Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/81EEBA5EDA4111EFB6542A72762E951A.roa
File: 81EEBA5EDA4111EFB6542A72762E951A.roa (raw, json)
Hash identifier: S11xTgBX3m5cCbDkqUGLkYz6b8cPm6eem8RYnMjjTJQ=
Subject key identifier: 95:F6:24:1C:E8:F2:E9:01:FB:ED:6D:1E:A3:42:1F:EF:16:A2:A9:A0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0145C9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/81EEBA5EDA4111EFB6542A72762E951A.roa
Signing time: Fri 24 Jan 2025 10:53:56 +0000
ROA not before: Fri 24 Jan 2025 10:53:52 +0000
ROA not after: Fri 28 Feb 2025 10:53:52 +0000
asID: 62240
IP address blocks: 154.196.68.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83401 (0x145c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 10:53:52 2025 GMT
Not After : Feb 28 10:53:52 2025 GMT
Subject: CN=67937144-8368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4d:25:55:3e:c2:80:fa:f5:67:81:00:61:78:
5e:17:08:b9:c6:88:77:53:4f:e3:f3:8f:54:4c:56:
df:5d:ea:64:3f:7b:66:84:82:5e:6d:fc:f9:6c:f3:
0f:9b:9a:91:58:db:59:17:0f:a3:13:94:6e:d4:2f:
a5:cb:e8:f9:f8:7d:74:90:74:fd:41:94:49:bf:5b:
53:9b:d0:d1:75:09:f0:61:be:54:5c:79:b4:31:44:
ef:ac:3e:c7:ba:f5:21:4d:31:d0:18:b8:20:2a:5c:
e3:55:f6:38:84:7e:2d:2e:9a:66:6d:16:04:56:75:
d8:61:3e:21:eb:2d:45:c5:0f:d0:36:aa:08:aa:9b:
bf:4f:0a:3b:fb:45:7f:4c:97:d8:7b:66:24:00:0e:
be:32:75:0f:19:82:94:b2:c3:32:02:7e:d2:81:1e:
ce:6a:8c:bc:d8:15:a8:d7:07:c7:b2:81:ee:27:3f:
c8:3e:70:57:34:fd:0a:49:63:35:a8:f1:04:a9:0d:
44:ad:87:49:70:70:00:69:9e:d0:40:30:7b:72:2a:
09:58:e7:04:3f:be:aa:a5:4c:d7:24:72:25:c8:ad:
8e:cf:66:87:cd:83:08:db:89:da:72:02:41:8f:4f:
09:d7:5e:88:89:c8:c8:d0:57:ae:5f:24:64:8f:c5:
ee:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F6:24:1C:E8:F2:E9:01:FB:ED:6D:1E:A3:42:1F:EF:16:A2:A9:A0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/81EEBA5EDA4111EFB6542A72762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.68.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:06:bd:6d:e7:de:0a:16:ce:5e:63:f6:60:32:70:f6:a0:3d:
55:17:1a:80:22:66:a0:e6:f0:cb:95:3a:24:f5:61:c5:9f:e3:
c0:95:9e:0e:e9:6e:03:00:ae:ed:66:51:5e:49:55:7f:20:c1:
8e:ad:61:d8:e8:ce:a8:66:9c:06:03:32:ff:77:1c:77:af:3f:
30:26:a6:4f:af:94:92:53:c1:2d:a7:98:37:d4:94:9b:5f:04:
0e:f4:64:97:8f:43:16:e1:22:a6:28:b1:d8:f1:67:56:54:9f:
80:ec:f5:bb:17:f7:ea:92:8e:00:a2:d7:ad:3d:5f:34:b5:04:
29:4a:d6:06:fe:2c:60:16:b4:a7:7c:0e:a0:0d:08:f0:58:c9:
e5:02:99:5f:c9:c3:d1:51:52:3b:ee:48:63:a5:2f:16:d6:d4:
a1:7b:09:9c:6c:e8:72:f1:c1:c7:67:0f:56:b5:48:07:53:c5:
fb:28:72:38:18:af:4d:7e:11:6c:5c:2e:41:ec:ec:43:b8:a2:
16:51:d1:b0:1e:59:59:f9:e4:10:59:7d:c6:9d:74:1f:2a:75:
e9:80:c1:3b:2d:65:0e:ca:62:e8:64:05:bf:13:90:5f:64:01:
50:a8:9c:24:f3:dd:fb:a4:e3:03:12:e8:34:52:d0:62:94:bf:
2a:38:52:ca
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUXJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTA1MzUyWhcNMjUwMjI4MTA1MzUyWjAYMRYw
FAYDVQQDEw02NzkzNzE0NC04MzY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw00lVT7CgPr1Z4EAYXheFwi5xoh3U0/j849UTFbfXepkP3tmhIJebfz5
bPMPm5qRWNtZFw+jE5Ru1C+ly+j5+H10kHT9QZRJv1tTm9DRdQnwYb5UXHm0MUTv
rD7HuvUhTTHQGLggKlzjVfY4hH4tLppmbRYEVnXYYT4h6y1FxQ/QNqoIqpu/Two7
+0V/TJfYe2YkAA6+MnUPGYKUssMyAn7SgR7Oaoy82BWo1wfHsoHuJz/IPnBXNP0K
SWM1qPEEqQ1ErYdJcHAAaZ7QQDB7cioJWOcEP76qpUzXJHIlyK2Oz2aHzYMI24na
cgJBj08J116IicjI0FeuXyRkj8XuQQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJX2
JBzo8ukB++1tHqNCH+8WoqmgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MUVFQkE1RURBNDExMUVGQjY1NDJBNzI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsREMA0GCSqGSIb3DQEB
CwUAA4IBAQAcBr1t594KFs5eY/ZgMnD2oD1VFxqAImag5vDLlTok9WHFn+PAlZ4O
6W4DAK7tZlFeSVV/IMGOrWHY6M6oZpwGAzL/dxx3rz8wJqZPr5SSU8Etp5g31JSb
XwQO9GSXj0MW4SKmKLHY8WdWVJ+A7PW7F/fqko4AotetPV80tQQpStYG/ixgFrSn
fA6gDQjwWMnlAplfycPRUVI77khjpS8W1tShewmcbOhy8cHHZw9WtUgHU8X7KHI4
GK9NfhFsXC5B7OxDuKIWUdGwHllZ+eQQWX3GnXQfKnXpgME7LWUOymLoZAW/E5Bf
ZAFQqJwk8937pOMDEug0UtBilL8qOFLK
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:53:25 2025 by rpki-client