Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B482952CBEB611EF967ABE7A762E951A.roa
File: B482952CBEB611EF967ABE7A762E951A.roa (raw, json)
Hash identifier: qYDeoRh0qshODqBqhaVI8xhc8PN15DIK14gkTdbTyDM=
Subject key identifier: 0B:C3:9F:0B:8E:D2:FF:6A:6D:43:46:9A:4E:66:8F:00:79:66:B8:D1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011CC2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B482952CBEB611EF967ABE7A762E951A.roa
Signing time: Fri 20 Dec 2024 09:42:19 +0000
ROA not before: Fri 20 Dec 2024 09:42:16 +0000
ROA not after: Sun 02 Feb 2025 09:42:16 +0000
asID: 202656
IP address blocks: 154.221.56.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72898 (0x11cc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Dec 20 09:42:16 2024 GMT
Not After : Feb 2 09:42:16 2025 GMT
Subject: CN=67653bfb-3b23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:15:f3:79:61:af:21:ad:32:e4:59:4b:85:af:
e2:e6:d6:d0:95:4b:50:e5:01:11:b9:ec:49:2e:03:
58:1d:a8:dd:00:09:c7:69:6e:a0:09:c5:f2:3d:d2:
cc:bc:cc:2f:fb:d8:d3:6b:d6:93:4a:0f:fe:dd:e7:
fb:93:0d:bb:bf:50:6b:0b:bc:b6:25:fd:b2:d2:f1:
c4:6b:1e:bb:4a:a7:ec:db:f5:f3:45:6b:cb:df:c3:
b7:0d:ee:42:bc:06:ea:25:f4:a0:e0:c9:9b:81:5a:
8f:4a:09:ea:b0:63:55:e1:22:fb:ca:1c:16:14:2b:
0e:c6:21:54:13:7c:b3:b6:2e:68:19:db:36:b2:65:
74:50:5d:f9:42:72:ca:8b:4d:af:f7:d2:e5:25:3c:
cc:85:48:24:4e:55:4f:b2:72:41:21:b9:ad:0b:9a:
1c:52:f3:c3:3a:1f:69:37:ac:63:c1:52:d3:ef:04:
43:8e:1f:2b:1f:bf:48:4a:c9:e3:22:62:16:bb:95:
df:91:17:f8:b9:ac:8f:2c:eb:52:06:1d:58:5d:d8:
ce:17:c0:7c:b1:cd:f3:15:88:ef:4e:e8:aa:84:a8:
38:4d:cc:6e:1b:7c:be:95:34:db:e9:fe:60:64:02:
da:89:8e:ac:22:fb:db:e0:06:03:40:e9:55:78:39:
55:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:C3:9F:0B:8E:D2:FF:6A:6D:43:46:9A:4E:66:8F:00:79:66:B8:D1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B482952CBEB611EF967ABE7A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.56.0/21
Signature Algorithm: sha256WithRSAEncryption
6f:02:f6:96:d8:24:b9:28:29:3f:b8:a9:77:51:49:08:0f:a9:
d1:03:c4:1a:14:f1:92:79:29:98:83:99:55:6b:76:64:26:3f:
ef:7a:4a:53:fb:8f:0c:f9:1c:2c:9d:29:2e:86:82:a5:a6:0a:
f1:f4:14:03:07:2a:e8:a8:0e:a5:88:cc:43:21:fc:75:cf:18:
f3:40:f1:8d:ae:ab:c9:c6:65:c1:14:43:9c:e6:6b:e9:29:a3:
c5:93:62:c9:2f:52:c4:a8:ef:a7:b6:69:a1:b3:46:76:a5:79:
d2:49:5d:3d:b9:f0:f2:77:0a:ae:aa:0a:f7:13:d4:f6:7a:a2:
c2:d3:83:70:54:7e:ca:30:d3:6d:38:cb:07:d6:42:46:75:1d:
31:ae:1f:30:bd:7c:2e:9f:72:8c:21:74:e2:5e:7c:cc:12:68:
56:6e:fe:f1:5d:67:e1:3e:70:1d:5a:11:22:8d:32:57:1a:2b:
2a:94:83:17:ea:b7:ff:fd:02:3a:ce:a8:aa:52:89:6c:d9:08:
2f:ed:83:5c:79:05:7a:4f:83:aa:05:45:5a:e7:90:51:ad:74:
89:02:4c:08:f8:09:e0:91:b8:8f:e5:12:4d:ca:15:b7:8f:e4:
1b:04:63:bb:d8:65:6b:9b:b0:41:d2:e0:f8:81:c9:7f:94:4a:
0e:ac:47:aa
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARzCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIwMDk0MjE2WhcNMjUwMjAyMDk0MjE2WjAYMRYw
FAYDVQQDEw02NzY1M2JmYi0zYjIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlRXzeWGvIa0y5FlLha/i5tbQlUtQ5QERuexJLgNYHajdAAnHaW6gCcXy
PdLMvMwv+9jTa9aTSg/+3ef7kw27v1BrC7y2Jf2y0vHEax67Sqfs2/XzRWvL38O3
De5CvAbqJfSg4MmbgVqPSgnqsGNV4SL7yhwWFCsOxiFUE3yzti5oGds2smV0UF35
QnLKi02v99LlJTzMhUgkTlVPsnJBIbmtC5ocUvPDOh9pN6xjwVLT7wRDjh8rH79I
SsnjImIWu5XfkRf4uayPLOtSBh1YXdjOF8B8sc3zFYjvTuiqhKg4TcxuG3y+lTTb
6f5gZALaiY6sIvvb4AYDQOlVeDlV9QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAvD
nwuO0v9qbUNGmk5mjwB5ZrjRMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNDgyOTUyQ0JFQjYxMUVGOTY3QUJFN0E3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmt04MA0GCSqGSIb3DQEB
CwUAA4IBAQBvAvaW2CS5KCk/uKl3UUkID6nRA8QaFPGSeSmYg5lVa3ZkJj/vekpT
+48M+RwsnSkuhoKlpgrx9BQDByroqA6liMxDIfx1zxjzQPGNrqvJxmXBFEOc5mvp
KaPFk2LJL1LEqO+ntmmhs0Z2pXnSSV09ufDydwquqgr3E9T2eqLC04NwVH7KMNNt
OMsH1kJGdR0xrh8wvXwun3KMIXTiXnzMEmhWbv7xXWfhPnAdWhEijTJXGisqlIMX
6rf//QI6zqiqUols2Qgv7YNceQV6T4OqBUVa55BRrXSJAkwI+AngkbiP5RJNyhW3
j+QbBGO72GVrm7BB0uD4gcl/lEoOrEeq
-----END CERTIFICATE-----
Generated at Sun Apr 27 12:01:44 2025 by rpki-client