Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D9BD77CDA3311EFBDA5B292762E951A.roa
File: 9D9BD77CDA3311EFBDA5B292762E951A.roa (raw, json)
Hash identifier: WSzXubPbxnYnziVIIU26wzpV1roUP/xRNr4LmOFb8ps=
Subject key identifier: 47:8F:13:FD:8C:36:7E:69:B6:77:70:57:B0:B5:B1:86:70:AF:4A:C1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0144CC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D9BD77CDA3311EFBDA5B292762E951A.roa
Signing time: Fri 24 Jan 2025 09:14:29 +0000
ROA not before: Fri 24 Jan 2025 09:14:26 +0000
ROA not after: Wed 05 Mar 2025 09:14:26 +0000
asID: 202656
IP address blocks: 154.219.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83148 (0x144cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 09:14:26 2025 GMT
Not After : Mar 5 09:14:26 2025 GMT
Subject: CN=679359f5-83cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:97:f1:39:21:0c:78:94:1b:7c:92:49:96:d1:
37:31:c6:14:c3:e9:35:13:bf:00:60:4f:94:27:98:
4e:77:58:fc:1f:6f:23:d7:b9:dc:7f:05:5b:08:dd:
9a:c5:8c:f8:53:d0:38:fe:00:7c:c1:cf:fe:f7:cc:
f8:32:98:f5:aa:9c:73:8b:88:e7:f8:d0:c1:6f:7f:
76:97:c5:ba:2b:52:e7:a3:75:2d:83:63:ab:86:0d:
68:b4:5e:48:3e:e5:54:14:08:a9:af:c0:e2:68:c8:
77:ca:4a:60:f4:95:6d:b5:a0:30:f2:a5:99:a8:21:
b5:fe:ee:38:02:2f:07:d1:ce:c3:e9:87:61:b6:6c:
c8:db:c1:42:b5:15:c5:36:ae:01:15:e4:3d:aa:13:
7e:7f:11:3e:b3:33:07:5d:ac:60:6e:7d:cf:ab:bb:
ad:da:aa:3d:6a:79:63:71:2e:0e:a9:4c:35:cd:ce:
6b:ac:4e:2e:ce:f0:95:2b:86:7a:1e:7d:ec:7c:10:
9e:8f:c2:68:2a:24:5d:1e:36:83:8e:a4:19:95:d2:
96:d4:f3:2a:a6:21:b1:41:00:a2:74:3c:62:93:ed:
80:44:1d:92:ac:90:dc:02:d3:54:fe:3e:6d:55:84:
62:7e:24:33:ad:a3:ac:83:88:8a:a4:bd:90:9f:86:
03:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:8F:13:FD:8C:36:7E:69:B6:77:70:57:B0:B5:B1:86:70:AF:4A:C1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D9BD77CDA3311EFBDA5B292762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.209.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:8a:04:48:b9:03:05:6e:7c:a6:07:22:1d:58:2d:4f:2a:e5:
87:8b:47:73:d5:ab:45:e0:78:93:65:62:50:dc:b0:ac:08:b3:
12:10:22:80:40:ef:f1:62:2d:5a:af:25:d1:1c:21:17:f1:ad:
5c:08:7a:4f:a3:1b:e0:1c:23:b3:97:71:44:95:5f:ed:68:4a:
e0:8f:a9:ca:41:96:61:b7:ac:bd:85:5c:12:c8:56:a5:ce:79:
cb:93:d3:9b:9b:9f:f4:8f:5d:f3:c7:10:46:5c:de:07:51:34:
9f:67:e0:67:0e:c4:ad:9f:97:41:a3:b6:92:82:6c:3c:98:6b:
4b:9c:b8:b3:9f:5c:ec:11:ea:b8:50:65:b9:af:e5:62:29:7b:
79:a2:a0:f6:53:e0:a5:a1:9f:f9:ea:22:7d:2a:96:7e:9b:e6:
7f:e1:59:5a:92:08:52:da:bf:66:c0:60:eb:54:51:77:db:90:
6a:0a:b6:b2:85:39:44:cd:e3:12:26:33:22:bb:fb:54:46:85:
70:2c:fe:92:a9:0a:e7:e7:ee:0b:84:5c:b9:c7:03:78:9c:46:
49:ef:15:1f:79:1c:13:d6:b0:18:c3:03:d0:a7:a1:04:1c:c5:
11:72:8e:71:49:e0:af:d4:ed:d7:63:b5:ba:fe:a5:9d:76:8a:
b9:a0:69:8d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUTMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDkxNDI2WhcNMjUwMzA1MDkxNDI2WjAYMRYw
FAYDVQQDEw02NzkzNTlmNS04M2NiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA45fxOSEMeJQbfJJJltE3McYUw+k1E78AYE+UJ5hOd1j8H28j17ncfwVb
CN2axYz4U9A4/gB8wc/+98z4Mpj1qpxzi4jn+NDBb392l8W6K1Lno3Utg2Orhg1o
tF5IPuVUFAipr8DiaMh3ykpg9JVttaAw8qWZqCG1/u44Ai8H0c7D6YdhtmzI28FC
tRXFNq4BFeQ9qhN+fxE+szMHXaxgbn3Pq7ut2qo9anljcS4OqUw1zc5rrE4uzvCV
K4Z6Hn3sfBCej8JoKiRdHjaDjqQZldKW1PMqpiGxQQCidDxik+2ARB2SrJDcAtNU
/j5tVYRifiQzraOsg4iKpL2Qn4YDLwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEeP
E/2MNn5ptndwV7C1sYZwr0rBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85RDlCRDc3Q0RBMzMxMUVGQkRBNUIyOTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtvRMA0GCSqGSIb3DQEB
CwUAA4IBAQCKigRIuQMFbnymByIdWC1PKuWHi0dz1atF4HiTZWJQ3LCsCLMSECKA
QO/xYi1aryXRHCEX8a1cCHpPoxvgHCOzl3FElV/taErgj6nKQZZht6y9hVwSyFal
znnLk9Obm5/0j13zxxBGXN4HUTSfZ+BnDsStn5dBo7aSgmw8mGtLnLizn1zsEeq4
UGW5r+ViKXt5oqD2U+CloZ/56iJ9KpZ+m+Z/4VlakghS2r9mwGDrVFF325BqCray
hTlEzeMSJjMiu/tURoVwLP6SqQrn5+4LhFy5xwN4nEZJ7xUfeRwT1rAYwwPQp6EE
HMURco5xSeCv1O3XY7W6/qWddoq5oGmN
-----END CERTIFICATE-----
Generated at Sun Apr 27 09:50:42 2025 by rpki-client