Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/88733BF8DA2711EF82E1AF42762E951A.roa
File: 88733BF8DA2711EF82E1AF42762E951A.roa (raw, json)
Hash identifier: 5fSXCkI675Zpm+9RSjvafLA3H6COXU7jS/zGBurL/XM=
Subject key identifier: 8D:67:1F:27:CA:9D:2B:CC:58:38:2A:4D:66:06:FB:74:F1:F5:4F:55
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014430
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/88733BF8DA2711EF82E1AF42762E951A.roa
Signing time: Fri 24 Jan 2025 07:48:00 +0000
ROA not before: Fri 24 Jan 2025 07:47:56 +0000
ROA not after: Wed 05 Mar 2025 07:47:56 +0000
asID: 202656
IP address blocks: 154.222.198.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82992 (0x14430)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 07:47:56 2025 GMT
Not After : Mar 5 07:47:56 2025 GMT
Subject: CN=679345b0-7ea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:da:1a:3f:9c:65:7f:d6:eb:03:d2:77:2a:6c:
09:8f:b8:68:7c:d7:c9:ef:f1:8f:f7:4b:82:6e:bd:
9e:8c:94:96:59:48:78:9a:8d:96:0d:e0:dd:02:32:
f4:1d:f3:3e:27:5b:d1:b6:d0:17:ff:5f:05:e0:5b:
3e:22:7b:e8:31:42:67:0b:96:f7:a6:e5:42:cb:f4:
52:bc:1e:26:d1:17:69:8c:08:df:52:35:4b:df:d8:
eb:b6:93:b7:d1:12:3b:43:2c:f4:c4:b3:ee:8b:76:
23:1d:c9:be:45:d1:b6:5a:ce:40:09:61:82:ea:1a:
2e:ff:5b:73:95:a0:ad:0d:28:61:30:6a:16:ea:b3:
bc:b3:ef:76:3e:fd:28:10:9c:e3:0b:9a:cf:04:f3:
f1:b2:cd:e3:6b:cf:a5:45:7d:6d:c9:a8:5b:9e:61:
1d:46:05:8b:20:28:71:07:14:fa:60:c8:8f:66:95:
9c:a3:a9:7e:67:3d:a8:49:d4:a9:29:a1:6f:7d:64:
f5:d1:8e:4d:71:5c:6e:14:fb:62:23:b9:65:28:f3:
33:63:cc:45:60:21:e4:35:e8:01:1e:f8:2a:99:c1:
7a:2c:e6:90:39:f3:24:e7:87:c9:e6:0b:8e:0c:14:
a1:b1:d1:01:04:12:41:9b:27:92:52:53:ca:3d:ab:
35:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:67:1F:27:CA:9D:2B:CC:58:38:2A:4D:66:06:FB:74:F1:F5:4F:55
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/88733BF8DA2711EF82E1AF42762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.198.0/24
Signature Algorithm: sha256WithRSAEncryption
52:5b:4d:8b:f1:8b:72:1d:98:bc:0d:54:af:56:8e:40:fd:ca:
74:6d:8b:e5:f9:d2:f7:6c:4b:93:bd:04:de:15:3b:db:83:fa:
1b:8b:18:67:3e:20:58:eb:eb:c0:ce:01:d8:98:10:e4:dd:8b:
b1:a0:c2:b8:2e:e5:81:60:fa:b5:b1:00:f6:b1:a9:85:ec:90:
73:84:3b:13:4b:d6:3f:a3:48:3c:9a:27:d5:b4:08:61:81:91:
ae:4a:42:5f:16:14:15:3d:11:56:ec:47:04:29:19:5b:cd:9f:
0c:ac:3c:2f:ca:fe:e2:58:04:3c:7d:52:54:49:55:4c:23:1d:
f5:59:e9:70:0e:95:39:c5:51:65:59:cd:0e:a7:0c:91:57:01:
1f:a9:52:45:c2:59:3c:2d:b9:a2:81:5c:fa:01:ae:a4:4b:aa:
a9:78:59:7a:95:bf:99:a4:38:cd:43:67:0a:13:b7:f6:19:21:
c4:49:ac:ae:3b:e0:ca:34:fe:9a:98:c5:d3:49:63:70:5f:0c:
20:63:a6:b1:df:1b:7f:3d:f9:06:96:cc:02:09:cd:d1:b9:66:
c1:af:27:63:d3:c5:11:09:5c:a1:98:ef:f6:24:f0:f3:cb:08:
de:20:70:41:56:01:40:b5:ce:0a:b3:3b:a1:cf:23:b1:f8:5b:
d8:1f:ae:a2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUQwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDc0NzU2WhcNMjUwMzA1MDc0NzU2WjAYMRYw
FAYDVQQDEw02NzkzNDViMC03ZWE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4NoaP5xlf9brA9J3KmwJj7hofNfJ7/GP90uCbr2ejJSWWUh4mo2WDeDd
AjL0HfM+J1vRttAX/18F4Fs+InvoMUJnC5b3puVCy/RSvB4m0RdpjAjfUjVL39jr
tpO30RI7Qyz0xLPui3YjHcm+RdG2Ws5ACWGC6hou/1tzlaCtDShhMGoW6rO8s+92
Pv0oEJzjC5rPBPPxss3ja8+lRX1tyahbnmEdRgWLIChxBxT6YMiPZpWco6l+Zz2o
SdSpKaFvfWT10Y5NcVxuFPtiI7llKPMzY8xFYCHkNegBHvgqmcF6LOaQOfMk54fJ
5guODBShsdEBBBJBmyeSUlPKPas1zwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI1n
HyfKnSvMWDgqTWYG+3Tx9U9VMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84ODczM0JGOERBMjcxMUVGODJFMUFGNDI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt7GMA0GCSqGSIb3DQEB
CwUAA4IBAQBSW02L8YtyHZi8DVSvVo5A/cp0bYvl+dL3bEuTvQTeFTvbg/obixhn
PiBY6+vAzgHYmBDk3YuxoMK4LuWBYPq1sQD2samF7JBzhDsTS9Y/o0g8mifVtAhh
gZGuSkJfFhQVPRFW7EcEKRlbzZ8MrDwvyv7iWAQ8fVJUSVVMIx31WelwDpU5xVFl
Wc0OpwyRVwEfqVJFwlk8LbmigVz6Aa6kS6qpeFl6lb+ZpDjNQ2cKE7f2GSHESayu
O+DKNP6amMXTSWNwXwwgY6ax3xt/PfkGlswCCc3RuWbBrydj08URCVyhmO/2JPDz
ywjeIHBBVgFAtc4KszuhzyOx+FvYH66i
-----END CERTIFICATE-----
Generated at Sun Apr 27 09:57:58 2025 by rpki-client