Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8881F276DFE311EF9C74B171762E951A.roa
File: 8881F276DFE311EF9C74B171762E951A.roa (raw, json)
Hash identifier: C4HY4yE4kGbQKt874VUJBMGmgcn/vGyblWUUiZcE0QM=
Subject key identifier: 7D:1D:49:B6:A7:F8:AB:B1:30:72:F8:9B:FA:F6:0D:BE:0F:CB:8B:25
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014DCE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8881F276DFE311EF9C74B171762E951A.roa
Signing time: Fri 31 Jan 2025 14:56:21 +0000
ROA not before: Fri 31 Jan 2025 14:56:17 +0000
ROA not after: Wed 05 Mar 2025 14:56:17 +0000
asID: 396073
IP address blocks: 154.198.12.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85454 (0x14dce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 31 14:56:17 2025 GMT
Not After : Mar 5 14:56:17 2025 GMT
Subject: CN=679ce495-40be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:7c:0c:fc:90:ac:80:2f:7a:21:2b:79:bb:19:
c7:ad:15:94:03:11:85:21:ad:bf:7b:4a:8d:9b:7a:
e4:c4:dd:c0:89:7a:a0:42:b5:37:c4:84:ee:da:eb:
f1:44:22:54:8c:79:12:5d:35:28:d1:5f:c6:cd:13:
f7:5d:ab:0b:ab:99:d4:c8:0a:a4:62:bb:af:04:26:
d7:a7:34:7f:50:53:16:f7:87:d5:0c:b3:94:67:1f:
96:55:7b:e9:27:70:bc:ed:6d:6d:eb:5a:3f:b1:98:
79:f3:77:a6:ca:99:a0:df:de:bf:9c:42:9b:09:31:
5e:71:ad:fc:8b:ef:ec:8f:68:b0:e2:c6:4e:1f:e0:
8f:1d:73:e6:a8:51:b1:cf:44:bc:42:1f:4b:7b:7a:
2b:9b:83:fd:6e:8c:2d:b3:dc:ae:41:91:94:ea:c1:
1e:fa:e6:46:60:b1:85:ef:78:0d:b9:f1:c8:65:76:
aa:00:7a:0b:e4:50:5c:e7:c4:0c:fb:4c:c1:73:47:
59:ef:72:fe:22:65:6e:e3:14:13:3d:b1:85:cd:86:
16:68:0f:e5:0b:b0:ba:24:cb:64:ed:59:8c:7e:7c:
52:b2:d4:c1:d5:e6:77:c9:c0:35:20:85:91:82:d4:
1f:91:41:e6:1d:99:bf:00:14:26:32:db:63:46:77:
df:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:1D:49:B6:A7:F8:AB:B1:30:72:F8:9B:FA:F6:0D:BE:0F:CB:8B:25
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8881F276DFE311EF9C74B171762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.12.0/24
Signature Algorithm: sha256WithRSAEncryption
67:e6:18:2c:c3:b3:0e:1d:7f:65:ff:ff:33:f8:b0:2e:64:30:
1e:fc:85:9d:ee:e2:59:0c:73:22:a4:af:ea:55:7e:bb:8e:ee:
8b:ec:8d:1c:8e:db:90:dd:ae:9d:9a:11:f5:57:4f:6f:67:26:
e6:63:86:a7:70:d4:b9:5a:ab:d6:31:47:3a:78:31:c2:11:bf:
e6:49:93:45:5c:14:26:46:8e:3d:0b:4c:f5:85:de:17:f8:f1:
93:65:ed:0d:87:96:d7:12:92:e1:22:f1:52:f5:64:bf:9e:22:
ad:c3:d7:b5:dd:e6:61:e6:e9:59:a5:ec:e0:0c:d4:98:d3:5a:
9c:e2:67:bc:7f:24:9f:e5:3c:2b:2e:f9:1b:f2:55:4f:2c:65:
ee:7b:f9:5a:a3:89:4d:35:d4:cf:66:24:20:e1:d5:c2:67:72:
84:00:8f:7f:6d:a1:2e:66:90:b6:b0:64:d1:b6:c8:bb:80:dd:
eb:46:af:08:40:a2:71:ce:bb:f0:c7:9e:df:5a:5d:a1:5d:cd:
a3:74:73:b1:e7:f2:c8:f8:ad:00:ad:1f:49:1b:f9:44:c4:30:
c5:21:ab:6c:2a:3c:f5:e2:2a:33:34:d4:e4:ce:c7:c5:36:ec:
0e:65:90:7b:f8:67:0b:83:a2:88:3c:ff:2b:f5:d6:78:b9:3e:
22:35:08:fa
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAU3OMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTMxMTQ1NjE3WhcNMjUwMzA1MTQ1NjE3WjAYMRYw
FAYDVQQDEw02NzljZTQ5NS00MGJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6HwM/JCsgC96ISt5uxnHrRWUAxGFIa2/e0qNm3rkxN3AiXqgQrU3xITu
2uvxRCJUjHkSXTUo0V/GzRP3XasLq5nUyAqkYruvBCbXpzR/UFMW94fVDLOUZx+W
VXvpJ3C87W1t61o/sZh583emypmg396/nEKbCTFeca38i+/sj2iw4sZOH+CPHXPm
qFGxz0S8Qh9Le3orm4P9bowts9yuQZGU6sEe+uZGYLGF73gNufHIZXaqAHoL5FBc
58QM+0zBc0dZ73L+ImVu4xQTPbGFzYYWaA/lC7C6JMtk7VmMfnxSstTB1eZ3ycA1
IIWRgtQfkUHmHZm/ABQmMttjRnffHwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH0d
Sban+KuxMHL4m/r2Db4Py4slMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84ODgxRjI3NkRGRTMxMUVGOUM3NEIxNzE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsYMMA0GCSqGSIb3DQEB
CwUAA4IBAQBn5hgsw7MOHX9l//8z+LAuZDAe/IWd7uJZDHMipK/qVX67ju6L7I0c
jtuQ3a6dmhH1V09vZybmY4ancNS5WqvWMUc6eDHCEb/mSZNFXBQmRo49C0z1hd4X
+PGTZe0Nh5bXEpLhIvFS9WS/niKtw9e13eZh5ulZpezgDNSY01qc4me8fySf5Twr
Lvkb8lVPLGXue/lao4lNNdTPZiQg4dXCZ3KEAI9/baEuZpC2sGTRtsi7gN3rRq8I
QKJxzrvwx57fWl2hXc2jdHOx5/LI+K0ArR9JG/lExDDFIatsKjz14iozNNTkzsfF
NuwOZZB7+GcLg6KIPP8r9dZ4uT4iNQj6
-----END CERTIFICATE-----
Generated at Sun Apr 27 09:57:11 2025 by rpki-client