 +0000
ROA not before: Fri 20 Dec 2024 10:01:26 +0000
ROA not after: Sun 02 Feb 2025 10:01:26 +0000
asID: 202656
IP address blocks: 154.222.204.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72932 (0x11ce4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Dec 20 10:01:26 2024 GMT
Not After : Feb 2 10:01:26 2025 GMT
Subject: CN=67654079-80c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f7:28:4d:d2:78:d6:20:05:02:d1:8c:02:26:
ca:4c:d4:82:ae:ab:ed:b2:12:77:83:8b:8d:55:1f:
42:78:91:8b:db:e7:25:a1:07:01:50:f1:94:e5:75:
8b:d0:d6:87:bf:b3:ef:ce:53:48:12:7e:08:75:bd:
e3:76:3f:c1:7a:7b:18:36:78:b7:4b:25:11:69:7b:
28:d0:c1:ad:ff:d1:45:fa:34:00:4f:9a:76:02:ca:
e8:3b:81:71:ee:cf:90:05:8d:e4:d7:96:19:7f:9f:
60:e6:67:0e:f2:4b:51:7d:0a:51:45:ba:ce:4a:f8:
87:e1:f7:b8:16:31:97:53:2f:0b:d9:e2:39:af:c3:
5a:56:b6:25:98:27:41:2f:26:43:7e:15:af:eb:88:
c3:7c:bd:0d:bc:dd:64:33:04:0c:e0:44:96:37:18:
34:55:8b:48:45:c9:d6:68:b3:f2:c0:8a:e9:ca:c2:
55:75:85:04:ff:eb:54:59:7b:40:1d:3c:7d:e4:f2:
a1:96:24:96:7f:91:5a:1c:83:dc:20:9c:80:ba:f4:
80:7c:a2:8b:85:b6:9f:15:72:86:8d:cf:ba:96:8d:
16:ef:72:e5:59:c1:57:df:90:8c:10:22:d9:fd:28:
ed:76:0a:69:ae:d8:9b:bc:c7:03:08:5b:6a:4e:e6:
4f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:B7:05:4A:23:DD:44:79:61:AB:1F:7C:71:7B:10:84:6D:56:8E:8C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/621216E8BEB911EFA4F0D58C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.204.0/23
Signature Algorithm: sha256WithRSAEncryption
c0:59:e1:88:e6:68:47:e8:85:4d:71:d4:8b:3c:a9:d6:35:1f:
b6:17:80:77:7c:54:8d:d6:1e:1b:ae:ef:b5:76:84:27:3b:9f:
b7:f9:64:8a:70:4a:b8:e1:87:d4:62:27:5e:6b:cc:5c:c8:23:
92:c5:a9:01:25:8c:1c:28:b8:08:cf:48:42:46:b5:c8:0c:0f:
9d:4f:da:59:a8:b3:23:42:c3:a8:31:83:a9:b6:1e:7d:3b:4a:
06:e1:09:ed:89:e9:c4:cd:a6:5a:03:8c:e7:02:85:11:88:bb:
44:f7:41:4e:51:17:8d:d0:30:42:8e:da:c1:4d:37:6d:50:15:
82:f0:f9:cb:12:41:9f:55:09:85:ca:cf:3c:07:90:88:e4:f5:
ed:43:1c:74:b9:b9:5d:a9:93:87:1e:9a:ae:f6:84:e1:a0:89:
fc:bb:c5:27:c7:c1:0e:0a:2e:9d:70:15:2b:99:d8:78:18:ce:
ee:e2:6d:bf:f8:92:24:b6:48:1f:3b:83:8c:d5:eb:06:8f:16:
a0:67:42:02:ae:75:e4:58:60:c5:99:e3:7b:55:b5:bd:54:49:
fe:74:c9:eb:c9:9b:89:ac:cc:55:23:c9:84:56:fb:ba:86:80:
3e:0b:ad:eb:f8:db:98:e2:a0:40:61:de:a5:61:6c:ec:70:b4:
4f:91:10:09
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARzkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIwMTAwMTI2WhcNMjUwMjAyMTAwMTI2WjAYMRYw
FAYDVQQDEw02NzY1NDA3OS04MGMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuvcoTdJ41iAFAtGMAibKTNSCrqvtshJ3g4uNVR9CeJGL2+cloQcBUPGU
5XWL0NaHv7PvzlNIEn4Idb3jdj/BensYNni3SyURaXso0MGt/9FF+jQAT5p2Asro
O4Fx7s+QBY3k15YZf59g5mcO8ktRfQpRRbrOSviH4fe4FjGXUy8L2eI5r8NaVrYl
mCdBLyZDfhWv64jDfL0NvN1kMwQM4ESWNxg0VYtIRcnWaLPywIrpysJVdYUE/+tU
WXtAHTx95PKhliSWf5FaHIPcIJyAuvSAfKKLhbafFXKGjc+6lo0W73LlWcFX35CM
ECLZ/SjtdgpprtibvMcDCFtqTuZP9wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIm3
BUoj3UR5YasffHF7EIRtVo6MMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MjEyMTZFOEJFQjkxMUVGQTRGMEQ1OEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmt7MMA0GCSqGSIb3DQEB
CwUAA4IBAQDAWeGI5mhH6IVNcdSLPKnWNR+2F4B3fFSN1h4bru+1doQnO5+3+WSK
cEq44YfUYidea8xcyCOSxakBJYwcKLgIz0hCRrXIDA+dT9pZqLMjQsOoMYOpth59
O0oG4QntienEzaZaA4znAoURiLtE90FOUReN0DBCjtrBTTdtUBWC8PnLEkGfVQmF
ys88B5CI5PXtQxx0ubldqZOHHpqu9oThoIn8u8Unx8EOCi6dcBUrmdh4GM7u4m2/
+JIktkgfO4OM1esGjxagZ0ICrnXkWGDFmeN7VbW9VEn+dMnryZuJrMxVI8mEVvu6
hoA+C63r+NuY4qBAYd6lYWzscLRPkRAJ
-----END CERTIFICATE-----
Generated at Sun Apr 27 07:35:33 2025 by rpki-client