Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB8CF17CDA5111EF9E1BC15E762E951A.roa
File: AB8CF17CDA5111EF9E1BC15E762E951A.roa (raw, json)
Hash identifier: lrOzZP7L2TCi/bcD8Ql+4qEae6mB61+y2nGqvvJIbhI=
Subject key identifier: 8D:E4:B9:A7:10:44:61:89:20:FD:8E:A6:DC:11:DD:0B:54:C5:11:CC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01470D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB8CF17CDA5111EF9E1BC15E762E951A.roa
Signing time: Fri 24 Jan 2025 12:49:38 +0000
ROA not before: Fri 24 Jan 2025 12:49:34 +0000
ROA not after: Sat 01 Mar 2025 12:49:34 +0000
asID: 62240
IP address blocks: 154.223.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83725 (0x1470d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 12:49:34 2025 GMT
Not After : Mar 1 12:49:34 2025 GMT
Subject: CN=67938c62-38b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:46:70:66:8c:7f:83:69:47:e2:4e:6c:43:59:
da:55:a5:ea:43:60:87:c3:94:70:23:fb:66:7b:8e:
63:82:34:4f:5b:0d:e4:85:13:fe:c4:87:12:3f:0c:
5b:19:0c:1e:10:7f:d2:cb:96:82:e3:76:4f:79:20:
47:ee:2e:e8:26:1a:7d:04:18:4a:05:7d:66:42:4f:
ef:74:62:75:b0:64:50:11:ad:60:d3:42:77:f4:c6:
f4:a4:5e:e0:21:0a:5c:e8:15:e6:af:d4:07:d8:8a:
84:c9:94:76:c8:b1:fe:44:d5:d1:c8:e7:0f:57:12:
1e:99:1e:45:5f:af:d0:2a:14:50:74:62:d4:ef:fb:
18:fa:7c:20:b5:0b:ef:df:f7:cc:f3:ec:2e:16:c4:
98:ab:a2:0c:a7:27:ed:32:28:46:af:fb:3a:45:63:
5f:94:f4:f0:d2:68:fa:d1:f2:7c:98:69:b6:90:93:
ff:dd:23:08:aa:67:a5:0f:5f:f1:ce:0b:32:76:ec:
2d:42:ba:8c:34:58:6e:bb:94:c6:ad:aa:34:fd:04:
06:92:f7:b1:a2:7a:e6:70:15:50:1b:97:0b:90:ef:
4d:06:62:7d:25:01:b1:9d:7d:11:f6:ce:73:c8:8d:
79:2b:5f:ff:f5:07:0b:f4:e8:4e:e9:c7:ae:07:8d:
1a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:E4:B9:A7:10:44:61:89:20:FD:8E:A6:DC:11:DD:0B:54:C5:11:CC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AB8CF17CDA5111EF9E1BC15E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.209.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:f7:45:a6:76:a8:0a:18:34:32:ce:28:ff:1d:cc:89:03:de:
76:2d:0d:a3:56:2d:f1:41:b1:f9:92:21:ee:c9:c4:6e:3b:1b:
fe:7e:d5:2b:bf:80:ac:3b:0b:1b:05:8c:3e:a0:1a:12:67:46:
68:54:0e:19:5e:30:5b:9e:77:0c:dc:41:85:25:b9:be:3c:d2:
fc:60:d6:da:77:71:2b:4d:68:97:8d:8c:f8:09:6e:48:c9:7b:
31:3b:df:f3:8b:0e:2c:e4:68:bd:e6:31:f8:ca:8e:6f:37:e5:
da:53:c6:95:36:af:b9:ff:3f:96:2a:d3:c2:83:7a:15:53:4a:
bf:79:24:21:0b:66:c2:28:12:29:bb:ec:28:a3:08:29:d8:8b:
33:36:f9:de:bd:a9:b3:59:e8:29:05:57:92:9c:52:b2:67:bd:
d8:5e:41:c5:1d:22:97:0a:5b:25:91:7b:22:79:23:fc:b0:af:
1d:bc:64:d3:a4:45:a0:ef:73:cb:55:db:b3:44:b6:5e:cd:33:
0b:79:0c:07:e4:27:57:0b:46:31:c1:40:4d:47:0f:75:73:77:
18:bf:ab:fa:f6:1d:42:07:ea:45:e9:69:9e:6c:78:53:06:1a:
a1:5c:49:1a:e3:2f:9b:b5:32:61:7f:1f:ca:31:89:e3:70:31:
88:87:10:04
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUcNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTI0OTM0WhcNMjUwMzAxMTI0OTM0WjAYMRYw
FAYDVQQDEw02NzkzOGM2Mi0zOGI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5UZwZox/g2lH4k5sQ1naVaXqQ2CHw5RwI/tme45jgjRPWw3khRP+xIcS
PwxbGQweEH/Sy5aC43ZPeSBH7i7oJhp9BBhKBX1mQk/vdGJ1sGRQEa1g00J39Mb0
pF7gIQpc6BXmr9QH2IqEyZR2yLH+RNXRyOcPVxIemR5FX6/QKhRQdGLU7/sY+nwg
tQvv3/fM8+wuFsSYq6IMpyftMihGr/s6RWNflPTw0mj60fJ8mGm2kJP/3SMIqmel
D1/xzgsyduwtQrqMNFhuu5TGrao0/QQGkvexonrmcBVQG5cLkO9NBmJ9JQGxnX0R
9s5zyI15K1//9QcL9OhO6ceuB40arQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI3k
uacQRGGJIP2OptwR3QtUxRHMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQjhDRjE3Q0RBNTExMUVGOUUxQkMxNUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt/RMA0GCSqGSIb3DQEB
CwUAA4IBAQDF90WmdqgKGDQyzij/HcyJA952LQ2jVi3xQbH5kiHuycRuOxv+ftUr
v4CsOwsbBYw+oBoSZ0ZoVA4ZXjBbnncM3EGFJbm+PNL8YNbad3ErTWiXjYz4CW5I
yXsxO9/ziw4s5Gi95jH4yo5vN+XaU8aVNq+5/z+WKtPCg3oVU0q/eSQhC2bCKBIp
u+woowgp2IszNvnevamzWegpBVeSnFKyZ73YXkHFHSKXClslkXsieSP8sK8dvGTT
pEWg73PLVduzRLZezTMLeQwH5CdXC0YxwUBNRw91c3cYv6v69h1CB+pF6WmebHhT
BhqhXEka4y+btTJhfx/KMYnjcDGIhxAE
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:54:31 2025 by rpki-client