Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/86A66A74DA4B11EF9C9946B3762E951A.roa
File: 86A66A74DA4B11EF9C9946B3762E951A.roa (raw, json)
Hash identifier: AFIP/GNC6funYiC1pzWpYSMaItrGh89uElyvByC07Y8=
Subject key identifier: 33:C8:FA:64:5E:9E:E7:69:05:37:8B:48:B5:4A:6A:E1:60:2F:3E:2C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014679
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/86A66A74DA4B11EF9C9946B3762E951A.roa
Signing time: Fri 24 Jan 2025 12:05:39 +0000
ROA not before: Fri 24 Jan 2025 12:05:33 +0000
ROA not after: Sat 08 Feb 2025 12:05:33 +0000
asID: 18229
IP address blocks: 154.210.190.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83577 (0x14679)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 12:05:33 2025 GMT
Not After : Feb 8 12:05:33 2025 GMT
Subject: CN=67938213-3e57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:48:8e:f7:05:25:20:43:f2:69:f2:68:f9:2a:
f3:7f:a4:e6:60:9b:80:3a:5c:2d:d7:14:33:84:57:
00:94:21:d1:bd:62:c6:c6:af:2e:3c:5f:a9:14:64:
a3:1a:1b:92:6b:2f:f1:1f:b3:90:e5:1b:43:6d:5a:
2b:45:be:88:6a:a8:cc:0d:53:cb:1f:16:aa:dd:8d:
99:b9:79:1a:ba:b2:16:5e:81:8a:87:98:8f:03:59:
ca:cb:b8:a4:4a:c5:f7:6c:63:bc:04:58:dc:e0:b6:
71:19:50:39:f6:f3:1c:4c:c5:ea:8d:f8:91:10:8f:
29:fe:47:44:93:9c:1b:56:6d:3d:57:a4:c8:b8:b4:
09:15:1d:45:65:41:12:3b:89:66:1f:b8:cb:4b:0d:
94:5d:ff:65:a9:bc:a0:b3:fa:b0:72:5d:4a:19:1e:
e4:96:2f:7c:f9:aa:b6:55:83:f5:96:ee:7e:10:3b:
fa:94:ca:c9:c3:0e:11:95:cc:db:31:3a:d2:d4:87:
39:b6:18:87:fd:70:1f:1d:f7:f9:cb:2f:ba:84:4a:
8b:ce:d6:4a:c9:26:2a:72:13:e7:b4:f4:78:2d:c7:
a3:9b:00:e4:aa:13:7f:c5:a5:29:9f:78:be:e0:60:
ee:83:aa:b5:93:e2:7a:1a:ca:e0:57:db:f6:8d:f7:
26:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:C8:FA:64:5E:9E:E7:69:05:37:8B:48:B5:4A:6A:E1:60:2F:3E:2C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/86A66A74DA4B11EF9C9946B3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.190.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:7d:5e:cd:c1:10:7a:16:20:a4:f1:07:ed:e5:f0:8f:73:12:
73:de:64:5d:bb:eb:53:cc:35:91:79:e4:ae:75:cc:4c:ba:00:
f2:88:b1:8b:8c:75:33:81:09:21:87:85:71:31:b9:52:6f:25:
c8:bf:b3:71:46:df:14:60:ff:75:25:95:09:52:72:ff:63:86:
ec:5d:31:c8:0e:2b:cb:9b:44:2e:39:e7:a4:99:c3:4d:27:ff:
43:f8:fd:91:99:c9:fc:32:fb:da:a9:70:33:87:b9:1f:46:14:
28:c7:8f:75:88:27:82:b4:b3:19:1f:3a:dd:34:6d:da:04:41:
a4:03:02:e8:80:5c:b2:b5:90:01:2f:6f:84:6e:42:10:b6:d2:
69:43:da:aa:30:4b:04:ac:13:1c:8f:94:a4:aa:d3:9e:ca:b8:
d9:2c:3c:ee:71:7f:3e:64:86:4d:4c:c1:00:d7:70:7c:36:9d:
50:dd:67:69:ac:5f:6d:94:a3:f9:7e:34:a3:d3:57:07:34:9b:
81:8e:35:c0:f1:0d:b3:71:be:0b:e1:3c:f4:86:de:53:8f:22:
4d:84:e9:cf:bb:94:7a:4c:12:8c:a7:15:c5:c7:33:1e:af:7a:
3f:46:ba:26:52:92:e9:25:ac:6e:f4:59:0f:33:b8:3a:bf:6e:
5c:7f:ef:56
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUZ5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTIwNTMzWhcNMjUwMjA4MTIwNTMzWjAYMRYw
FAYDVQQDEw02NzkzODIxMy0zZTU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5UiO9wUlIEPyafJo+Srzf6TmYJuAOlwt1xQzhFcAlCHRvWLGxq8uPF+p
FGSjGhuSay/xH7OQ5RtDbVorRb6IaqjMDVPLHxaq3Y2ZuXkaurIWXoGKh5iPA1nK
y7ikSsX3bGO8BFjc4LZxGVA59vMcTMXqjfiREI8p/kdEk5wbVm09V6TIuLQJFR1F
ZUESO4lmH7jLSw2UXf9lqbygs/qwcl1KGR7kli98+aq2VYP1lu5+EDv6lMrJww4R
lczbMTrS1Ic5thiH/XAfHff5yy+6hEqLztZKySYqchPntPR4LcejmwDkqhN/xaUp
n3i+4GDug6q1k+J6GsrgV9v2jfcmkwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDPI
+mRenudpBTeLSLVKauFgLz4sMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NkE2NkE3NERBNEIxMUVGOUM5OTQ2QjM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtK+MA0GCSqGSIb3DQEB
CwUAA4IBAQBdfV7NwRB6FiCk8Qft5fCPcxJz3mRdu+tTzDWReeSudcxMugDyiLGL
jHUzgQkhh4VxMblSbyXIv7NxRt8UYP91JZUJUnL/Y4bsXTHIDivLm0QuOeekmcNN
J/9D+P2Rmcn8MvvaqXAzh7kfRhQox491iCeCtLMZHzrdNG3aBEGkAwLogFyytZAB
L2+EbkIQttJpQ9qqMEsErBMcj5SkqtOeyrjZLDzucX8+ZIZNTMEA13B8Np1Q3Wdp
rF9tlKP5fjSj01cHNJuBjjXA8Q2zcb4L4Tz0ht5TjyJNhOnPu5R6TBKMpxXFxzMe
r3o/RromUpLpJaxu9FkPM7g6v25cf+9W
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:46:10 2025 by rpki-client