Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D4F1F172D96E11EFA66CE262762E951A.roa
File: D4F1F172D96E11EFA66CE262762E951A.roa (raw, json)
Hash identifier: hj18q0N8TBFYfKfe0LDl/8rIb7FW1koCeFHJougtHmQ=
Subject key identifier: A4:8F:8F:C9:82:C3:BD:70:F2:BE:F6:39:D7:1C:2E:A0:16:F2:1C:1B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0140FC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D4F1F172D96E11EFA66CE262762E951A.roa
Signing time: Thu 23 Jan 2025 09:45:52 +0000
ROA not before: Thu 23 Jan 2025 09:45:48 +0000
ROA not after: Fri 28 Feb 2025 09:45:48 +0000
asID: 62240
IP address blocks: 154.194.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82172 (0x140fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 23 09:45:48 2025 GMT
Not After : Feb 28 09:45:48 2025 GMT
Subject: CN=67920fcf-dba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4d:9d:20:18:ce:fb:4b:2a:73:69:1d:97:ff:
19:2d:3a:08:8e:98:cd:df:12:98:04:30:4b:a5:7c:
74:10:6a:19:a1:3d:62:bc:2e:35:23:45:cc:18:7b:
95:74:85:06:fb:33:9e:5a:8d:74:de:77:dc:78:dd:
a0:b9:0c:ab:6f:e9:54:90:b9:e5:ea:ff:ab:24:d7:
ce:3a:f4:c5:85:99:da:75:ac:0c:6d:60:61:9a:11:
0a:a6:90:50:4c:f4:05:03:b9:de:cd:d3:e7:37:f2:
88:ea:32:10:94:5a:8c:0d:67:d5:4f:cf:b2:c1:0c:
e2:49:f4:1d:9f:11:dc:c5:c6:6b:ab:e1:17:ec:72:
05:a8:69:0d:36:84:71:83:6a:bc:fa:24:4a:a9:91:
41:65:c3:37:e4:76:8a:e3:d8:78:d9:93:35:50:92:
df:73:9f:32:e7:96:c4:0f:69:02:57:10:f0:8f:94:
0e:9c:ad:6f:b8:eb:d5:2c:6f:4b:43:92:15:95:c2:
c2:97:49:fe:85:a8:c0:80:ed:99:8c:71:1c:11:09:
6d:1c:da:87:db:a6:de:e1:0d:39:25:0a:e7:17:93:
20:ff:70:50:46:52:bf:38:ce:46:0a:a4:89:5d:7c:
73:b5:e1:43:c2:e9:3a:df:8b:31:2f:c2:6c:80:c1:
53:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:8F:8F:C9:82:C3:BD:70:F2:BE:F6:39:D7:1C:2E:A0:16:F2:1C:1B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D4F1F172D96E11EFA66CE262762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.120.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:18:b5:91:60:6a:80:30:81:86:87:52:df:53:97:66:e4:02:
8b:c9:ea:95:e7:70:b3:4f:67:dd:93:7c:75:78:16:b5:80:9e:
f8:a5:71:50:80:fc:1e:1d:62:6b:06:55:ab:cf:fa:38:94:54:
d1:fd:27:b8:07:24:3e:85:3e:1a:ae:cf:30:95:6e:51:c0:e8:
f2:e4:52:3e:23:51:b7:ec:9e:cf:c0:8a:58:31:ca:6f:e0:49:
10:ff:cd:cd:17:03:b2:c7:98:fa:b1:a1:92:7e:e0:6f:40:18:
d7:da:b0:7c:dd:91:a4:3e:94:3c:d9:fa:6b:c2:7a:24:cd:24:
a5:96:6d:14:d4:e7:79:87:0c:cb:d6:6f:62:4a:3b:04:b4:04:
42:a9:64:20:74:fd:97:78:f0:f4:37:9d:f8:86:41:65:5f:6f:
07:ad:4f:b3:a4:7b:0a:96:b0:02:24:8d:22:4f:93:74:fd:c9:
d3:9e:e6:55:a9:9a:a5:ab:89:44:37:82:c8:8a:d1:e0:4b:98:
e2:2c:08:98:1a:27:df:40:72:84:0c:ca:09:d2:41:91:8a:7a:
35:02:ac:46:fe:18:c4:ad:0f:b5:91:e4:90:26:40:a6:50:38:
9c:bc:e3:6d:94:e2:57:0f:ea:89:ca:b4:12:48:96:03:9c:9f:
51:d2:78:00
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUD8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMDk0NTQ4WhcNMjUwMjI4MDk0NTQ4WjAYMRYw
FAYDVQQDEw02NzkyMGZjZi1kYmExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlU2dIBjO+0sqc2kdl/8ZLToIjpjN3xKYBDBLpXx0EGoZoT1ivC41I0XM
GHuVdIUG+zOeWo103nfceN2guQyrb+lUkLnl6v+rJNfOOvTFhZnadawMbWBhmhEK
ppBQTPQFA7nezdPnN/KI6jIQlFqMDWfVT8+ywQziSfQdnxHcxcZrq+EX7HIFqGkN
NoRxg2q8+iRKqZFBZcM35HaK49h42ZM1UJLfc58y55bED2kCVxDwj5QOnK1vuOvV
LG9LQ5IVlcLCl0n+hajAgO2ZjHEcEQltHNqH26be4Q05JQrnF5Mg/3BQRlK/OM5G
CqSJXXxzteFDwuk634sxL8JsgMFTywIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKSP
j8mCw71w8r72OdccLqAW8hwbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENEYxRjE3MkQ5NkUxMUVGQTY2Q0UyNjI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsJ4MA0GCSqGSIb3DQEB
CwUAA4IBAQCxGLWRYGqAMIGGh1LfU5dm5AKLyeqV53CzT2fdk3x1eBa1gJ74pXFQ
gPweHWJrBlWrz/o4lFTR/Se4ByQ+hT4ars8wlW5RwOjy5FI+I1G37J7PwIpYMcpv
4EkQ/83NFwOyx5j6saGSfuBvQBjX2rB83ZGkPpQ82fprwnokzSSllm0U1Od5hwzL
1m9iSjsEtARCqWQgdP2XePD0N534hkFlX28HrU+zpHsKlrACJI0iT5N0/cnTnuZV
qZqlq4lEN4LIitHgS5jiLAiYGiffQHKEDMoJ0kGRino1AqxG/hjErQ+1keSQJkCm
UDicvONtlOJXD+qJyrQSSJYDnJ9R0ngA
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:01:18 2025 by rpki-client