Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/685BF462D9CE11EF8260355C762E951A.roa
File: 685BF462D9CE11EF8260355C762E951A.roa (raw, json)
Hash identifier: 36eiia7uWTbcHef9gzcm8as72Dz6DWET3T/aw1iV4Wc=
Subject key identifier: F0:C8:C5:D8:A2:49:E6:9A:72:39:D8:FD:1A:29:DD:75:C1:9B:E6:78
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0142FD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/685BF462D9CE11EF8260355C762E951A.roa
Signing time: Thu 23 Jan 2025 21:10:01 +0000
ROA not before: Fri 24 Jan 2025 21:09:57 +0000
ROA not after: Fri 28 Feb 2025 21:09:57 +0000
asID: 62240
IP address blocks: 154.196.74.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82685 (0x142fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 21:09:57 2025 GMT
Not After : Feb 28 21:09:57 2025 GMT
Subject: CN=6792b029-d159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6b:9d:1b:8a:16:54:2d:9c:8b:33:34:a3:68:
9d:74:a5:d6:cb:7e:ef:ba:5f:1e:cc:f5:68:9e:89:
78:ea:ba:bc:ac:6e:c1:6b:a5:6d:8d:5e:ed:38:43:
34:a8:80:0b:61:60:94:18:db:6a:58:68:2e:77:cf:
35:44:64:a0:d6:e2:a6:23:34:18:9f:fd:cc:65:ca:
5f:f4:b0:47:86:4b:41:ce:58:d2:7b:23:a3:7a:3f:
93:12:b4:36:d0:0f:d7:d1:7e:bd:48:b9:1b:89:95:
66:09:ab:05:d2:fe:8b:a4:4e:39:23:f2:bf:ce:89:
5c:cc:78:79:0b:d2:88:89:d2:7d:93:a1:b2:a5:76:
b3:a8:fd:ab:22:ca:6e:fa:17:a4:db:ae:11:68:1c:
66:99:09:89:d5:37:0e:d1:54:8f:dd:08:1b:ad:16:
fb:b5:fe:00:63:79:77:48:93:3c:ef:b7:68:f8:f9:
d2:7b:24:55:a3:74:33:3d:72:22:b3:7c:67:a1:a3:
d2:be:bc:88:34:22:1b:80:21:0c:aa:be:5f:d2:de:
a2:e5:d2:c6:46:3d:c4:08:46:dc:eb:0d:aa:69:ab:
2d:86:62:ec:8c:4d:53:f3:57:12:0a:e3:9f:74:9e:
8c:b0:f6:0f:c6:bc:8f:bb:ff:1e:d1:d0:1a:23:cb:
8b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:C8:C5:D8:A2:49:E6:9A:72:39:D8:FD:1A:29:DD:75:C1:9B:E6:78
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/685BF462D9CE11EF8260355C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.74.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:f4:2b:a8:23:b2:04:73:60:b3:0e:b9:74:a8:22:a7:9c:a4:
c9:c0:7f:75:67:eb:c3:02:5b:5b:bc:3b:87:f8:91:58:d4:e7:
ad:3b:0c:04:b8:9d:3f:99:35:a9:67:34:d4:be:06:fd:03:d5:
6b:96:71:34:a1:ca:6a:9c:5c:01:00:ae:57:2e:76:46:dc:66:
e6:29:90:0f:7e:e1:73:d7:ef:fc:07:bc:37:37:5a:4d:a9:8f:
73:29:e1:8d:7e:46:f5:89:ed:48:f8:25:8c:fb:3a:4f:99:6d:
0b:91:82:83:50:da:6b:fd:44:45:cf:d3:d2:99:22:57:ca:3e:
4c:46:c7:3e:d2:a6:8d:b6:8b:be:2e:56:88:ec:09:03:c7:08:
2f:b9:b2:f1:9c:c2:25:81:07:42:86:80:24:ed:97:bc:d4:c5:
15:df:6d:22:f1:3b:14:92:00:5f:97:b5:81:6c:08:4b:e5:df:
56:87:a5:dd:3b:77:bd:21:e4:89:16:09:d6:99:a9:dc:83:0e:
01:74:95:58:ef:56:18:19:79:0f:48:64:8d:41:fa:1d:d9:72:
71:61:b9:8b:1b:7d:86:1d:6d:4d:c8:62:60:3b:be:2d:d3:c1:
56:f6:1a:bc:60:bb:97:0c:2f:39:95:c6:f1:26:f1:bc:62:1e:
07:f3:fb:c9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUL9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MjEwOTU3WhcNMjUwMjI4MjEwOTU3WjAYMRYw
FAYDVQQDEw02NzkyYjAyOS1kMTU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyGudG4oWVC2cizM0o2iddKXWy37vul8ezPVonol46rq8rG7Ba6VtjV7t
OEM0qIALYWCUGNtqWGgud881RGSg1uKmIzQYn/3MZcpf9LBHhktBzljSeyOjej+T
ErQ20A/X0X69SLkbiZVmCasF0v6LpE45I/K/zolczHh5C9KIidJ9k6GypXazqP2r
Ispu+hek264RaBxmmQmJ1TcO0VSP3QgbrRb7tf4AY3l3SJM877do+PnSeyRVo3Qz
PXIis3xnoaPSvryINCIbgCEMqr5f0t6i5dLGRj3ECEbc6w2qaasthmLsjE1T81cS
CuOfdJ6MsPYPxryPu/8e0dAaI8uLmQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPDI
xdiiSeaacjnY/Rop3XXBm+Z4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82ODVCRjQ2MkQ5Q0UxMUVGODI2MDM1NUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsRKMA0GCSqGSIb3DQEB
CwUAA4IBAQCp9CuoI7IEc2CzDrl0qCKnnKTJwH91Z+vDAltbvDuH+JFY1OetOwwE
uJ0/mTWpZzTUvgb9A9VrlnE0ocpqnFwBAK5XLnZG3GbmKZAPfuFz1+/8B7w3N1pN
qY9zKeGNfkb1ie1I+CWM+zpPmW0LkYKDUNpr/URFz9PSmSJXyj5MRsc+0qaNtou+
LlaI7AkDxwgvubLxnMIlgQdChoAk7Ze81MUV320i8TsUkgBfl7WBbAhL5d9Wh6Xd
O3e9IeSJFgnWmancgw4BdJVY71YYGXkPSGSNQfod2XJxYbmLG32GHW1NyGJgO74t
08FW9hq8YLuXDC85lcbxJvG8Yh4H8/vJ
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:43:24 2025 by rpki-client