Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/817A7F44DA5B11EF8AFBE2A0762E951A.roa
File: 817A7F44DA5B11EF8AFBE2A0762E951A.roa (raw, json)
Hash identifier: H3IJ4nb9bhkbwgpMjq2Jhrz1EYj7XcQRHyZ0I1B2Sbk=
Subject key identifier: 26:12:05:63:1E:50:C9:80:8A:D9:CD:0D:E7:31:CB:09:E5:3E:CE:82
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0147D3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/817A7F44DA5B11EF8AFBE2A0762E951A.roa
Signing time: Fri 24 Jan 2025 14:00:02 +0000
ROA not before: Fri 24 Jan 2025 13:59:58 +0000
ROA not after: Fri 28 Feb 2025 13:59:58 +0000
asID: 62240
IP address blocks: 154.196.64.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83923 (0x147d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 13:59:58 2025 GMT
Not After : Feb 28 13:59:58 2025 GMT
Subject: CN=67939ce2-2f1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:89:65:8c:33:c3:2c:97:27:c9:42:28:a1:87:
4c:24:cf:cf:98:ae:cb:e7:bc:af:dc:2e:ef:dd:77:
c9:0e:4b:a4:ef:bb:df:3b:1a:3c:b1:07:93:c2:ee:
a0:b5:c4:56:21:15:e4:92:94:57:e1:19:9c:92:91:
ec:37:58:8c:30:ec:44:bc:34:21:c7:d8:ad:66:52:
a3:41:fc:d0:cf:cd:16:ec:39:48:b3:ad:2f:3d:41:
e0:5b:1d:9b:91:3a:54:1a:01:c9:71:02:21:50:0a:
99:2e:23:1a:98:f2:94:b5:10:22:c6:1b:b7:10:91:
cc:23:e2:84:12:13:0a:9f:76:de:fe:27:a9:db:c5:
68:3a:d5:a4:b1:a1:80:da:97:7e:09:96:fa:95:6a:
1d:85:5f:af:5e:91:72:27:c8:9f:2f:81:f0:ec:41:
bb:66:28:f2:e7:35:fe:d2:7d:ac:51:58:8a:fa:7c:
1e:59:68:88:fe:26:2e:9f:e8:6e:f2:0c:f8:b5:d5:
e2:76:5a:39:66:26:f0:64:0a:59:1a:68:08:9f:a3:
40:7e:fa:8f:e0:51:a7:1a:43:77:40:d4:00:f4:eb:
62:b2:a6:58:06:2c:6e:b4:05:9b:cd:6a:66:b4:51:
fc:ac:42:c3:4e:89:5c:d4:fc:4d:ee:f6:35:27:3a:
12:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:12:05:63:1E:50:C9:80:8A:D9:CD:0D:E7:31:CB:09:E5:3E:CE:82
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/817A7F44DA5B11EF8AFBE2A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.64.0/20
Signature Algorithm: sha256WithRSAEncryption
0f:19:98:b8:7f:fd:24:98:84:4c:88:85:c1:27:d5:2b:1f:78:
03:32:38:98:ad:69:db:73:09:3e:a8:99:5a:3b:a0:97:a9:8b:
9d:82:b8:6e:39:2b:37:1c:9b:5a:9a:6a:c6:3e:27:a1:bc:76:
c8:38:76:ff:cf:f7:8a:78:26:7d:2b:c1:81:ec:30:1a:4c:b7:
21:13:13:f9:d2:e9:70:52:41:0a:55:0d:97:52:cf:8c:15:78:
8f:33:78:15:d3:d1:69:cd:b6:8b:b9:2f:54:e3:ea:65:d6:3a:
f5:f0:a6:ae:2a:68:86:81:1d:64:2c:79:40:d0:ba:be:42:7b:
69:10:bd:69:90:41:89:db:eb:6c:8a:93:96:17:58:a0:a0:8e:
98:24:8d:0a:d1:a1:cb:ca:7a:d8:aa:26:e8:69:89:8e:4a:7d:
07:a1:86:fb:91:a0:89:02:34:2a:52:9c:70:a6:cf:77:6d:72:
32:b0:0b:47:ed:ab:93:1d:c4:a4:dc:91:8e:5f:b2:b9:f3:5d:
84:09:b8:29:88:2b:5c:61:24:bb:a5:01:3d:ae:e3:d8:91:70:
90:6f:69:ea:2a:c0:12:59:3c:76:67:f2:60:71:01:e2:c4:ea:
78:fc:ca:fe:fc:6d:cb:bf:ba:5d:ad:99:ae:10:4e:d4:d2:53:
96:13:2e:eb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUfTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTM1OTU4WhcNMjUwMjI4MTM1OTU4WjAYMRYw
FAYDVQQDEw02NzkzOWNlMi0yZjFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA24lljDPDLJcnyUIooYdMJM/PmK7L57yv3C7v3XfJDkuk77vfOxo8sQeT
wu6gtcRWIRXkkpRX4RmckpHsN1iMMOxEvDQhx9itZlKjQfzQz80W7DlIs60vPUHg
Wx2bkTpUGgHJcQIhUAqZLiMamPKUtRAixhu3EJHMI+KEEhMKn3be/iep28VoOtWk
saGA2pd+CZb6lWodhV+vXpFyJ8ifL4Hw7EG7Zijy5zX+0n2sUViK+nweWWiI/iYu
n+hu8gz4tdXidlo5ZibwZApZGmgIn6NAfvqP4FGnGkN3QNQA9OtisqZYBixutAWb
zWpmtFH8rELDTolc1PxN7vY1JzoSfQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCYS
BWMeUMmAitnNDecxywnlPs6CMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MTdBN0Y0NERBNUIxMUVGOEFGQkUyQTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmsRAMA0GCSqGSIb3DQEB
CwUAA4IBAQAPGZi4f/0kmIRMiIXBJ9UrH3gDMjiYrWnbcwk+qJlaO6CXqYudgrhu
OSs3HJtammrGPiehvHbIOHb/z/eKeCZ9K8GB7DAaTLchExP50ulwUkEKVQ2XUs+M
FXiPM3gV09FpzbaLuS9U4+pl1jr18KauKmiGgR1kLHlA0Lq+QntpEL1pkEGJ2+ts
ipOWF1igoI6YJI0K0aHLynrYqiboaYmOSn0HoYb7kaCJAjQqUpxwps93bXIysAtH
7auTHcSk3JGOX7K5812ECbgpiCtcYSS7pQE9ruPYkXCQb2nqKsASWTx2Z/JgcQHi
xOp4/Mr+/G3Lv7pdrZmuEE7U0lOWEy7r
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:39:20 2025 by rpki-client