Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA193DA6D9CC11EF9FB01353762E951A.roa
File: CA193DA6D9CC11EF9FB01353762E951A.roa (raw, json)
Hash identifier: SVszYXgGhoGoivja6JS6GDgs99d7+/7hoHDjBQU1lm0=
Subject key identifier: C1:72:0D:67:1B:60:1B:39:39:F4:B3:C0:84:7E:D6:68:DB:3E:7C:18
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0142F0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA193DA6D9CC11EF9FB01353762E951A.roa
Signing time: Thu 23 Jan 2025 20:58:26 +0000
ROA not before: Fri 24 Jan 2025 20:58:22 +0000
ROA not after: Fri 28 Feb 2025 20:58:22 +0000
asID: 62240
IP address blocks: 154.196.68.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82672 (0x142f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 20:58:22 2025 GMT
Not After : Feb 28 20:58:22 2025 GMT
Subject: CN=6792ad72-4ca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:bb:5e:6c:20:16:7b:b1:da:c0:ab:bc:2f:be:
31:db:25:71:5c:4f:ab:34:3a:cd:80:ac:2d:f4:98:
ad:e3:ee:45:f6:91:53:38:a4:73:b0:f4:83:82:ee:
b0:7f:4c:97:38:79:b1:30:4e:4f:41:62:c5:f7:44:
1f:78:02:3d:10:62:29:53:73:0f:82:9a:e7:e1:f2:
9f:95:c3:e2:1e:58:d7:4a:c5:27:a9:1f:95:8b:ed:
de:c9:59:5b:9d:21:15:1a:cb:aa:a1:c2:de:bd:74:
92:11:7d:f7:47:9f:5a:28:1a:a3:8b:07:47:af:b5:
dc:bd:1b:50:a5:36:e6:c2:5b:58:40:94:d0:9a:59:
d4:86:a1:4b:e6:db:a0:ed:39:9e:b0:35:bc:3a:2e:
13:f7:89:f7:2d:50:bf:41:e6:e3:4b:6c:3d:8e:a0:
d0:b9:a3:70:89:0d:1e:8a:5a:4a:e8:eb:b5:15:0d:
58:9c:c0:13:cb:a7:95:c4:cf:49:ac:f6:ea:b3:fa:
9d:02:0c:7a:17:02:11:45:47:37:c2:02:20:98:83:
27:8e:fd:fc:e1:ee:98:78:20:4b:a0:d8:79:c1:fd:
0b:f2:61:b9:2b:4a:95:73:6b:d2:a0:b6:a2:aa:98:
6a:4e:31:98:80:cf:19:1e:be:be:89:9d:d9:ca:78:
00:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:72:0D:67:1B:60:1B:39:39:F4:B3:C0:84:7E:D6:68:DB:3E:7C:18
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CA193DA6D9CC11EF9FB01353762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.68.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:3c:d2:1e:6c:ff:fa:1e:77:ff:91:9d:32:72:69:a0:f9:35:
e4:14:66:f2:3c:64:32:9d:7a:ae:78:d5:a8:e6:ce:85:91:b9:
4f:66:5b:43:c7:82:27:2e:d5:c5:f6:4a:0a:fc:79:0f:7c:63:
bf:00:92:67:19:b5:dc:fb:eb:58:ec:26:81:75:12:1e:27:de:
9d:af:7a:13:72:58:f7:30:80:65:a7:14:c0:ba:44:f3:dc:79:
87:27:e3:5d:af:e7:b1:b5:76:bc:50:5c:ce:84:b1:91:2b:c3:
9a:2b:18:75:91:ca:54:e1:61:6a:5c:7f:27:ff:ea:6f:6e:7e:
c9:9d:ac:a6:c3:01:44:5e:5b:eb:fd:b9:fd:9d:68:6f:68:2a:
5d:97:cd:d1:d1:1a:ff:e7:5a:52:15:4a:84:c6:dc:76:f1:1d:
94:f9:93:bf:88:24:e0:1d:88:72:6e:75:a2:98:79:0c:67:6b:
15:bb:55:9e:1f:46:f4:fb:95:66:1e:dd:d6:0f:ac:46:e2:49:
80:6b:6a:a9:ec:5a:d4:38:05:28:22:18:c1:44:08:ad:c5:e7:
10:35:10:23:6d:fe:79:ed:66:1d:3c:0e:bc:99:97:69:4f:1a:
6b:24:a0:cc:27:36:c8:e8:18:95:2d:bf:f6:96:62:c7:2b:3b:
98:5b:f6:f8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAULwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MjA1ODIyWhcNMjUwMjI4MjA1ODIyWjAYMRYw
FAYDVQQDEw02NzkyYWQ3Mi00Y2E2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3rtebCAWe7HawKu8L74x2yVxXE+rNDrNgKwt9Jit4+5F9pFTOKRzsPSD
gu6wf0yXOHmxME5PQWLF90QfeAI9EGIpU3MPgprn4fKflcPiHljXSsUnqR+Vi+3e
yVlbnSEVGsuqocLevXSSEX33R59aKBqjiwdHr7XcvRtQpTbmwltYQJTQmlnUhqFL
5tug7TmesDW8Oi4T94n3LVC/QebjS2w9jqDQuaNwiQ0eilpK6Ou1FQ1YnMATy6eV
xM9JrPbqs/qdAgx6FwIRRUc3wgIgmIMnjv384e6YeCBLoNh5wf0L8mG5K0qVc2vS
oLaiqphqTjGYgM8ZHr6+iZ3ZyngA2wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMFy
DWcbYBs5OfSzwIR+1mjbPnwYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQTE5M0RBNkQ5Q0MxMUVGOUZCMDEzNTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsREMA0GCSqGSIb3DQEB
CwUAA4IBAQB6PNIebP/6Hnf/kZ0ycmmg+TXkFGbyPGQynXqueNWo5s6FkblPZltD
x4InLtXF9koK/HkPfGO/AJJnGbXc++tY7CaBdRIeJ96dr3oTclj3MIBlpxTAukTz
3HmHJ+Ndr+extXa8UFzOhLGRK8OaKxh1kcpU4WFqXH8n/+pvbn7JnaymwwFEXlvr
/bn9nWhvaCpdl83R0Rr/51pSFUqExtx28R2U+ZO/iCTgHYhybnWimHkMZ2sVu1We
H0b0+5VmHt3WD6xG4kmAa2qp7FrUOAUoIhjBRAitxecQNRAjbf557WYdPA68mZdp
TxprJKDMJzbI6BiVLb/2lmLHKzuYW/b4
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:56:19 2025 by rpki-client