Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C0A34552D98911EF8BF72F99762E951A.roa
File: C0A34552D98911EF8BF72F99762E951A.roa (raw, json)
Hash identifier: dcBhqgbRlleMVMMZ8vvMUuGzI4z7UIl0eA6JK3nO/Jc=
Subject key identifier: 01:26:44:1E:50:AC:4C:BD:3A:68:2E:88:0D:DE:2B:F0:FF:A5:E9:8B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01424F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C0A34552D98911EF8BF72F99762E951A.roa
Signing time: Thu 23 Jan 2025 12:58:34 +0000
ROA not before: Thu 23 Jan 2025 12:58:30 +0000
ROA not after: Fri 28 Feb 2025 12:58:30 +0000
asID: 62240
IP address blocks: 154.195.98.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82511 (0x1424f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 23 12:58:30 2025 GMT
Not After : Feb 28 12:58:30 2025 GMT
Subject: CN=67923cfa-070a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d2:6d:74:59:93:74:6a:7d:34:73:3c:54:5f:
9d:01:ea:3b:19:f5:67:19:5c:b1:a0:15:e1:3c:15:
33:43:cd:5d:fe:9e:4c:7e:52:f9:ce:32:40:2a:ba:
3c:16:38:2f:e2:7a:c8:4d:8a:78:33:30:d9:01:46:
75:f5:6c:e6:ba:d8:6a:d5:a8:13:6f:9b:eb:9a:9a:
77:83:69:ba:71:2d:40:f0:9f:ca:cb:a0:9e:e2:b1:
41:2a:f6:74:83:97:80:74:2d:56:67:ec:e1:0e:a9:
87:51:ae:a6:57:be:8e:27:50:c2:76:1f:36:e5:8a:
46:46:f1:3b:05:ec:92:cd:36:65:ea:cb:8e:7b:e5:
2a:2e:a1:7d:ee:50:eb:2b:85:f2:70:33:42:f1:d6:
fd:9e:11:4a:53:60:a7:66:54:76:5f:cb:c7:6c:0c:
70:46:92:71:53:c6:08:c6:76:c6:85:18:56:90:00:
4d:7e:b8:e7:68:22:09:4c:39:96:38:c7:f8:40:b8:
eb:dd:70:7e:d8:7d:ed:5e:a7:d4:c5:bd:b4:e2:5a:
8b:a5:10:6e:9f:00:be:c7:a0:9b:6c:48:bf:64:ec:
52:83:a5:3c:75:97:06:70:45:ee:8a:a4:0c:bf:6a:
be:21:f5:29:42:61:8d:57:1c:9d:8a:7b:af:0b:86:
64:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:26:44:1E:50:AC:4C:BD:3A:68:2E:88:0D:DE:2B:F0:FF:A5:E9:8B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C0A34552D98911EF8BF72F99762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.98.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:e8:85:61:8f:79:08:d5:8c:55:e6:68:cf:e3:ac:46:6d:50:
db:7d:25:3c:9c:ad:5c:63:e3:89:89:c9:56:21:3a:97:31:15:
64:9d:d0:26:b8:ae:9e:09:4f:af:57:93:30:88:ff:66:78:58:
30:bc:a0:07:3b:94:e5:aa:6f:d5:25:f3:b7:3d:01:b7:19:22:
20:22:c5:4d:b3:94:99:9e:58:c2:f6:94:f2:4a:f4:f1:39:dc:
e6:1f:b3:45:79:d1:38:c5:4a:ac:ce:36:dd:51:df:3d:31:dc:
80:4c:7b:38:52:ac:ae:12:7d:52:91:b8:26:0b:a7:4f:b4:5c:
fb:c8:7b:02:7e:4c:75:40:ec:3a:37:0d:af:be:6b:3e:df:75:
4a:77:ae:47:64:31:95:e5:28:ee:04:03:61:68:25:e0:2d:f9:
bf:0e:66:a1:ec:be:83:4e:a5:ae:24:5c:60:7f:16:f8:45:97:
ea:88:01:35:37:7e:5d:de:b3:0c:90:ca:9d:c6:2a:d6:eb:1f:
00:6a:70:f0:b5:27:1c:53:0e:d1:ce:a8:e5:a9:b5:cc:20:c7:
c8:77:d2:75:1d:5a:77:79:8a:29:61:59:40:bc:c0:67:10:20:
a9:5f:ff:46:d5:1d:80:19:06:4a:cb:e9:a5:c0:19:c0:f1:7d:
c9:af:40:a6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUJPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMTI1ODMwWhcNMjUwMjI4MTI1ODMwWjAYMRYw
FAYDVQQDEw02NzkyM2NmYS0wNzBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1tJtdFmTdGp9NHM8VF+dAeo7GfVnGVyxoBXhPBUzQ81d/p5MflL5zjJA
Kro8Fjgv4nrITYp4MzDZAUZ19Wzmuthq1agTb5vrmpp3g2m6cS1A8J/Ky6Ce4rFB
KvZ0g5eAdC1WZ+zhDqmHUa6mV76OJ1DCdh825YpGRvE7BeySzTZl6suOe+UqLqF9
7lDrK4XycDNC8db9nhFKU2CnZlR2X8vHbAxwRpJxU8YIxnbGhRhWkABNfrjnaCIJ
TDmWOMf4QLjr3XB+2H3tXqfUxb204lqLpRBunwC+x6CbbEi/ZOxSg6U8dZcGcEXu
iqQMv2q+IfUpQmGNVxydinuvC4Zk7QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAEm
RB5QrEy9OmguiA3eK/D/pemLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMEEzNDU1MkQ5ODkxMUVGOEJGNzJGOTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsNiMA0GCSqGSIb3DQEB
CwUAA4IBAQAa6IVhj3kI1YxV5mjP46xGbVDbfSU8nK1cY+OJiclWITqXMRVkndAm
uK6eCU+vV5MwiP9meFgwvKAHO5Tlqm/VJfO3PQG3GSIgIsVNs5SZnljC9pTySvTx
OdzmH7NFedE4xUqszjbdUd89MdyATHs4UqyuEn1SkbgmC6dPtFz7yHsCfkx1QOw6
Nw2vvms+33VKd65HZDGV5SjuBANhaCXgLfm/Dmah7L6DTqWuJFxgfxb4RZfqiAE1
N35d3rMMkMqdxirW6x8AanDwtSccUw7RzqjlqbXMIMfId9J1HVp3eYopYVlAvMBn
ECCpX/9G1R2AGQZKy+mlwBnA8X3Jr0Cm
-----END CERTIFICATE-----
Generated at Sat Apr 26 02:04:05 2025 by rpki-client