Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB747994DA5B11EF94D168A1762E951A.roa
File: AB747994DA5B11EF94D168A1762E951A.roa (raw, json)
Hash identifier: txZDAl4vC/yomg6KXVTof5us6LtY+UwH1IveSTw0WZA=
Subject key identifier: A0:08:4C:C5:97:BB:CF:B2:EC:4B:FD:41:15:9B:6A:50:F4:50:73:5F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0147D7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB747994DA5B11EF94D168A1762E951A.roa
Signing time: Fri 24 Jan 2025 14:01:13 +0000
ROA not before: Fri 24 Jan 2025 14:01:09 +0000
ROA not after: Sat 01 Mar 2025 14:01:09 +0000
asID: 44559
IP address blocks: 154.81.198.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83927 (0x147d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 14:01:09 2025 GMT
Not After : Mar 1 14:01:09 2025 GMT
Subject: CN=67939d28-3db8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:24:db:9f:58:92:fc:8b:a4:79:41:b2:0a:89:
57:d5:e9:03:82:04:42:8b:74:ea:87:43:2e:0e:cb:
3b:6d:e7:5b:78:c1:7e:fb:53:ba:2c:19:dd:4c:05:
99:6e:d2:dc:a6:7a:a8:85:86:87:67:d2:d9:20:1e:
6e:b3:81:ad:a7:00:38:30:6a:63:30:2f:15:71:cf:
ed:78:ce:4d:1b:0b:0d:a6:15:0b:88:e9:f2:69:94:
dd:42:1f:b9:4d:c2:13:5d:65:db:79:e0:c8:28:7f:
d8:8c:1f:da:84:3a:16:f4:fc:5e:d9:08:34:3f:12:
39:23:7b:5a:ce:38:6a:42:13:16:f0:25:98:0a:8e:
eb:e4:3e:50:3e:4a:f9:c2:7c:21:27:a8:89:0a:b0:
ea:65:09:b7:85:f8:00:9a:16:98:70:14:1d:5e:80:
a3:f0:7e:ec:95:ae:7a:3c:83:91:3f:1b:aa:ca:1c:
e9:82:55:de:80:18:ff:5c:f5:e7:05:4b:af:24:75:
bd:99:42:af:0a:67:d6:89:d9:11:01:6b:b9:d7:8e:
63:01:bf:d2:f3:c4:8f:9b:a6:51:75:04:43:2a:33:
f9:7f:75:87:76:a5:f3:ee:c4:e0:25:bb:86:a1:a9:
74:a2:26:2e:f4:4d:57:84:5f:81:ce:77:52:89:e1:
94:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:08:4C:C5:97:BB:CF:B2:EC:4B:FD:41:15:9B:6A:50:F4:50:73:5F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB747994DA5B11EF94D168A1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.198.0/24
Signature Algorithm: sha256WithRSAEncryption
29:36:a4:24:d3:d0:f1:21:cc:79:11:c4:a7:86:45:f9:64:98:
ce:16:59:58:50:66:6d:09:a8:b5:9a:fa:e0:3c:21:02:46:1f:
97:5a:9b:9d:97:a3:8b:8c:d3:fa:2d:3e:1b:57:ba:7c:9d:68:
8b:59:7a:2c:36:a8:9e:49:fc:6f:e5:d8:3b:d6:9d:8d:ed:ea:
af:c2:71:21:36:0c:24:4a:69:01:a4:43:70:58:84:f5:3d:92:
aa:76:a8:e8:81:d3:8b:56:bc:e0:a6:23:e7:c6:39:ac:cb:b2:
92:71:06:df:4e:8d:06:86:37:bc:ad:48:0f:32:c1:ef:13:98:
5a:54:2c:9e:66:c6:6d:80:01:d6:4a:e6:d8:d4:12:0c:30:82:
e2:f0:52:b0:be:2d:c3:b3:80:25:ef:c0:c6:bc:4e:a8:44:31:
b2:dc:31:36:ee:8c:d2:89:4d:0e:23:3b:16:4d:4e:05:b1:99:
b5:2b:65:bc:b3:40:9f:4b:52:93:d9:a7:8f:c0:fd:71:cf:d5:
a7:87:aa:7e:de:a5:48:f5:91:b0:92:0c:85:2d:04:49:7f:bc:
3f:92:46:75:88:60:60:2e:06:fb:76:bb:53:95:f4:f5:35:85:
41:ed:87:70:b8:0d:f8:d5:a5:37:23:ed:5d:53:50:6f:9e:73:
3e:15:52:9b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUfXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTQwMTA5WhcNMjUwMzAxMTQwMTA5WjAYMRYw
FAYDVQQDEw02NzkzOWQyOC0zZGI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmyTbn1iS/IukeUGyColX1ekDggRCi3Tqh0MuDss7bedbeMF++1O6LBnd
TAWZbtLcpnqohYaHZ9LZIB5us4GtpwA4MGpjMC8Vcc/teM5NGwsNphULiOnyaZTd
Qh+5TcITXWXbeeDIKH/YjB/ahDoW9Pxe2Qg0PxI5I3tazjhqQhMW8CWYCo7r5D5Q
Pkr5wnwhJ6iJCrDqZQm3hfgAmhaYcBQdXoCj8H7sla56PIORPxuqyhzpglXegBj/
XPXnBUuvJHW9mUKvCmfWidkRAWu5145jAb/S88SPm6ZRdQRDKjP5f3WHdqXz7sTg
JbuGoal0oiYu9E1XhF+BzndSieGUJQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKAI
TMWXu8+y7Ev9QRWbalD0UHNfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQjc0Nzk5NERBNUIxMUVGOTREMTY4QTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlHGMA0GCSqGSIb3DQEB
CwUAA4IBAQApNqQk09DxIcx5EcSnhkX5ZJjOFllYUGZtCai1mvrgPCECRh+XWpud
l6OLjNP6LT4bV7p8nWiLWXosNqieSfxv5dg71p2N7eqvwnEhNgwkSmkBpENwWIT1
PZKqdqjogdOLVrzgpiPnxjmsy7KScQbfTo0Ghje8rUgPMsHvE5haVCyeZsZtgAHW
SubY1BIMMILi8FKwvi3Ds4Al78DGvE6oRDGy3DE27ozSiU0OIzsWTU4FsZm1K2W8
s0CfS1KT2aePwP1xz9Wnh6p+3qVI9ZGwkgyFLQRJf7w/kkZ1iGBgLgb7drtTlfT1
NYVB7YdwuA341aU3I+1dU1BvnnM+FVKb
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:20:56 2025 by rpki-client