Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9F85260ADA4D11EF9480CA42762E951A.roa
File: 9F85260ADA4D11EF9480CA42762E951A.roa (raw, json)
Hash identifier: 8BCoRRQ7AmqV1tZZBO2nNc59BmNzXPas3gXuGM8qqaE=
Subject key identifier: 70:7F:5A:EF:11:70:B8:68:C2:A8:90:E1:62:E4:9D:23:74:81:D6:F2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0146AD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9F85260ADA4D11EF9480CA42762E951A.roa
Signing time: Fri 24 Jan 2025 12:20:40 +0000
ROA not before: Fri 24 Jan 2025 12:20:36 +0000
ROA not after: Wed 05 Mar 2025 12:20:36 +0000
asID: 44559
IP address blocks: 154.209.196.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83629 (0x146ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 12:20:36 2025 GMT
Not After : Mar 5 12:20:36 2025 GMT
Subject: CN=67938597-5a74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:19:57:eb:03:9f:ea:70:6a:80:80:fe:c3:a9:
d5:fd:f5:66:c7:27:d1:7a:d8:53:2c:ed:5c:9a:06:
b7:10:f8:c3:08:23:76:76:6d:e1:e2:1c:2f:8f:70:
76:af:a4:b9:77:c4:5c:58:a4:b8:72:44:0a:76:48:
32:4f:72:6d:cb:a0:8e:53:44:fc:55:ef:13:c8:fc:
60:d7:0a:88:91:f5:d6:00:e6:33:fa:bf:c1:ff:b6:
37:fa:8b:78:48:8a:15:51:5a:c1:72:9a:73:a3:50:
9c:cf:7c:ee:64:14:58:3c:f1:b4:46:c1:1b:09:69:
19:c0:7f:00:7d:82:1d:f2:1f:dd:08:ab:7b:b3:9e:
24:c3:37:e4:0a:c3:05:69:d7:c2:c5:5b:be:dd:dd:
c4:25:d5:de:70:ca:cc:36:95:25:04:ba:41:e8:fe:
ee:d8:88:4e:b6:ba:0b:55:88:bd:4f:af:c4:13:97:
2b:0d:61:df:4f:4c:70:dc:55:16:8c:a0:88:64:b3:
a2:ca:f4:ad:44:8d:0d:10:69:ad:dc:ee:81:f9:29:
c2:4f:2d:8b:42:3c:31:ae:ed:42:8a:72:30:08:42:
3c:ae:49:c0:b7:31:8e:f8:9b:06:18:ea:99:37:c0:
ce:ff:ce:de:ee:43:37:49:f3:fb:53:78:e9:62:28:
1a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:7F:5A:EF:11:70:B8:68:C2:A8:90:E1:62:E4:9D:23:74:81:D6:F2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9F85260ADA4D11EF9480CA42762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.196.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:c5:a0:be:62:0d:18:48:f6:d2:96:a5:5f:e5:b2:c4:d8:bd:
32:4f:10:38:25:b8:31:4c:df:e0:b0:05:c6:b9:02:a5:0c:08:
53:b3:03:7b:a7:1d:bd:a9:38:0c:ae:0c:8d:11:c4:e6:5f:75:
10:23:34:23:56:e7:ac:f4:d8:95:01:c7:b0:b2:21:5a:00:77:
3f:50:72:6a:7c:8c:b3:3e:ed:32:7b:08:97:e6:e4:3d:a5:8f:
c4:c3:01:d1:3c:2e:57:b7:e8:51:8f:90:15:4c:27:02:fe:77:
34:f4:2f:69:73:aa:eb:aa:ab:26:3a:cb:ad:a9:b9:05:5a:64:
75:dd:4c:dc:36:62:a0:09:cc:c0:db:3b:87:25:62:02:5e:ec:
4a:2a:95:e8:9e:eb:e4:ba:14:6b:e1:e6:0f:83:b6:13:d3:4e:
0c:86:d7:2e:f1:d4:8f:b4:09:6b:c6:33:f6:6a:8d:31:c3:76:
ad:72:bf:a8:08:bd:a6:43:b1:d5:5e:7d:44:99:58:6e:1e:24:
a9:bc:0c:29:de:b6:00:1c:76:1f:84:32:22:80:d3:1a:5d:60:
32:3e:a7:58:70:71:5f:1e:83:fb:a2:95:20:94:c7:c7:a5:c2:
2f:ca:d5:29:06:30:c4:2b:07:94:bf:e0:38:4a:ac:73:ea:0e:
9e:bf:e4:85
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUatMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTIyMDM2WhcNMjUwMzA1MTIyMDM2WjAYMRYw
FAYDVQQDEw02NzkzODU5Ny01YTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzxlX6wOf6nBqgID+w6nV/fVmxyfRethTLO1cmga3EPjDCCN2dm3h4hwv
j3B2r6S5d8RcWKS4ckQKdkgyT3Jty6COU0T8Ve8TyPxg1wqIkfXWAOYz+r/B/7Y3
+ot4SIoVUVrBcppzo1Ccz3zuZBRYPPG0RsEbCWkZwH8AfYId8h/dCKt7s54kwzfk
CsMFadfCxVu+3d3EJdXecMrMNpUlBLpB6P7u2IhOtroLVYi9T6/EE5crDWHfT0xw
3FUWjKCIZLOiyvStRI0NEGmt3O6B+SnCTy2LQjwxru1CinIwCEI8rknAtzGO+JsG
GOqZN8DO/87e7kM3SfP7U3jpYigamwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHB/
Wu8RcLhowqiQ4WLknSN0gdbyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85Rjg1MjYwQURBNEQxMUVGOTQ4MENBNDI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtHEMA0GCSqGSIb3DQEB
CwUAA4IBAQBfxaC+Yg0YSPbSlqVf5bLE2L0yTxA4JbgxTN/gsAXGuQKlDAhTswN7
px29qTgMrgyNEcTmX3UQIzQjVues9NiVAcewsiFaAHc/UHJqfIyzPu0yewiX5uQ9
pY/EwwHRPC5Xt+hRj5AVTCcC/nc09C9pc6rrqqsmOsutqbkFWmR13UzcNmKgCczA
2zuHJWICXuxKKpXonuvkuhRr4eYPg7YT004Mhtcu8dSPtAlrxjP2ao0xw3atcr+o
CL2mQ7HVXn1EmVhuHiSpvAwp3rYAHHYfhDIigNMaXWAyPqdYcHFfHoP7opUglMfH
pcIvytUpBjDEKweUv+A4Sqxz6g6ev+SF
-----END CERTIFICATE-----
Generated at Sat Apr 26 10:03:17 2025 by rpki-client