Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/84D9734CDA3411EFAEF9E897762E951A.roa
File: 84D9734CDA3411EFAEF9E897762E951A.roa (raw, json)
Hash identifier: JIeAEEAS1mKcf3ZQ1BrqP6DDhWdPw0R7qWpJOsig5RU=
Subject key identifier: BD:22:D1:B4:C9:68:35:61:74:49:BC:38:55:50:7C:61:0F:92:DB:D9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0144DD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/84D9734CDA3411EFAEF9E897762E951A.roa
Signing time: Fri 24 Jan 2025 09:20:57 +0000
ROA not before: Fri 24 Jan 2025 09:20:54 +0000
ROA not after: Wed 05 Mar 2025 09:20:54 +0000
asID: 202656
IP address blocks: 154.219.213.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83165 (0x144dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 09:20:54 2025 GMT
Not After : Mar 5 09:20:54 2025 GMT
Subject: CN=67935b79-d0fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:de:e4:32:92:37:36:14:35:60:45:c3:c6:3c:
71:db:b4:94:5b:2d:83:a3:54:48:12:dc:29:9c:6e:
66:73:93:8b:1e:a4:18:cb:b0:8d:d7:40:69:40:7e:
e5:ff:dd:a0:6e:88:d8:14:6a:36:ed:84:74:e8:96:
ba:f7:98:49:12:77:80:f9:13:84:56:77:bf:c8:4a:
7f:48:cc:b2:01:00:22:cc:20:a5:0b:8f:6c:ba:0f:
8c:ed:ef:75:97:5e:4c:15:4b:9b:d9:a8:50:2b:9d:
c0:82:c4:6c:4b:6a:fb:c1:ff:e2:db:7a:ef:22:74:
d1:0a:b7:fa:b3:d9:3d:5a:ef:61:cb:7b:37:12:1b:
66:4c:fc:ed:e5:60:69:40:ce:40:d1:63:91:be:a3:
7c:0f:2a:97:35:fd:e7:ca:ae:f2:35:c6:f1:6c:dc:
e2:f1:bd:0c:1c:f4:13:d9:15:3f:7c:6a:87:03:20:
94:52:a4:44:f6:07:2e:54:20:f5:81:12:c1:d3:e3:
91:5e:db:dd:20:fb:16:22:99:f3:6a:8d:e7:bf:a2:
d4:ed:ef:c5:0f:a6:2f:86:3a:7a:5d:ed:88:ae:6f:
51:de:74:b3:b7:a8:6a:b5:f9:85:b9:7c:89:25:f1:
95:19:96:2d:59:ce:66:bf:07:ff:0b:f8:e4:84:2d:
cb:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:22:D1:B4:C9:68:35:61:74:49:BC:38:55:50:7C:61:0F:92:DB:D9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/84D9734CDA3411EFAEF9E897762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.213.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:eb:16:c0:77:dc:70:e5:de:38:d3:d7:d0:5e:f3:6d:d1:05:
4f:8d:6f:78:25:3e:47:a7:57:7f:f3:6c:c6:96:f6:df:c3:3b:
ee:81:91:95:0b:3d:05:31:d7:51:2c:c8:3b:75:38:2c:65:8d:
56:6f:5a:c1:1f:74:88:0c:a4:35:79:4b:9f:fa:98:23:03:90:
c3:cf:0f:80:a2:5a:62:55:a9:ea:c0:0b:a3:10:d9:f7:41:15:
c2:fa:8c:7f:0a:d4:dd:8c:e5:80:f3:81:17:f5:30:73:de:5c:
3b:f1:6f:27:1e:dc:e9:75:8f:cf:88:cc:37:02:1c:93:ab:89:
aa:a7:50:95:09:93:62:ba:80:d5:42:1a:ab:41:db:1d:6d:65:
f5:74:f3:21:dc:27:8e:c2:bc:99:ec:e5:4c:4a:32:73:d7:fa:
fe:9e:74:81:b8:f2:2a:97:00:1b:aa:2f:af:64:a3:12:ae:4e:
78:e5:3e:fa:f9:96:47:82:02:cd:09:07:cd:e3:81:e2:5d:8d:
89:f6:3a:77:42:6b:de:0c:5e:e3:43:73:f0:8e:93:6c:7b:08:
86:23:a3:d0:39:48:d9:66:84:db:66:72:10:bc:b7:cc:b1:14:
d1:ec:f2:fc:cf:a4:57:96:39:dc:dd:62:3e:0d:02:cb:b0:92:
d9:c0:b9:77
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUTdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDkyMDU0WhcNMjUwMzA1MDkyMDU0WjAYMRYw
FAYDVQQDEw02NzkzNWI3OS1kMGZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtN7kMpI3NhQ1YEXDxjxx27SUWy2Do1RIEtwpnG5mc5OLHqQYy7CN10Bp
QH7l/92gbojYFGo27YR06Ja695hJEneA+ROEVne/yEp/SMyyAQAizCClC49sug+M
7e91l15MFUub2ahQK53AgsRsS2r7wf/i23rvInTRCrf6s9k9Wu9hy3s3EhtmTPzt
5WBpQM5A0WORvqN8DyqXNf3nyq7yNcbxbNzi8b0MHPQT2RU/fGqHAyCUUqRE9gcu
VCD1gRLB0+ORXtvdIPsWIpnzao3nv6LU7e/FD6Yvhjp6Xe2Irm9R3nSzt6hqtfmF
uXyJJfGVGZYtWc5mvwf/C/jkhC3LgwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL0i
0bTJaDVhdEm8OFVQfGEPktvZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NEQ5NzM0Q0RBMzQxMUVGQUVGOUU4OTc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtvVMA0GCSqGSIb3DQEB
CwUAA4IBAQAf6xbAd9xw5d4409fQXvNt0QVPjW94JT5Hp1d/82zGlvbfwzvugZGV
Cz0FMddRLMg7dTgsZY1Wb1rBH3SIDKQ1eUuf+pgjA5DDzw+AolpiVanqwAujENn3
QRXC+ox/CtTdjOWA84EX9TBz3lw78W8nHtzpdY/PiMw3AhyTq4mqp1CVCZNiuoDV
QhqrQdsdbWX1dPMh3CeOwryZ7OVMSjJz1/r+nnSBuPIqlwAbqi+vZKMSrk545T76
+ZZHggLNCQfN44HiXY2J9jp3QmveDF7jQ3PwjpNsewiGI6PQOUjZZoTbZnIQvLfM
sRTR7PL8z6RXljnc3WI+DQLLsJLZwLl3
-----END CERTIFICATE-----
Generated at Sun Apr 27 09:51:50 2025 by rpki-client