Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF87CF38D8BF11EF91F2E548762E951A.roa
File: AF87CF38D8BF11EF91F2E548762E951A.roa (raw, json)
Hash identifier: G1rDVMjMa0cgl6HB51f5aUUitkCkB4NM9gm3IYxeq0A=
Subject key identifier: C3:FC:E9:9A:90:C5:5B:66:0C:D3:68:04:14:55:DD:75:B6:59:E7:95
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013F60
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF87CF38D8BF11EF91F2E548762E951A.roa
Signing time: Wed 22 Jan 2025 12:52:07 +0000
ROA not before: Wed 22 Jan 2025 12:52:03 +0000
ROA not after: Sat 08 Feb 2025 12:52:03 +0000
asID: 18229
IP address blocks: 154.210.146.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81760 (0x13f60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 22 12:52:03 2025 GMT
Not After : Feb 8 12:52:03 2025 GMT
Subject: CN=6790e9f7-32d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:51:05:f8:5e:89:02:e6:6a:ad:ca:00:10:f0:
aa:ea:72:7d:b9:f6:30:48:db:6a:a7:f0:10:3b:36:
a9:b0:c3:df:b9:69:4f:c1:94:fb:19:de:d0:7f:38:
1a:11:52:42:6d:df:74:e2:64:65:a5:e2:d8:a2:4c:
46:64:c8:7d:2f:e1:ae:aa:fe:dd:0a:c8:a6:8b:b5:
7e:2d:33:1e:d8:ee:c3:91:29:16:c9:84:66:4b:9e:
43:c0:88:69:8e:78:55:db:c4:61:04:b6:e7:f1:68:
f9:27:e4:ce:99:ff:8f:59:f2:40:0c:e6:ae:1f:4b:
e0:5a:0c:4b:ad:b3:96:bd:5c:e0:ab:f1:88:da:01:
e3:6d:9f:8e:0f:2e:39:8b:a4:0e:c9:1e:1b:b7:79:
ee:4a:4f:4d:3f:39:ca:f3:1b:72:50:dc:6c:dd:61:
d6:08:d7:59:c1:20:2b:1d:fb:f1:10:94:15:01:38:
42:a7:dd:ec:e3:b4:13:61:dd:22:59:a5:bd:ad:4c:
e2:8a:3b:89:38:e0:f2:16:0e:13:9b:2a:0d:72:82:
0d:73:5f:3d:5d:ed:ce:22:be:b7:df:87:22:8e:d0:
56:72:70:51:c5:8f:3c:a4:fa:5d:56:6e:ac:10:d3:
35:41:ee:ba:a3:19:6a:1e:77:fc:57:f8:63:84:8b:
1c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:FC:E9:9A:90:C5:5B:66:0C:D3:68:04:14:55:DD:75:B6:59:E7:95
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AF87CF38D8BF11EF91F2E548762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.146.0/24
Signature Algorithm: sha256WithRSAEncryption
85:94:13:b4:fc:0c:d0:bf:9b:c3:bb:da:aa:97:cb:e5:c1:b3:
93:75:0d:85:0c:84:d9:28:89:de:ff:35:57:35:96:43:60:e2:
25:f5:a7:ff:b5:f0:6c:74:ce:91:9d:44:2a:b9:e8:ff:95:92:
d9:32:ef:70:07:44:2d:ab:c3:f7:12:7d:af:16:56:66:63:7a:
bb:f5:68:2d:2f:f1:1a:f1:6d:84:7a:af:90:32:da:10:b0:6a:
99:d4:49:37:41:86:f9:96:1a:25:13:15:4c:0b:c2:e7:b6:94:
2a:7c:6d:4c:45:9c:1a:57:de:d5:38:af:ca:77:a7:15:f3:62:
bb:b4:fa:b5:c6:15:0d:b3:73:b8:ae:25:99:7b:a7:ae:1e:ff:
62:21:1d:be:0b:c9:db:94:8b:6d:7b:b1:3e:ab:56:20:bc:47:
ea:a5:84:24:22:45:db:69:57:4a:97:b9:5f:72:5d:92:a5:84:
8c:6a:04:46:4a:8e:5d:ad:cb:c7:49:e0:88:8b:1c:ef:85:0d:
6c:70:ae:fd:73:79:83:ea:57:af:f5:89:19:75:18:9e:45:88:
cc:a5:00:92:33:ba:6d:66:47:ca:8d:64:ea:3a:58:b2:f0:73:
f0:7d:e5:62:a4:1e:83:01:96:1b:57:ab:49:0f:1a:25:43:16:
0c:95:fe:e4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT9gMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIyMTI1MjAzWhcNMjUwMjA4MTI1MjAzWjAYMRYw
FAYDVQQDEw02NzkwZTlmNy0zMmQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA21EF+F6JAuZqrcoAEPCq6nJ9ufYwSNtqp/AQOzapsMPfuWlPwZT7Gd7Q
fzgaEVJCbd904mRlpeLYokxGZMh9L+Guqv7dCsimi7V+LTMe2O7DkSkWyYRmS55D
wIhpjnhV28RhBLbn8Wj5J+TOmf+PWfJADOauH0vgWgxLrbOWvVzgq/GI2gHjbZ+O
Dy45i6QOyR4bt3nuSk9NPznK8xtyUNxs3WHWCNdZwSArHfvxEJQVAThCp93s47QT
Yd0iWaW9rUziijuJOODyFg4TmyoNcoINc189Xe3OIr6334cijtBWcnBRxY88pPpd
Vm6sENM1Qe66oxlqHnf8V/hjhIscBQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMP8
6ZqQxVtmDNNoBBRV3XW2WeeVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRjg3Q0YzOEQ4QkYxMUVGOTFGMkU1NDg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtKSMA0GCSqGSIb3DQEB
CwUAA4IBAQCFlBO0/AzQv5vDu9qql8vlwbOTdQ2FDITZKIne/zVXNZZDYOIl9af/
tfBsdM6RnUQquej/lZLZMu9wB0Qtq8P3En2vFlZmY3q79WgtL/Ea8W2Eeq+QMtoQ
sGqZ1Ek3QYb5lholExVMC8LntpQqfG1MRZwaV97VOK/Kd6cV82K7tPq1xhUNs3O4
riWZe6euHv9iIR2+C8nblItte7E+q1YgvEfqpYQkIkXbaVdKl7lfcl2SpYSMagRG
So5drcvHSeCIixzvhQ1scK79c3mD6lev9YkZdRieRYjMpQCSM7ptZkfKjWTqOliy
8HPwfeVipB6DAZYbV6tJDxolQxYMlf7k
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:42:31 2025 by rpki-client