Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8F1A69B0DA2011EF9FEEC793762E951A.roa
File: 8F1A69B0DA2011EF9FEEC793762E951A.roa (raw, json)
Hash identifier: XnbRpWY8QYyKAzyR0akyqjrLn7kRuNeeqqJ3OyUXWzs=
Subject key identifier: 1D:9E:63:8F:FC:3E:35:2B:C0:23:6D:9E:AA:D4:28:93:42:C2:15:1E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014403
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8F1A69B0DA2011EF9FEEC793762E951A.roa
Signing time: Fri 24 Jan 2025 06:58:05 +0000
ROA not before: Fri 24 Jan 2025 06:58:01 +0000
ROA not after: Sat 01 Mar 2025 06:58:01 +0000
asID: 44559
IP address blocks: 154.203.219.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82947 (0x14403)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 06:58:01 2025 GMT
Not After : Mar 1 06:58:01 2025 GMT
Subject: CN=679339fd-53c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:eb:fb:57:7d:b2:5a:1e:03:39:75:fd:ff:48:
51:d4:6c:c6:8a:a0:79:15:de:7a:04:64:ef:44:55:
31:0a:64:39:62:fa:98:de:92:a8:9e:2d:1c:cb:e2:
d6:28:e0:37:2b:10:2e:05:d5:30:4f:eb:ab:ec:7b:
6c:40:99:73:40:78:eb:34:12:5e:6c:d4:40:21:fd:
df:82:72:c3:ec:e4:ef:74:8d:97:85:4c:a8:ad:35:
f6:3f:8e:fa:ac:78:cd:33:d8:fb:f1:18:ca:0f:67:
85:93:0b:10:30:2f:27:7e:31:8f:4c:db:ff:3d:13:
36:d5:da:65:35:00:be:7b:ec:a8:1e:13:a6:60:73:
5e:2c:e8:a1:d3:58:f5:2c:67:dc:2b:cc:cd:8b:9b:
77:3f:72:f4:14:7b:0f:fe:d5:fc:66:10:59:e9:d5:
f2:46:8f:b3:7a:6a:e2:27:c9:8b:66:56:b5:56:8b:
08:0e:44:05:37:ce:1c:3d:6b:1d:37:d7:4b:71:be:
9a:c3:65:c1:65:4b:eb:8c:39:e4:22:0a:43:90:0f:
6e:0a:d3:29:f0:bd:23:b7:7c:7f:62:6b:aa:ad:f1:
a3:ab:f5:3a:c8:a9:3e:a0:d4:1f:ed:fa:26:c3:2c:
74:5c:0a:db:91:45:6b:7a:43:60:8a:2d:2a:16:27:
64:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:9E:63:8F:FC:3E:35:2B:C0:23:6D:9E:AA:D4:28:93:42:C2:15:1E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8F1A69B0DA2011EF9FEEC793762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.219.0/24
Signature Algorithm: sha256WithRSAEncryption
69:5e:a0:41:8e:0c:12:2f:ca:14:48:e9:7a:6e:08:71:b6:65:
05:28:e3:7a:ca:d6:95:f7:2f:08:57:4e:1d:29:10:e7:bb:b5:
9c:02:96:46:d5:62:53:b3:45:a4:fe:68:96:35:12:69:75:42:
c0:42:9e:1c:6c:52:23:50:8b:af:4c:96:68:d8:3b:08:29:f6:
00:6c:44:67:fe:b2:89:26:81:a2:1d:4a:5d:f3:95:c7:d7:b5:
74:51:1a:0d:e9:b9:13:de:dd:dd:d0:90:8c:af:57:dd:55:ae:
21:f2:40:9a:fe:4d:42:32:5e:f3:ae:44:e2:da:90:c0:ce:8e:
bc:20:94:13:c1:64:18:6c:2f:75:39:a4:bb:c6:55:ed:2f:83:
bb:86:fc:c0:db:0e:6b:be:4c:b4:42:b2:70:73:90:bc:6c:5f:
95:04:40:ef:90:5e:8e:d6:70:46:e8:fb:7f:77:b9:36:c6:98:
0d:b2:e6:a1:df:2c:70:28:1a:56:fa:85:46:23:f6:7f:aa:78:
46:ee:c8:06:38:2d:08:33:a1:02:d0:1e:68:3f:78:23:95:2a:
d0:d6:1d:d5:ab:a3:37:88:2f:d3:82:ca:56:50:fd:4a:d0:7a:
60:ea:27:13:f2:a1:ad:a6:a3:37:e5:95:63:a8:91:96:ae:24:
e3:aa:81:cb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUQDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDY1ODAxWhcNMjUwMzAxMDY1ODAxWjAYMRYw
FAYDVQQDEw02NzkzMzlmZC01M2MxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4ev7V32yWh4DOXX9/0hR1GzGiqB5Fd56BGTvRFUxCmQ5YvqY3pKoni0c
y+LWKOA3KxAuBdUwT+ur7HtsQJlzQHjrNBJebNRAIf3fgnLD7OTvdI2XhUyorTX2
P476rHjNM9j78RjKD2eFkwsQMC8nfjGPTNv/PRM21dplNQC+e+yoHhOmYHNeLOih
01j1LGfcK8zNi5t3P3L0FHsP/tX8ZhBZ6dXyRo+zemriJ8mLZla1VosIDkQFN84c
PWsdN9dLcb6aw2XBZUvrjDnkIgpDkA9uCtMp8L0jt3x/YmuqrfGjq/U6yKk+oNQf
7fomwyx0XArbkUVrekNgii0qFidkfQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFB2e
Y4/8PjUrwCNtnqrUKJNCwhUeMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RjFBNjlCMERBMjAxMUVGOUZFRUM3OTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsvbMA0GCSqGSIb3DQEB
CwUAA4IBAQBpXqBBjgwSL8oUSOl6bghxtmUFKON6ytaV9y8IV04dKRDnu7WcApZG
1WJTs0Wk/miWNRJpdULAQp4cbFIjUIuvTJZo2DsIKfYAbERn/rKJJoGiHUpd85XH
17V0URoN6bkT3t3d0JCMr1fdVa4h8kCa/k1CMl7zrkTi2pDAzo68IJQTwWQYbC91
OaS7xlXtL4O7hvzA2w5rvky0QrJwc5C8bF+VBEDvkF6O1nBG6Pt/d7k2xpgNsuah
3yxwKBpW+oVGI/Z/qnhG7sgGOC0IM6EC0B5oP3gjlSrQ1h3Vq6M3iC/TgspWUP1K
0Hpg6icT8qGtpqM35ZVjqJGWriTjqoHL
-----END CERTIFICATE-----
Generated at Sat Apr 26 10:01:07 2025 by rpki-client