Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF31637EDB2311EF8359AB6E762E951A.roa
File: CF31637EDB2311EF8359AB6E762E951A.roa (raw, json)
Hash identifier: QFEyiSKBvZoay62/MSVTUbo6D9hz5AnqNEZwoRLWFJI=
Subject key identifier: A5:E4:69:3E:F5:67:CD:69:6A:D6:FA:60:04:62:BE:30:A7:43:F9:6F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0149AC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF31637EDB2311EF8359AB6E762E951A.roa
Signing time: Sat 25 Jan 2025 13:53:52 +0000
ROA not before: Sat 25 Jan 2025 13:53:48 +0000
ROA not after: Tue 04 Feb 2025 13:53:48 +0000
asID: 5065
IP address blocks: 154.207.144.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84396 (0x149ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 25 13:53:48 2025 GMT
Not After : Feb 4 13:53:48 2025 GMT
Subject: CN=6794ecf0-4e76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:29:4d:60:5e:c0:5e:ab:73:46:0d:24:c3:f9:
83:e6:92:2c:fc:54:49:7c:3a:3c:81:2e:e5:cf:73:
f3:05:c7:39:22:9d:d5:cf:42:c1:00:6b:da:34:14:
28:77:fb:7b:aa:2b:81:f9:68:a5:62:98:0d:1e:4f:
fc:da:9f:ea:89:d3:e8:6a:d1:12:b4:59:6a:f8:32:
e3:15:44:5c:7f:83:4b:6c:02:bf:30:07:1d:aa:9a:
e2:15:0e:39:51:21:1c:23:1d:b0:94:2a:68:a7:99:
79:a4:85:ee:1b:d0:5e:7e:9a:82:b1:3c:15:cc:f3:
6f:44:57:b9:36:c4:e1:a9:1b:e5:67:70:e8:48:96:
c3:6e:82:6e:15:e0:97:97:7f:cd:33:c6:d9:3e:dd:
5b:63:91:7e:f5:78:dd:5d:c8:70:23:f3:ba:4c:ab:
20:c8:af:67:a1:26:bc:ab:f9:39:c8:76:0f:1b:e0:
86:f8:5d:dd:47:44:ec:d7:f1:d0:81:ee:31:e0:0f:
8f:0f:05:e2:93:05:0c:c0:42:89:40:9a:02:00:a9:
ea:ce:25:ed:4c:4c:c7:65:49:8e:60:1c:9e:af:d0:
32:3d:2b:50:74:35:fb:5d:ad:a6:0d:58:59:8f:52:
d4:81:16:af:0d:4c:0d:5c:1e:70:7e:7f:26:1d:e9:
c1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:E4:69:3E:F5:67:CD:69:6A:D6:FA:60:04:62:BE:30:A7:43:F9:6F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF31637EDB2311EF8359AB6E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.144.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:e1:fa:d5:b5:6a:3e:a5:72:31:35:2a:a5:d8:0f:13:e2:86:
19:db:9a:df:86:38:ca:32:84:0e:60:93:31:30:97:7a:6a:1f:
03:1d:63:d5:05:64:27:0c:d8:e6:5c:a3:1b:74:1c:b8:a4:30:
5c:68:16:7e:5d:8d:cc:91:3a:64:c9:fe:6a:48:64:17:fe:b8:
83:8f:26:4a:e9:d6:36:48:b2:d5:41:03:47:db:ec:ae:2d:d8:
73:ee:fb:3f:67:6c:4f:9c:40:10:fb:2c:bb:fe:19:62:36:e9:
a7:15:07:b6:c8:58:59:51:99:06:7c:2d:3a:e5:83:31:2c:ed:
82:c3:24:46:9e:91:35:03:d9:a2:42:27:1d:94:8d:98:b4:91:
89:3a:f7:3c:ee:7b:8f:24:7f:8b:13:84:4e:40:f8:4a:13:d5:
ff:96:45:bd:59:57:24:1d:63:9e:04:1d:20:58:05:dc:be:b2:
db:a4:d5:59:ee:6f:48:22:06:63:bb:7b:9e:ce:7e:ff:8e:8c:
a7:d3:42:6a:d5:87:c2:e7:ba:21:c3:1d:d4:f3:79:8f:cd:18:
91:64:e7:a0:4d:ea:2a:21:98:4a:03:2f:49:7d:b7:e7:75:ab:
ef:c6:ef:11:e7:0c:a1:29:84:7a:a5:da:a7:73:d8:b7:b2:e9:
03:20:bc:67
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUmsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI1MTM1MzQ4WhcNMjUwMjA0MTM1MzQ4WjAYMRYw
FAYDVQQDEw02Nzk0ZWNmMC00ZTc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzSlNYF7AXqtzRg0kw/mD5pIs/FRJfDo8gS7lz3PzBcc5Ip3Vz0LBAGva
NBQod/t7qiuB+WilYpgNHk/82p/qidPoatEStFlq+DLjFURcf4NLbAK/MAcdqpri
FQ45USEcIx2wlCpop5l5pIXuG9BefpqCsTwVzPNvRFe5NsThqRvlZ3DoSJbDboJu
FeCXl3/NM8bZPt1bY5F+9XjdXchwI/O6TKsgyK9noSa8q/k5yHYPG+CG+F3dR0Ts
1/HQge4x4A+PDwXikwUMwEKJQJoCAKnqziXtTEzHZUmOYByer9AyPStQdDX7Xa2m
DVhZj1LUgRavDUwNXB5wfn8mHenBPwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKXk
aT71Z81patb6YARivjCnQ/lvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRjMxNjM3RURCMjMxMUVGODM1OUFCNkU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms+QMA0GCSqGSIb3DQEB
CwUAA4IBAQC44frVtWo+pXIxNSql2A8T4oYZ25rfhjjKMoQOYJMxMJd6ah8DHWPV
BWQnDNjmXKMbdBy4pDBcaBZ+XY3MkTpkyf5qSGQX/riDjyZK6dY2SLLVQQNH2+yu
Ldhz7vs/Z2xPnEAQ+yy7/hliNumnFQe2yFhZUZkGfC065YMxLO2CwyRGnpE1A9mi
QicdlI2YtJGJOvc87nuPJH+LE4ROQPhKE9X/lkW9WVckHWOeBB0gWAXcvrLbpNVZ
7m9IIgZju3uezn7/joyn00Jq1YfC57ohwx3U83mPzRiRZOegTeoqIZhKAy9Jfbfn
davvxu8R5wyhKYR6pdqnc9i3sukDILxn
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:23:59 2025 by rpki-client