Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B8F201A6DA3611EFBFEE8BA7762E951A.roa
File: B8F201A6DA3611EFBFEE8BA7762E951A.roa (raw, json)
Hash identifier: jtaKcG+WA5UH1p1aulAyylZsFb+DzgKEAkdGK4C02Pk=
Subject key identifier: EB:63:85:F4:1E:D8:B7:C7:19:04:4C:32:CF:79:74:62:3F:96:61:EC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014502
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B8F201A6DA3611EFBFEE8BA7762E951A.roa
Signing time: Fri 24 Jan 2025 09:36:44 +0000
ROA not before: Fri 24 Jan 2025 09:36:40 +0000
ROA not after: Wed 05 Mar 2025 09:36:40 +0000
asID: 202656
IP address blocks: 154.219.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83202 (0x14502)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 09:36:40 2025 GMT
Not After : Mar 5 09:36:40 2025 GMT
Subject: CN=67935f2c-f69b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5a:d7:0e:b2:26:28:21:3f:b7:0f:38:75:dd:
f3:58:c2:46:12:bc:66:99:41:4e:5e:09:66:b8:d6:
02:34:21:a8:ab:a2:c1:7c:4e:59:c8:2e:b1:a0:5e:
a6:84:f4:ec:18:ec:7d:ba:b7:f1:ef:e0:11:aa:9d:
27:3d:ff:c6:c2:ed:63:e6:0e:29:b0:66:a7:d2:31:
2c:b8:83:13:bd:c3:8b:5b:93:c1:93:c6:2e:a7:1d:
bb:a1:75:e9:25:7d:8b:85:66:28:86:ad:17:3a:a7:
cd:31:2a:e4:ee:9b:9b:66:4a:4d:e4:60:c4:62:70:
a6:b9:39:86:59:a1:ca:b5:87:b0:aa:d1:43:c4:cd:
e1:43:17:13:13:8a:1a:ea:71:03:d2:a8:d1:4d:b4:
04:36:73:ba:b9:4d:a7:3a:cc:0b:18:1c:f7:03:21:
55:23:c1:72:fd:05:75:0b:d9:06:1c:02:63:f8:f0:
a7:92:b4:58:7a:99:d1:09:6e:b7:28:7f:2b:a2:7f:
cf:ce:70:db:2f:6b:39:c2:1e:fd:3b:be:06:38:79:
b9:fd:43:49:37:27:35:33:1b:5a:d3:9a:de:91:41:
bb:fc:34:5c:b2:1c:8e:0d:4c:54:bc:b7:46:31:93:
82:d5:a1:37:30:53:2e:46:5c:68:25:cf:03:e8:17:
0e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:63:85:F4:1E:D8:B7:C7:19:04:4C:32:CF:79:74:62:3F:96:61:EC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B8F201A6DA3611EFBFEE8BA7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.221.0/24
Signature Algorithm: sha256WithRSAEncryption
65:e1:4d:b7:f8:0f:be:9a:5c:d8:2a:67:af:f5:29:3a:dd:70:
10:b9:05:a2:c1:b4:cc:60:1e:a8:7a:23:db:7a:2d:d2:22:e6:
1d:4c:87:16:57:2a:14:f6:46:80:28:1a:a6:d6:7c:6e:84:b0:
4b:47:cf:85:12:cc:99:cc:35:ea:d3:4f:6c:46:0c:33:a9:8c:
e0:e6:37:cf:5a:55:04:8c:49:0d:0d:ea:fb:41:14:fa:e5:bd:
e7:a7:01:a7:b2:10:4e:35:9c:f2:8d:59:48:3a:eb:2c:d4:23:
d4:2f:28:f7:70:49:e7:67:b8:36:da:88:53:be:14:2c:ce:d2:
15:6c:5d:14:93:0a:b0:1e:0b:a8:5b:18:ae:36:30:cd:cf:ed:
c0:61:ce:01:ff:c6:c1:fd:f0:43:05:2d:6a:80:f7:6f:09:b1:
db:6d:7a:57:7b:04:b9:8e:3d:66:b8:14:f0:60:8d:42:a9:40:
b1:c6:9a:62:5b:e7:c8:27:77:15:5a:9b:68:12:b3:fe:68:72:
b4:ee:7f:56:a5:60:be:ca:de:61:fd:04:f8:f6:1a:4f:f5:d9:
1f:ac:cf:ce:5b:3c:e3:9a:61:9a:85:2c:7d:78:5b:67:6d:e7:
7f:b9:2c:36:fc:03:7f:05:4b:66:e3:38:38:fa:b4:15:f7:c2:
46:24:2b:80
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUUCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDkzNjQwWhcNMjUwMzA1MDkzNjQwWjAYMRYw
FAYDVQQDEw02NzkzNWYyYy1mNjliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzVrXDrImKCE/tw84dd3zWMJGErxmmUFOXglmuNYCNCGoq6LBfE5ZyC6x
oF6mhPTsGOx9urfx7+ARqp0nPf/Gwu1j5g4psGan0jEsuIMTvcOLW5PBk8Yupx27
oXXpJX2LhWYohq0XOqfNMSrk7pubZkpN5GDEYnCmuTmGWaHKtYewqtFDxM3hQxcT
E4oa6nED0qjRTbQENnO6uU2nOswLGBz3AyFVI8Fy/QV1C9kGHAJj+PCnkrRYepnR
CW63KH8ron/PznDbL2s5wh79O74GOHm5/UNJNyc1Mxta05rekUG7/DRcshyODUxU
vLdGMZOC1aE3MFMuRlxoJc8D6BcOUQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOtj
hfQe2LfHGQRMMs95dGI/lmHsMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9COEYyMDFBNkRBMzYxMUVGQkZFRThCQTc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtvdMA0GCSqGSIb3DQEB
CwUAA4IBAQBl4U23+A++mlzYKmev9Sk63XAQuQWiwbTMYB6oeiPbei3SIuYdTIcW
VyoU9kaAKBqm1nxuhLBLR8+FEsyZzDXq009sRgwzqYzg5jfPWlUEjEkNDer7QRT6
5b3npwGnshBONZzyjVlIOuss1CPULyj3cEnnZ7g22ohTvhQsztIVbF0UkwqwHguo
WxiuNjDNz+3AYc4B/8bB/fBDBS1qgPdvCbHbbXpXewS5jj1muBTwYI1CqUCxxppi
W+fIJ3cVWptoErP+aHK07n9WpWC+yt5h/QT49hpP9dkfrM/OWzzjmmGahSx9eFtn
bed/uSw2/AN/BUtm4zg4+rQV98JGJCuA
-----END CERTIFICATE-----
Generated at Sun Apr 27 09:43:34 2025 by rpki-client