Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CB2FD980D97611EFBBDA299A762E951A.roa
File: CB2FD980D97611EFBBDA299A762E951A.roa (raw, json)
Hash identifier: nReDFmxcLcSYLcBwcVkvb9l/tSChQJBwJy04IkMefYU=
Subject key identifier: 6D:8A:7A:6D:9C:DF:3A:39:30:15:EC:3B:4F:C4:16:68:91:C9:B3:C1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014143
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CB2FD980D97611EFBBDA299A762E951A.roa
Signing time: Thu 23 Jan 2025 10:42:51 +0000
ROA not before: Thu 23 Jan 2025 10:42:47 +0000
ROA not after: Thu 13 Mar 2025 10:42:47 +0000
asID: 138915
IP address blocks: 154.203.148.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82243 (0x14143)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 23 10:42:47 2025 GMT
Not After : Mar 13 10:42:47 2025 GMT
Subject: CN=67921d2b-ede0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:36:3b:0f:cd:9a:09:51:09:2a:3f:6c:ed:c9:
e9:31:fe:68:41:6f:00:28:c2:48:d8:b7:c5:04:bb:
17:ce:cb:bd:bf:b1:8e:c7:80:d1:45:85:a3:87:44:
40:34:b6:2a:db:9b:1b:44:bb:cc:15:6e:b6:c3:74:
9b:ad:11:12:7c:51:46:eb:36:ea:b3:ff:7b:c9:83:
3e:dd:5c:21:d2:ca:ec:c2:32:dc:a4:2b:13:4d:3c:
b4:7c:d7:59:9e:59:0c:80:f4:95:1f:30:35:8c:21:
3a:45:fd:7d:69:76:d3:a8:9d:68:6d:02:3f:57:9c:
dc:e6:71:e3:3d:a7:98:cc:7b:27:1f:58:d3:78:0d:
3b:b4:8a:1e:fd:5d:a8:eb:de:ff:4f:04:31:cd:37:
af:b1:b2:af:06:b2:df:74:5f:df:d3:e4:f7:45:df:
f6:4b:22:c5:3e:15:b1:b8:6b:8b:67:1d:57:a4:a8:
b7:94:93:e7:8d:ba:88:f3:87:16:a5:cc:f2:77:fb:
26:e1:10:8d:77:a0:f0:90:13:1b:e8:23:fe:4c:42:
5c:0c:38:84:68:ed:57:1b:00:3f:1f:4e:8d:a2:f0:
2a:11:35:4a:af:9d:60:24:32:a3:b7:25:03:85:d8:
76:19:93:7a:b6:10:24:ae:bf:7f:07:23:fa:d6:b6:
04:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:8A:7A:6D:9C:DF:3A:39:30:15:EC:3B:4F:C4:16:68:91:C9:B3:C1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CB2FD980D97611EFBBDA299A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.148.0/24
Signature Algorithm: sha256WithRSAEncryption
42:c5:07:14:00:82:9b:40:39:eb:d2:4c:c6:42:b9:47:f1:56:
ab:78:76:c4:64:f6:d8:3d:18:ec:db:58:92:47:6f:70:48:c4:
da:31:8e:2f:cf:c3:7e:04:f2:b1:a2:17:b5:a1:82:b2:5d:a6:
b3:87:26:f6:98:d7:e5:a6:7d:31:61:fd:9a:15:a6:7b:41:d4:
e7:4d:92:55:29:52:29:c8:8d:db:af:21:b8:7c:e9:5a:81:18:
69:25:cf:a4:00:c7:ec:57:a0:4e:af:03:31:55:25:a0:76:a2:
d3:76:04:a0:98:72:ef:2c:38:45:06:c1:e6:a4:52:8f:49:ab:
a5:76:74:27:9a:af:4b:ce:0b:04:97:88:b7:ce:27:cb:fc:c0:
97:46:bb:ee:83:48:df:92:01:d6:86:08:a0:81:ca:81:b7:ea:
6e:19:0c:a0:04:84:d5:1d:79:6a:64:b9:06:5c:a0:06:76:73:
13:87:60:5f:32:51:93:b3:7c:05:c1:30:72:31:5d:43:55:3a:
3d:ae:a4:92:bb:4e:5c:14:bd:ec:2d:65:a0:2f:67:84:af:b1:
cd:41:ff:7a:1a:69:46:a7:bf:4e:a9:d5:50:81:3d:5b:ea:f0:
fa:0b:8f:8e:68:ea:44:49:22:5f:09:1f:0f:5e:56:6f:7c:a0:
a1:d7:a0:2a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUFDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMTA0MjQ3WhcNMjUwMzEzMTA0MjQ3WjAYMRYw
FAYDVQQDEw02NzkyMWQyYi1lZGUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtzY7D82aCVEJKj9s7cnpMf5oQW8AKMJI2LfFBLsXzsu9v7GOx4DRRYWj
h0RANLYq25sbRLvMFW62w3SbrRESfFFG6zbqs/97yYM+3Vwh0srswjLcpCsTTTy0
fNdZnlkMgPSVHzA1jCE6Rf19aXbTqJ1obQI/V5zc5nHjPaeYzHsnH1jTeA07tIoe
/V2o697/TwQxzTevsbKvBrLfdF/f0+T3Rd/2SyLFPhWxuGuLZx1XpKi3lJPnjbqI
84cWpczyd/sm4RCNd6DwkBMb6CP+TEJcDDiEaO1XGwA/H06NovAqETVKr51gJDKj
tyUDhdh2GZN6thAkrr9/ByP61rYEgQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFG2K
em2c3zo5MBXsO0/EFmiRybPBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQjJGRDk4MEQ5NzYxMUVGQkJEQTI5OUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsuUMA0GCSqGSIb3DQEB
CwUAA4IBAQBCxQcUAIKbQDnr0kzGQrlH8VareHbEZPbYPRjs21iSR29wSMTaMY4v
z8N+BPKxohe1oYKyXaazhyb2mNflpn0xYf2aFaZ7QdTnTZJVKVIpyI3bryG4fOla
gRhpJc+kAMfsV6BOrwMxVSWgdqLTdgSgmHLvLDhFBsHmpFKPSauldnQnmq9LzgsE
l4i3zifL/MCXRrvug0jfkgHWhgiggcqBt+puGQygBITVHXlqZLkGXKAGdnMTh2Bf
MlGTs3wFwTByMV1DVTo9rqSSu05cFL3sLWWgL2eEr7HNQf96GmlGp79OqdVQgT1b
6vD6C4+OaOpESSJfCR8PXlZvfKCh16Aq
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:42:41 2025 by rpki-client