Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BC59338AD51011EF8DEA8E96762E951A.roa
File: BC59338AD51011EF8DEA8E96762E951A.roa (raw, json)
Hash identifier: t/NvhLgjFXlyNswKxt6TU95EQHeH6m/K+T3YnjKDd9U=
Subject key identifier: A8:DE:30:47:27:EB:01:2F:83:B3:82:90:5B:DF:4D:EF:D9:5A:79:8E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013D3B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BC59338AD51011EF8DEA8E96762E951A.roa
Signing time: Fri 17 Jan 2025 20:22:13 +0000
ROA not before: Fri 17 Jan 2025 20:22:09 +0000
ROA not after: Sat 22 Feb 2025 20:22:09 +0000
asID: 139646
IP address blocks: 154.212.128.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81211 (0x13d3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 17 20:22:09 2025 GMT
Not After : Feb 22 20:22:09 2025 GMT
Subject: CN=678abbf5-0780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:76:08:72:11:71:1f:81:14:3c:36:07:35:ae:
a9:3f:5e:50:1f:01:f2:c7:5c:f7:ad:a6:8e:b6:71:
21:a7:fa:c8:10:0d:46:9d:d7:68:b4:29:7b:15:b7:
19:ee:bf:4f:cb:ed:b9:ed:26:54:ad:e9:2c:d2:6a:
a0:69:16:50:bd:b0:05:ef:ab:59:ce:06:4c:f3:4a:
f8:75:4f:d2:75:ca:80:c7:e4:53:2a:f4:18:3c:d4:
64:d6:c4:c7:60:f2:8f:69:b6:37:67:2d:4c:e9:4f:
56:88:7f:9c:c0:03:92:af:6f:c5:c2:5d:74:9a:b1:
d3:9a:c9:65:38:ad:72:5e:b9:25:b5:12:ac:d8:51:
43:12:f1:cb:f0:b9:e8:be:0f:0a:2a:af:3a:c5:e9:
43:ab:df:c0:d5:3b:45:ad:e0:e0:f0:55:dc:5e:f8:
59:f6:95:01:e8:cb:ff:21:dd:06:5b:a6:f7:ea:e0:
7e:91:6f:82:0c:25:27:ce:6a:3b:c2:90:19:d5:3b:
47:62:6d:0d:ad:f4:55:9e:d5:a2:dd:84:1b:0f:27:
f8:0a:42:06:8e:6f:c7:1e:a2:6f:48:ac:06:5d:dc:
2b:42:70:f6:ef:f7:8d:87:5a:a9:a6:aa:aa:30:d9:
d5:be:ab:d8:73:06:e4:1a:ef:55:35:33:0d:fa:db:
85:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:DE:30:47:27:EB:01:2F:83:B3:82:90:5B:DF:4D:EF:D9:5A:79:8E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BC59338AD51011EF8DEA8E96762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.128.0/24
Signature Algorithm: sha256WithRSAEncryption
91:70:3b:cb:e6:cf:15:d7:25:53:31:55:0c:ca:30:9f:cf:65:
f8:8f:c7:bf:57:02:e0:44:2a:1d:c7:8a:f5:c5:fb:fa:a3:41:
a5:0e:3d:13:33:f6:4a:5c:e9:2a:65:26:0d:26:17:e8:6f:69:
fa:21:a5:49:a4:cc:27:96:2f:86:bd:8e:29:27:3b:d0:23:79:
ac:95:2d:9b:97:30:b4:b0:ae:99:15:16:26:d5:96:bf:f9:22:
87:c2:dc:e4:3d:4d:6a:b7:c1:a1:29:94:ff:b8:a9:a1:fc:f0:
6e:b3:27:68:a3:f2:f8:8c:84:92:8f:df:ad:cc:e6:d8:42:a8:
da:13:fe:a1:de:57:70:13:30:ca:ac:fa:a1:3f:e4:97:6e:ac:
b6:1d:0c:95:38:ed:a5:2d:9f:ce:05:b4:7d:b2:cf:a7:d2:24:
7c:48:f5:2f:0f:fe:3c:38:da:88:30:3b:a7:1a:63:b9:0c:ab:
25:41:2f:2e:52:9e:f7:c4:91:c9:c0:7a:7c:ff:ca:33:f3:75:
4f:46:d9:f1:88:fd:2e:a8:d1:bb:e0:92:bc:01:51:96:fd:32:
b9:44:62:73:9a:ba:a4:59:46:d6:48:cd:73:7c:7b:fb:95:e9:
49:b9:d5:09:16:6b:c7:9f:86:ca:60:1b:8a:2c:c4:5e:5a:2b:
0b:62:cb:a2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT07MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE3MjAyMjA5WhcNMjUwMjIyMjAyMjA5WjAYMRYw
FAYDVQQDEw02NzhhYmJmNS0wNzgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt3YIchFxH4EUPDYHNa6pP15QHwHyx1z3raaOtnEhp/rIEA1GnddotCl7
FbcZ7r9Py+257SZUreks0mqgaRZQvbAF76tZzgZM80r4dU/SdcqAx+RTKvQYPNRk
1sTHYPKPabY3Zy1M6U9WiH+cwAOSr2/Fwl10mrHTmsllOK1yXrkltRKs2FFDEvHL
8Lnovg8KKq86xelDq9/A1TtFreDg8FXcXvhZ9pUB6Mv/Id0GW6b36uB+kW+CDCUn
zmo7wpAZ1TtHYm0NrfRVntWi3YQbDyf4CkIGjm/HHqJvSKwGXdwrQnD27/eNh1qp
pqqqMNnVvqvYcwbkGu9VNTMN+tuFjwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKje
MEcn6wEvg7OCkFvfTe/ZWnmOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQzU5MzM4QUQ1MTAxMUVGOERFQThFOTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtSAMA0GCSqGSIb3DQEB
CwUAA4IBAQCRcDvL5s8V1yVTMVUMyjCfz2X4j8e/VwLgRCodx4r1xfv6o0GlDj0T
M/ZKXOkqZSYNJhfob2n6IaVJpMwnli+GvY4pJzvQI3mslS2blzC0sK6ZFRYm1Za/
+SKHwtzkPU1qt8GhKZT/uKmh/PBusydoo/L4jISSj9+tzObYQqjaE/6h3ldwEzDK
rPqhP+SXbqy2HQyVOO2lLZ/OBbR9ss+n0iR8SPUvD/48ONqIMDunGmO5DKslQS8u
Up73xJHJwHp8/8oz83VPRtnxiP0uqNG74JK8AVGW/TK5RGJzmrqkWUbWSM1zfHv7
lelJudUJFmvHn4bKYBuKLMReWisLYsui
-----END CERTIFICATE-----
Generated at Sat Apr 26 21:48:15 2025 by rpki-client