Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AC25BEDEDA4711EF9286689B762E951A.roa
File: AC25BEDEDA4711EF9286689B762E951A.roa (raw, json)
Hash identifier: UOgPrBwoK4BAVD58xONZ9VZ5Lo2llwkXLrhc3pr8zi8=
Subject key identifier: 20:68:A6:4B:CA:84:E3:52:6F:C4:FA:4A:08:CE:E0:84:E0:9A:C4:7B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014629
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AC25BEDEDA4711EF9286689B762E951A.roa
Signing time: Fri 24 Jan 2025 11:38:04 +0000
ROA not before: Fri 24 Jan 2025 11:38:00 +0000
ROA not after: Sat 08 Feb 2025 11:38:00 +0000
asID: 18229
IP address blocks: 154.210.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83497 (0x14629)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 11:38:00 2025 GMT
Not After : Feb 8 11:38:00 2025 GMT
Subject: CN=67937b9c-3734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:27:55:4d:22:9c:fc:fb:f6:fd:db:6a:3b:a8:
af:cd:2f:e6:9d:ee:e6:14:25:b6:01:30:08:78:cf:
90:fe:10:ff:65:92:37:18:4d:b1:4f:43:b8:8b:c2:
e9:52:77:ef:d1:3d:54:0a:f2:d7:2d:cf:f3:ff:1b:
fb:1a:56:c5:b8:d2:62:56:b2:32:f6:70:ec:aa:a0:
f2:5f:c6:70:4d:37:f5:2b:ef:db:ba:a8:75:93:6c:
e3:6f:33:6c:52:8e:3c:b1:f6:ef:6e:df:b9:6e:24:
4c:60:8f:4d:ef:67:95:f8:64:c3:55:d6:7f:86:8b:
12:71:e2:77:d8:27:20:24:56:1d:0e:79:a7:2f:fc:
5d:ac:47:f4:61:24:ca:c8:b2:72:3b:cd:01:47:bf:
ef:6b:6c:d0:30:c8:8f:9a:50:ad:cf:a8:13:c6:fa:
38:94:ca:dd:f2:4c:86:df:84:da:32:61:cd:6b:36:
ac:4f:47:15:41:cc:d8:b3:9c:ac:db:ac:b1:78:ce:
ab:7f:ca:97:85:ab:14:90:37:4c:1a:a5:8e:6b:41:
d4:5f:84:79:34:5c:78:8f:fb:c4:23:82:80:64:51:
0a:fe:c1:e1:c8:60:54:ab:43:db:87:e7:45:e5:05:
25:5f:a7:2a:d1:aa:0b:61:99:3c:8a:77:33:12:98:
1d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:68:A6:4B:CA:84:E3:52:6F:C4:FA:4A:08:CE:E0:84:E0:9A:C4:7B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AC25BEDEDA4711EF9286689B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.174.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:5a:ad:33:ba:c2:45:83:cb:db:df:1c:d4:56:de:c2:5e:3c:
8c:03:e4:6d:a6:fc:6e:bd:e6:82:13:7d:d0:e4:f4:64:86:b0:
a9:3b:a8:ee:9c:f2:43:b7:57:76:de:b8:da:f7:6e:6a:db:8c:
7e:d7:7e:a4:ca:d6:83:27:5e:4b:48:14:8b:d5:8b:b6:91:dd:
99:35:ed:0b:fc:cb:d2:e8:c9:ef:c9:b3:e4:76:1f:6c:ca:6e:
85:ec:78:dc:b5:4e:40:d6:19:a6:ad:e1:87:9e:52:a6:13:8a:
4d:e6:9a:ba:f7:1f:51:85:61:8f:d2:ec:e3:a6:11:e6:f3:b6:
c3:e4:61:e8:f9:98:ff:81:4d:d4:57:c1:87:d6:8a:7a:ea:b6:
d7:a4:5f:b9:b2:78:d7:14:ed:82:9c:ce:2b:ac:d6:40:8d:a2:
49:72:0a:35:b6:c0:8f:72:31:d2:8a:a4:7f:7d:b8:46:f3:d5:
93:f0:cd:46:ab:00:2e:55:ea:f3:f5:73:3a:b0:fb:0e:fb:fc:
37:d1:23:1c:43:66:2f:12:51:ec:4f:71:62:ee:ba:3e:3b:0d:
2f:fb:87:14:30:56:01:c1:c8:55:55:8f:7c:31:91:8b:7c:f6:
34:58:9f:4f:8f:5e:0a:a1:57:4e:35:b6:15:f6:9d:a2:c5:f1:
3b:e1:e0:df
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUYpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTEzODAwWhcNMjUwMjA4MTEzODAwWjAYMRYw
FAYDVQQDEw02NzkzN2I5Yy0zNzM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtydVTSKc/Pv2/dtqO6ivzS/mne7mFCW2ATAIeM+Q/hD/ZZI3GE2xT0O4
i8LpUnfv0T1UCvLXLc/z/xv7GlbFuNJiVrIy9nDsqqDyX8ZwTTf1K+/buqh1k2zj
bzNsUo48sfbvbt+5biRMYI9N72eV+GTDVdZ/hosSceJ32CcgJFYdDnmnL/xdrEf0
YSTKyLJyO80BR7/va2zQMMiPmlCtz6gTxvo4lMrd8kyG34TaMmHNazasT0cVQczY
s5ys26yxeM6rf8qXhasUkDdMGqWOa0HUX4R5NFx4j/vEI4KAZFEK/sHhyGBUq0Pb
h+dF5QUlX6cq0aoLYZk8inczEpgd5wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCBo
pkvKhONSb8T6SgjO4ITgmsR7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQzI1QkVERURBNDcxMUVGOTI4NjY4OUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtKuMA0GCSqGSIb3DQEB
CwUAA4IBAQAeWq0zusJFg8vb3xzUVt7CXjyMA+RtpvxuveaCE33Q5PRkhrCpO6ju
nPJDt1d23rja925q24x+136kytaDJ15LSBSL1Yu2kd2ZNe0L/MvS6MnvybPkdh9s
ym6F7HjctU5A1hmmreGHnlKmE4pN5pq69x9RhWGP0uzjphHm87bD5GHo+Zj/gU3U
V8GH1op66rbXpF+5snjXFO2CnM4rrNZAjaJJcgo1tsCPcjHSiqR/fbhG89WT8M1G
qwAuVerz9XM6sPsO+/w30SMcQ2YvElHsT3Fi7ro+Ow0v+4cUMFYBwchVVY98MZGL
fPY0WJ9Pj14KoVdONbYV9p2ixfE74eDf
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:42:43 2025 by rpki-client