Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF418CF2C6C711EFBB170198762E951A.roa
File: BF418CF2C6C711EFBB170198762E951A.roa (raw, json)
Hash identifier: IzQRyjmB5HZL8bUXBNZJ1oC+V7sKoLR38EPhbTgCuCc=
Subject key identifier: E7:81:1B:EB:90:C2:33:97:BF:15:CD:49:A6:10:59:60:9E:9C:37:67
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0130D6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF418CF2C6C711EFBB170198762E951A.roa
Signing time: Mon 30 Dec 2024 16:04:28 +0000
ROA not before: Mon 30 Dec 2024 16:04:25 +0000
ROA not after: Sun 02 Feb 2025 16:04:25 +0000
asID: 135600
IP address blocks: 154.196.232.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78038 (0x130d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Dec 30 16:04:25 2024 GMT
Not After : Feb 2 16:04:25 2025 GMT
Subject: CN=6772c48c-1060
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5d:ef:b7:5c:b4:35:66:96:f2:ee:4e:c5:81:
65:99:e4:2e:8b:6a:16:46:12:9a:c2:92:74:06:c2:
8e:af:b8:66:f9:2e:f0:82:b8:71:76:0a:9d:55:f5:
fa:1e:c6:63:4b:28:21:9c:69:2f:ac:94:67:42:b2:
62:6f:84:2f:a1:55:f9:4c:50:dc:49:ac:6d:e9:78:
ec:99:f3:f7:0f:b3:b2:6c:01:43:47:37:75:38:d2:
b6:c5:4c:6e:b2:7c:17:26:e8:20:3a:94:96:a7:43:
1f:e4:57:b8:cd:81:5c:1e:de:05:64:19:d8:5c:22:
1e:7e:5c:b7:49:42:2b:40:79:12:5f:c0:58:54:a3:
fb:fd:df:b7:59:5d:2f:28:0a:e4:bf:af:21:fc:b9:
24:4e:2f:9f:15:47:79:2d:b7:19:ff:5a:07:8e:00:
21:37:c5:f7:96:14:53:cb:11:7c:77:79:a4:24:36:
f9:67:12:8f:38:37:50:d9:5e:b3:49:58:56:9a:b8:
42:52:9e:4f:41:c6:fd:1e:be:2e:ee:1c:90:4b:69:
c9:e2:6a:d8:76:2d:b3:62:4e:67:60:00:f3:35:8c:
3c:1c:f9:67:b9:4c:32:5c:c0:7c:16:14:d1:1b:c7:
40:1d:a8:6d:4d:f9:43:b1:7b:be:2a:6c:02:2d:6b:
91:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:81:1B:EB:90:C2:33:97:BF:15:CD:49:A6:10:59:60:9E:9C:37:67
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF418CF2C6C711EFBB170198762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.232.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:ce:44:34:56:83:1f:b4:b3:3e:f0:f9:b4:fe:85:28:86:e4:
ef:dc:9a:2b:bd:dc:8a:90:cc:e4:10:72:3d:65:58:70:06:75:
cc:93:37:ad:76:74:08:a0:ce:d4:9a:af:15:46:63:23:f1:78:
64:fd:50:33:0d:97:e9:33:70:cf:cd:29:3f:7e:31:28:ce:db:
b2:58:30:9e:86:83:f4:2d:ec:f0:57:f1:41:74:df:5c:ae:a8:
ab:b8:2c:5c:da:37:e1:2e:25:8e:f0:2a:8b:ab:61:fa:55:21:
79:48:f6:de:2a:38:85:18:7b:86:2d:90:f9:00:a7:73:8f:7f:
54:f6:11:f5:ea:58:8e:d0:02:20:5a:8f:bd:de:bd:dc:26:14:
0b:c7:5d:0d:a9:39:ca:e4:d4:0e:97:d7:7a:62:68:c3:7d:49:
67:5b:2e:b4:94:82:91:45:21:1f:56:4a:b4:98:a2:18:26:be:
e7:be:7e:a7:45:5f:fe:7f:a1:04:49:7b:08:f6:5f:46:b5:19:
70:99:a6:b3:0a:28:a8:f8:d8:79:b8:a1:64:5f:60:09:e4:5a:
0f:56:55:43:6e:0f:7c:85:0a:ca:59:d2:e7:2b:40:42:29:0b:
4a:03:f2:be:44:ff:2f:f7:3e:7b:86:ca:96:00:b7:f5:21:bf:
c6:0c:ee:5b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATDWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjMwMTYwNDI1WhcNMjUwMjAyMTYwNDI1WjAYMRYw
FAYDVQQDEw02NzcyYzQ4Yy0xMDYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsV3vt1y0NWaW8u5OxYFlmeQui2oWRhKawpJ0BsKOr7hm+S7wgrhxdgqd
VfX6HsZjSyghnGkvrJRnQrJib4QvoVX5TFDcSaxt6XjsmfP3D7OybAFDRzd1ONK2
xUxusnwXJuggOpSWp0Mf5Fe4zYFcHt4FZBnYXCIefly3SUIrQHkSX8BYVKP7/d+3
WV0vKArkv68h/LkkTi+fFUd5LbcZ/1oHjgAhN8X3lhRTyxF8d3mkJDb5ZxKPODdQ
2V6zSVhWmrhCUp5PQcb9Hr4u7hyQS2nJ4mrYdi2zYk5nYADzNYw8HPlnuUwyXMB8
FhTRG8dAHahtTflDsXu+KmwCLWuRqwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOeB
G+uQwjOXvxXNSaYQWWCenDdnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRjQxOENGMkM2QzcxMUVGQkIxNzAxOTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsToMA0GCSqGSIb3DQEB
CwUAA4IBAQCozkQ0VoMftLM+8Pm0/oUohuTv3JorvdyKkMzkEHI9ZVhwBnXMkzet
dnQIoM7Umq8VRmMj8Xhk/VAzDZfpM3DPzSk/fjEoztuyWDCehoP0LezwV/FBdN9c
rqiruCxc2jfhLiWO8CqLq2H6VSF5SPbeKjiFGHuGLZD5AKdzj39U9hH16liO0AIg
Wo+93r3cJhQLx10NqTnK5NQOl9d6YmjDfUlnWy60lIKRRSEfVkq0mKIYJr7nvn6n
RV/+f6EESXsI9l9GtRlwmaazCiio+Nh5uKFkX2AJ5FoPVlVDbg98hQrKWdLnK0BC
KQtKA/K+RP8v9z57hsqWALf1Ib/GDO5b
-----END CERTIFICATE-----
Generated at Sun Apr 27 18:09:18 2025 by rpki-client