Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9B17D2A4DA3C11EFB1E58850762E951A.roa
File: 9B17D2A4DA3C11EFB1E58850762E951A.roa (raw, json)
Hash identifier: tW8ovLh43W0yucj37n28MTi1u2kUD7qPRdOPaGvrVtQ=
Subject key identifier: 5D:03:16:5F:E7:F6:2F:89:57:98:79:24:C6:B2:C9:02:65:6B:2C:65
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014570
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9B17D2A4DA3C11EFB1E58850762E951A.roa
Signing time: Fri 24 Jan 2025 10:18:51 +0000
ROA not before: Fri 24 Jan 2025 10:18:47 +0000
ROA not after: Fri 28 Feb 2025 10:18:47 +0000
asID: 62240
IP address blocks: 154.196.50.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83312 (0x14570)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 10:18:47 2025 GMT
Not After : Feb 28 10:18:47 2025 GMT
Subject: CN=6793690b-d818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:26:ab:89:32:ac:b5:bc:27:c8:76:fd:91:15:
a5:5d:9e:bd:94:eb:32:08:af:75:04:ae:9b:9c:ea:
dc:02:d7:d7:b6:c6:7d:4b:e1:43:70:c7:a1:c7:16:
5f:73:7d:3a:da:c8:dd:6c:01:13:2f:3e:ca:df:1e:
dc:6d:1e:d1:38:d5:21:a3:e2:61:30:e3:db:b7:ad:
e9:0b:8c:cf:dd:c8:9d:b5:ca:78:95:56:b8:41:1b:
ad:ce:2c:3b:2c:09:0e:ef:bf:8c:b5:58:57:05:bf:
71:f4:b6:dd:c8:ef:9e:cf:dc:3b:43:79:9d:58:ec:
fb:4a:b0:71:55:ee:7e:83:69:ab:20:de:24:0a:27:
f5:00:c4:46:f8:0f:a3:94:b3:87:93:1c:91:49:d7:
8d:46:dd:59:5c:f0:39:c5:cd:7e:56:eb:79:15:21:
86:0b:b0:11:d9:e8:0a:cc:1f:dd:c0:50:50:11:cb:
b3:d4:82:bf:21:7e:0f:6a:b8:e7:f8:85:b2:7b:d3:
d7:0d:48:58:12:7e:37:1b:12:57:f6:14:b9:05:43:
13:75:81:15:e3:8c:27:30:bc:b2:8e:eb:c2:d6:f2:
3e:41:77:19:48:7f:e0:82:ae:60:4c:f3:5e:c8:d3:
ff:47:7d:4a:ec:56:46:58:cf:45:7c:b5:95:8f:47:
8e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:03:16:5F:E7:F6:2F:89:57:98:79:24:C6:B2:C9:02:65:6B:2C:65
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9B17D2A4DA3C11EFB1E58850762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.50.0/24
Signature Algorithm: sha256WithRSAEncryption
32:e8:b8:5a:05:25:e9:fa:0d:09:49:1b:03:09:2d:76:65:5e:
36:fd:b9:fa:dd:f4:79:fa:40:7c:6b:07:66:dd:5e:aa:f5:1b:
5c:33:02:86:ad:02:f3:80:da:05:a8:bb:10:de:40:d3:49:ea:
10:3f:c1:ac:fc:ea:9b:da:e5:98:14:7e:00:1f:b5:0f:6e:3d:
94:27:b2:ad:29:c8:93:10:f5:ab:a8:fe:52:7b:c2:2e:af:00:
9d:28:ee:71:ca:88:60:ba:73:6d:4a:31:48:5b:cf:33:ef:24:
29:d5:23:e0:68:dc:c7:4d:87:b2:cf:79:69:e9:59:07:eb:de:
3e:25:3a:b2:5b:b3:92:78:8e:aa:dc:e1:97:54:9b:f7:18:44:
26:66:4e:35:24:c0:1f:97:db:88:bf:28:7f:72:ab:f1:b6:90:
73:61:f3:30:d9:34:60:2d:7d:25:49:2f:9a:52:04:95:ad:48:
dd:48:dd:46:a0:83:6d:cf:56:59:2a:2a:64:a6:3b:78:95:c2:
55:23:e9:b6:5e:16:e8:77:58:fc:44:f2:c6:9e:ec:51:92:6f:
f9:f4:1c:9e:24:55:77:f5:64:e4:5b:04:d5:54:55:b5:59:cb:
44:b5:97:7a:e3:fd:c5:97:9e:59:f5:52:83:a5:84:4c:61:ae:
20:0d:62:21
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUVwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTAxODQ3WhcNMjUwMjI4MTAxODQ3WjAYMRYw
FAYDVQQDEw02NzkzNjkwYi1kODE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyyariTKstbwnyHb9kRWlXZ69lOsyCK91BK6bnOrcAtfXtsZ9S+FDcMeh
xxZfc3062sjdbAETLz7K3x7cbR7RONUho+JhMOPbt63pC4zP3cidtcp4lVa4QRut
ziw7LAkO77+MtVhXBb9x9LbdyO+ez9w7Q3mdWOz7SrBxVe5+g2mrIN4kCif1AMRG
+A+jlLOHkxyRSdeNRt1ZXPA5xc1+Vut5FSGGC7AR2egKzB/dwFBQEcuz1IK/IX4P
arjn+IWye9PXDUhYEn43GxJX9hS5BUMTdYEV44wnMLyyjuvC1vI+QXcZSH/ggq5g
TPNeyNP/R31K7FZGWM9FfLWVj0eOFwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF0D
Fl/n9i+JV5h5JMayyQJlayxlMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QjE3RDJBNERBM0MxMUVGQjFFNTg4NTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsQyMA0GCSqGSIb3DQEB
CwUAA4IBAQAy6LhaBSXp+g0JSRsDCS12ZV42/bn63fR5+kB8awdm3V6q9RtcMwKG
rQLzgNoFqLsQ3kDTSeoQP8Gs/Oqb2uWYFH4AH7UPbj2UJ7KtKciTEPWrqP5Se8Iu
rwCdKO5xyohgunNtSjFIW88z7yQp1SPgaNzHTYeyz3lp6VkH694+JTqyW7OSeI6q
3OGXVJv3GEQmZk41JMAfl9uIvyh/cqvxtpBzYfMw2TRgLX0lSS+aUgSVrUjdSN1G
oINtz1ZZKipkpjt4lcJVI+m2Xhbod1j8RPLGnuxRkm/59ByeJFV39WTkWwTVVFW1
WctEtZd64/3Fl55Z9VKDpYRMYa4gDWIh
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:46:17 2025 by rpki-client