Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C412D636DA3C11EFB03D9B50762E951A.roa
File: C412D636DA3C11EFB03D9B50762E951A.roa (raw, json)
Hash identifier: CLWle09iKP3KIuHih+FW8w3arECZHhQGck+5NJpbKzk=
Subject key identifier: 87:E1:CF:DA:75:AF:0E:8B:4F:D8:40:5A:0A:96:75:F4:30:37:1B:02
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014576
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C412D636DA3C11EFB03D9B50762E951A.roa
Signing time: Fri 24 Jan 2025 10:19:59 +0000
ROA not before: Fri 24 Jan 2025 10:19:56 +0000
ROA not after: Wed 05 Mar 2025 10:19:56 +0000
asID: 202656
IP address blocks: 154.219.246.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83318 (0x14576)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 10:19:56 2025 GMT
Not After : Mar 5 10:19:56 2025 GMT
Subject: CN=6793694f-eaa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c9:ac:40:d1:48:71:12:5c:9f:5e:d4:b0:c1:
34:47:9d:c1:b0:18:4f:2b:25:87:d4:68:32:14:87:
6f:b7:ae:e7:46:c6:22:4f:65:92:b0:85:e2:d8:4a:
4c:4c:b6:fc:b0:66:ef:39:e5:c1:61:bd:53:66:74:
a3:f4:d0:a7:88:de:aa:08:10:3e:98:6e:74:a8:0d:
b0:1f:0b:3f:ba:26:58:2a:84:32:29:aa:b5:ac:de:
6c:d1:e0:fb:14:0c:21:9d:af:78:94:6d:8a:ed:12:
f5:92:4b:0a:f9:2d:16:b5:9a:e6:fb:9c:1f:10:58:
b2:67:29:b6:eb:a3:1c:b3:0d:35:fb:78:ed:0d:2f:
86:6d:70:45:17:bf:3c:a3:8a:78:1a:e2:47:0e:a4:
f1:92:5f:31:15:6d:76:9d:db:85:95:f1:61:4f:ca:
d5:29:57:6b:4d:c2:18:56:42:0c:ca:b0:6c:0e:af:
7e:a7:16:d0:75:52:5b:84:08:59:a2:e1:2b:11:1a:
e1:97:5c:78:c7:03:00:7b:db:81:50:d5:d4:28:71:
f5:f7:10:c0:1f:ab:c5:80:04:42:38:90:05:bf:da:
c4:7d:07:77:71:c9:ee:79:82:73:da:c9:f1:da:37:
9c:b9:07:b0:e3:4a:91:c7:3f:94:94:0a:a5:da:c4:
44:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:E1:CF:DA:75:AF:0E:8B:4F:D8:40:5A:0A:96:75:F4:30:37:1B:02
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C412D636DA3C11EFB03D9B50762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.246.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:2c:69:49:06:a9:f0:56:80:6e:27:e1:9d:a0:66:25:a5:f1:
5a:6e:78:47:02:09:05:4d:dd:55:c0:89:f0:99:41:93:b2:b4:
66:0c:45:b8:b4:e5:49:e8:b5:32:93:7f:56:93:18:d0:02:39:
f2:38:6f:86:7b:48:33:49:5e:64:b9:71:7b:ee:10:a4:0a:45:
4d:29:7b:17:32:a1:ec:01:e7:29:4e:a4:5a:47:ca:de:95:be:
90:b6:ed:ce:d4:57:af:e6:04:6b:ba:57:70:2e:50:e6:df:ca:
6e:68:59:4c:50:2e:a9:7b:dd:c9:ba:04:dd:d7:1d:84:fb:99:
54:5e:d3:20:b7:c7:9d:b2:94:18:56:b7:b7:ff:63:15:dc:7c:
32:14:6e:89:2e:f2:08:cd:17:f5:25:2a:63:86:d1:f5:a8:29:
e0:22:6b:60:0b:96:4b:8a:91:80:ea:0e:f5:d0:0e:ef:66:16:
06:4f:17:db:d9:06:16:8d:b5:71:14:0c:de:60:f6:7a:5c:b9:
0a:a6:2e:7b:cb:21:3b:16:13:94:ee:bf:2d:18:58:b6:0c:9c:
cc:03:d3:a0:9a:e0:e1:25:6c:c7:d6:8a:32:42:35:8d:2c:71:
ae:43:bd:fc:77:63:c5:c2:c6:8e:c5:3d:ac:42:58:61:ad:a3:
40:a3:59:fb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUV2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTAxOTU2WhcNMjUwMzA1MTAxOTU2WjAYMRYw
FAYDVQQDEw02NzkzNjk0Zi1lYWEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAusmsQNFIcRJcn17UsME0R53BsBhPKyWH1GgyFIdvt67nRsYiT2WSsIXi
2EpMTLb8sGbvOeXBYb1TZnSj9NCniN6qCBA+mG50qA2wHws/uiZYKoQyKaq1rN5s
0eD7FAwhna94lG2K7RL1kksK+S0WtZrm+5wfEFiyZym266Mcsw01+3jtDS+GbXBF
F788o4p4GuJHDqTxkl8xFW12nduFlfFhT8rVKVdrTcIYVkIMyrBsDq9+pxbQdVJb
hAhZouErERrhl1x4xwMAe9uBUNXUKHH19xDAH6vFgARCOJAFv9rEfQd3ccnueYJz
2snx2jecuQew40qRxz+UlAql2sRESQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIfh
z9p1rw6LT9hAWgqWdfQwNxsCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNDEyRDYzNkRBM0MxMUVGQjAzRDlCNTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtv2MA0GCSqGSIb3DQEB
CwUAA4IBAQCbLGlJBqnwVoBuJ+GdoGYlpfFabnhHAgkFTd1VwInwmUGTsrRmDEW4
tOVJ6LUyk39WkxjQAjnyOG+Ge0gzSV5kuXF77hCkCkVNKXsXMqHsAecpTqRaR8re
lb6Qtu3O1Fev5gRruldwLlDm38puaFlMUC6pe93JugTd1x2E+5lUXtMgt8edspQY
Vre3/2MV3HwyFG6JLvIIzRf1JSpjhtH1qCngImtgC5ZLipGA6g710A7vZhYGTxfb
2QYWjbVxFAzeYPZ6XLkKpi57yyE7FhOU7r8tGFi2DJzMA9OgmuDhJWzH1ooyQjWN
LHGuQ738d2PFwsaOxT2sQlhhraNAo1n7
-----END CERTIFICATE-----
Generated at Sun Apr 27 09:45:49 2025 by rpki-client