Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A32C973EDBE711EF8E8C7594762E951A.roa
File: A32C973EDBE711EF8E8C7594762E951A.roa (raw, json)
Hash identifier: LykkqXxcDDU2T8x5qDzDModrscYU/gKACKsecp2FbDQ=
Subject key identifier: CE:6D:B9:32:8A:DB:D4:9C:C7:96:C4:61:2E:10:20:FC:1E:D6:70:DA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014A94
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A32C973EDBE711EF8E8C7594762E951A.roa
Signing time: Sun 26 Jan 2025 13:15:39 +0000
ROA not before: Sun 26 Jan 2025 13:15:35 +0000
ROA not after: Tue 04 Mar 2025 13:15:35 +0000
asID: 203020
IP address blocks: 154.200.245.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84628 (0x14a94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 26 13:15:35 2025 GMT
Not After : Mar 4 13:15:35 2025 GMT
Subject: CN=6796357b-11a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:64:b6:2d:bf:a8:de:a6:de:e2:d9:5f:33:f4:
08:f8:e5:8b:4c:31:87:f6:7a:53:b7:52:31:81:9e:
03:57:65:48:fa:3d:8a:ad:8a:cf:b2:77:4f:9f:25:
f3:d2:bf:bb:36:12:45:c5:db:1f:fe:e7:89:cb:5d:
99:66:a5:83:ab:11:c0:4c:cf:62:7f:99:56:bd:50:
d0:f9:a5:30:ec:fe:2f:be:20:d5:57:8a:79:51:3b:
76:15:50:b4:a8:64:cd:41:b6:9e:0a:df:4b:2e:ea:
55:b2:d4:9e:45:3f:48:fc:b0:67:83:5b:ea:14:ed:
5e:e6:b9:b4:24:ab:bb:4c:2d:2b:59:6d:ce:c1:c5:
7e:8e:fe:4e:73:fe:51:d6:56:75:07:f0:fa:80:49:
ac:1f:7c:fd:da:11:72:1a:af:97:40:34:05:e6:65:
30:17:c0:6e:0b:ea:f7:ee:15:3d:ed:eb:d3:14:8c:
34:4b:d4:76:2c:61:1f:69:14:b5:63:91:37:a7:f4:
84:bd:5a:bc:84:86:88:f4:32:88:51:ed:f4:f1:16:
64:ac:14:5d:2a:b2:68:14:23:40:4e:76:4c:4a:b8:
c7:e4:e4:84:52:af:ad:06:0e:a5:1d:1f:a5:40:57:
b1:54:19:29:94:f0:d7:36:03:e7:7f:6e:1f:f1:86:
83:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:6D:B9:32:8A:DB:D4:9C:C7:96:C4:61:2E:10:20:FC:1E:D6:70:DA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A32C973EDBE711EF8E8C7594762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.245.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:85:f8:df:15:8a:4f:7a:83:fb:7d:9f:ab:1f:8d:9b:5b:18:
66:b5:7f:25:0d:92:73:33:00:f5:ff:53:bd:a9:ee:c3:ba:0a:
07:02:21:ba:6f:f7:eb:5e:b8:9a:e3:1b:68:0e:c9:87:09:a3:
1f:18:37:d5:f0:b7:18:27:63:20:03:b6:a4:51:e2:fa:16:07:
8e:d5:12:29:85:8b:5a:15:a2:77:1a:fc:53:48:ed:5e:e1:c8:
18:dc:38:dd:7b:b8:58:c5:1a:23:9e:8a:1f:32:17:ac:8a:69:
6c:c5:cd:bb:e1:d6:ee:d6:0e:57:a9:27:bb:91:f1:25:65:09:
0c:9b:e4:bb:f3:84:59:a2:06:90:45:43:13:ff:b6:5c:9e:fe:
38:ed:f5:f1:46:59:4e:ed:a8:6b:3f:10:06:8e:a9:f9:a5:f6:
40:32:62:c2:73:ad:ea:b1:95:5a:85:f9:d7:04:e9:95:b0:2c:
9e:c0:16:de:41:c0:c1:5e:f2:98:4f:e7:bc:0e:53:ad:67:c0:
03:5f:34:2a:2a:05:1e:5d:c9:58:07:ec:09:4e:37:70:be:00:
6e:bb:85:e7:1c:65:ac:53:1e:73:2a:e4:d8:14:9f:e4:cb:42:
bd:24:74:48:36:b6:93:75:31:7e:d8:95:90:7a:68:06:e7:a6:
94:82:a3:46
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUqUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI2MTMxNTM1WhcNMjUwMzA0MTMxNTM1WjAYMRYw
FAYDVQQDEw02Nzk2MzU3Yi0xMWE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApmS2Lb+o3qbe4tlfM/QI+OWLTDGH9npTt1IxgZ4DV2VI+j2KrYrPsndP
nyXz0r+7NhJFxdsf/ueJy12ZZqWDqxHATM9if5lWvVDQ+aUw7P4vviDVV4p5UTt2
FVC0qGTNQbaeCt9LLupVstSeRT9I/LBng1vqFO1e5rm0JKu7TC0rWW3OwcV+jv5O
c/5R1lZ1B/D6gEmsH3z92hFyGq+XQDQF5mUwF8BuC+r37hU97evTFIw0S9R2LGEf
aRS1Y5E3p/SEvVq8hIaI9DKIUe308RZkrBRdKrJoFCNATnZMSrjH5OSEUq+tBg6l
HR+lQFexVBkplPDXNgPnf24f8YaD8QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM5t
uTKK29Scx5bEYS4QIPwe1nDaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMzJDOTczRURCRTcxMUVGOEU4Qzc1OTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsj1MA0GCSqGSIb3DQEB
CwUAA4IBAQCchfjfFYpPeoP7fZ+rH42bWxhmtX8lDZJzMwD1/1O9qe7DugoHAiG6
b/frXria4xtoDsmHCaMfGDfV8LcYJ2MgA7akUeL6FgeO1RIphYtaFaJ3GvxTSO1e
4cgY3Djde7hYxRojnoofMhesimlsxc274dbu1g5XqSe7kfElZQkMm+S784RZogaQ
RUMT/7Zcnv447fXxRllO7ahrPxAGjqn5pfZAMmLCc63qsZVahfnXBOmVsCyewBbe
QcDBXvKYT+e8DlOtZ8ADXzQqKgUeXclYB+wJTjdwvgBuu4XnHGWsUx5zKuTYFJ/k
y0K9JHRINraTdTF+2JWQemgG56aUgqNG
-----END CERTIFICATE-----
Generated at Fri Apr 25 16:57:55 2025 by rpki-client