Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/952DBFDCDA0211EFA6F7D34B762E951A.roa
File: 952DBFDCDA0211EFA6F7D34B762E951A.roa (raw, json)
Hash identifier: zO38fIFIFomOsFkTagiWB/+InUIJcUlshUFXKDEXzs4=
Subject key identifier: B8:08:BA:E8:6D:D9:76:D9:D1:3C:BA:FA:B0:65:D1:C3:0B:12:65:8C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014386
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/952DBFDCDA0211EFA6F7D34B762E951A.roa
Signing time: Fri 24 Jan 2025 03:23:30 +0000
ROA not before: Fri 24 Jan 2025 03:23:26 +0000
ROA not after: Sat 01 Mar 2025 03:23:26 +0000
asID: 44559
IP address blocks: 154.205.240.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82822 (0x14386)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 03:23:26 2025 GMT
Not After : Mar 1 03:23:26 2025 GMT
Subject: CN=679307b2-6701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:fa:fa:91:98:0a:a8:1b:38:32:5c:62:5f:ba:
67:6a:00:16:f6:20:a4:44:f3:d9:6c:43:77:a0:73:
2b:9e:12:09:68:6e:e2:27:88:33:db:c9:33:eb:fd:
24:16:b4:8c:3c:c6:b7:78:d8:37:a9:8c:67:c7:81:
e8:dd:a4:4c:03:c9:d1:ce:13:ac:96:1f:ad:e4:65:
78:e6:8d:3c:84:1c:e5:b7:d6:46:08:12:96:bc:3e:
e3:47:06:54:17:2e:3e:3e:ef:f8:3f:05:53:82:21:
70:62:91:6b:af:3b:6e:19:8f:76:f1:76:86:29:75:
4d:32:3d:81:e0:5b:e9:3b:30:6d:43:58:6b:91:d0:
06:f1:9e:db:27:6e:f2:a9:a2:42:7a:30:09:a6:7f:
ea:00:17:96:fe:ec:9b:79:22:ae:27:d1:c8:22:82:
7b:fb:2a:52:42:ca:7b:aa:0d:e6:9e:73:5c:4a:43:
0f:64:04:d9:b2:a9:db:04:2a:aa:a1:a3:e5:21:58:
14:72:12:98:a2:24:63:d0:45:17:4a:9c:ff:9a:05:
e4:00:0f:83:de:00:e7:69:b3:73:e2:22:4c:74:eb:
88:57:3b:82:0e:95:b9:53:a4:34:72:91:16:5c:e2:
d1:5f:48:4b:f0:31:29:a6:26:c1:bb:54:3c:b7:98:
0d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:08:BA:E8:6D:D9:76:D9:D1:3C:BA:FA:B0:65:D1:C3:0B:12:65:8C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/952DBFDCDA0211EFA6F7D34B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.240.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:d4:10:70:0a:41:52:76:ed:64:b1:fe:f1:04:76:e1:e4:50:
40:ce:51:b2:4f:2f:fc:69:37:64:09:12:70:45:d3:24:ac:89:
c9:2b:fa:fa:fc:37:cb:f3:a3:4b:e4:8d:3f:c3:8d:be:54:c2:
12:c4:71:f5:a6:35:d0:1d:41:c1:78:a4:b3:06:eb:6d:a2:44:
37:88:48:c7:82:90:17:ef:62:f2:54:c6:22:29:63:fe:95:a0:
7c:c1:d5:f1:e3:df:b8:21:70:5b:4a:d5:99:b8:bc:08:0d:43:
e6:c3:b5:ec:69:11:bf:d5:da:47:24:29:ca:31:0c:1e:e8:db:
c9:ba:51:c3:59:d9:01:ec:9f:95:18:52:8c:bb:50:e5:d2:5a:
70:a0:0f:61:8c:ac:27:74:9a:3b:b4:a3:71:64:26:77:db:1e:
55:8a:1c:23:f0:82:52:d4:44:c8:b2:19:dc:c4:65:f2:ac:b2:
cc:8f:53:80:e5:dc:cf:f5:30:e0:75:09:83:40:bd:13:ab:4f:
44:8e:81:72:3c:aa:28:31:56:0d:6a:be:d4:11:5d:26:10:10:
5a:21:ae:2e:e5:e4:7d:db:70:62:fa:2a:39:4c:0a:bc:cd:71:
2f:f4:a1:d5:f1:81:32:36:96:9a:4c:49:ae:7d:7e:5b:56:a8:
f2:83:57:0d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUOGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDMyMzI2WhcNMjUwMzAxMDMyMzI2WjAYMRYw
FAYDVQQDEw02NzkzMDdiMi02NzAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy/r6kZgKqBs4MlxiX7pnagAW9iCkRPPZbEN3oHMrnhIJaG7iJ4gz28kz
6/0kFrSMPMa3eNg3qYxnx4Ho3aRMA8nRzhOslh+t5GV45o08hBzlt9ZGCBKWvD7j
RwZUFy4+Pu/4PwVTgiFwYpFrrztuGY928XaGKXVNMj2B4FvpOzBtQ1hrkdAG8Z7b
J27yqaJCejAJpn/qABeW/uybeSKuJ9HIIoJ7+ypSQsp7qg3mnnNcSkMPZATZsqnb
BCqqoaPlIVgUchKYoiRj0EUXSpz/mgXkAA+D3gDnabNz4iJMdOuIVzuCDpW5U6Q0
cpEWXOLRX0hL8DEppibBu1Q8t5gNqQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLgI
uuht2XbZ0Ty6+rBl0cMLEmWMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NTJEQkZEQ0RBMDIxMUVGQTZGN0QzNEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms3wMA0GCSqGSIb3DQEB
CwUAA4IBAQCk1BBwCkFSdu1ksf7xBHbh5FBAzlGyTy/8aTdkCRJwRdMkrInJK/r6
/DfL86NL5I0/w42+VMISxHH1pjXQHUHBeKSzButtokQ3iEjHgpAX72LyVMYiKWP+
laB8wdXx49+4IXBbStWZuLwIDUPmw7XsaRG/1dpHJCnKMQwe6NvJulHDWdkB7J+V
GFKMu1Dl0lpwoA9hjKwndJo7tKNxZCZ32x5Vihwj8IJS1ETIshncxGXyrLLMj1OA
5dzP9TDgdQmDQL0Tq09EjoFyPKooMVYNar7UEV0mEBBaIa4u5eR923Bi+io5TAq8
zXEv9KHV8YEyNpaaTEmufX5bVqjyg1cN
-----END CERTIFICATE-----
Generated at Sat Apr 26 10:02:34 2025 by rpki-client