Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D858E1E8DA3311EFBB934A93762E951A.roa
File: D858E1E8DA3311EFBB934A93762E951A.roa (raw, json)
Hash identifier: QYxQbPj/nrJ9JrcPvkvPNDCWlVNc2kxNb+99dKr+r5M=
Subject key identifier: 87:2F:73:1C:E0:27:AB:B8:43:ED:DF:79:E4:70:6A:29:5C:6A:E1:F4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0144D0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D858E1E8DA3311EFBB934A93762E951A.roa
Signing time: Fri 24 Jan 2025 09:16:08 +0000
ROA not before: Fri 24 Jan 2025 09:16:04 +0000
ROA not after: Fri 28 Feb 2025 09:16:04 +0000
asID: 62240
IP address blocks: 154.195.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83152 (0x144d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 09:16:04 2025 GMT
Not After : Feb 28 09:16:04 2025 GMT
Subject: CN=67935a58-14d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:27:37:22:52:e2:4c:00:fe:72:9d:41:63:0e:
78:24:3a:af:8f:96:43:a4:e4:0b:6f:f4:f7:99:68:
6d:80:e9:e5:f7:90:7c:94:0a:fb:5b:ff:f6:04:b2:
34:0a:8b:4f:b2:a6:95:5b:37:41:4f:56:ed:63:31:
3c:3d:52:9e:85:0a:92:ca:6e:a4:bd:f3:7e:b7:dc:
14:4b:38:10:c8:91:9b:2a:80:7e:46:7b:bc:fd:0a:
cc:77:5c:bd:d9:fa:f9:8a:24:ab:cb:4c:28:d6:9c:
d5:9b:87:1f:c4:e4:6c:4b:f1:04:74:17:04:5c:f3:
de:58:e6:78:17:eb:da:8a:be:03:e6:b4:49:d2:b4:
dc:fc:b3:d0:09:ab:70:6a:d5:29:da:1b:64:ef:73:
d3:16:c2:04:7b:48:0b:4a:2c:39:de:65:2c:02:d9:
5e:81:fe:01:99:35:4d:99:34:14:e5:9e:a6:65:52:
eb:7b:b9:b1:f1:23:cf:b3:cf:0c:5b:f9:db:dc:e3:
53:dc:73:bb:76:bb:76:06:2f:a4:ac:8c:f2:3f:ac:
f6:c5:6f:c9:e7:de:89:cb:10:e6:92:35:41:d0:18:
10:38:2b:09:54:c4:33:ab:8c:68:d1:d7:99:98:8c:
84:d1:2b:6c:59:e9:39:ec:54:f8:5c:90:50:c3:44:
38:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:2F:73:1C:E0:27:AB:B8:43:ED:DF:79:E4:70:6A:29:5C:6A:E1:F4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D858E1E8DA3311EFBB934A93762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.158.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:a4:62:15:c0:2f:44:a2:87:7e:b2:1b:10:c0:12:73:f3:a4:
e0:30:f6:ab:6b:af:0b:78:9d:14:46:1f:28:1b:11:af:88:32:
ea:91:9d:8a:9b:fa:e3:ea:66:30:e8:f0:b2:d0:71:38:a7:99:
84:24:98:50:4a:93:23:c5:25:7c:54:e1:6e:5c:e2:7a:72:e8:
3a:89:49:df:36:14:a6:40:51:d6:a5:0b:68:b9:88:01:9a:69:
52:f4:44:b4:29:e3:0b:0d:79:8f:95:f2:d5:33:98:69:c5:6c:
bd:b1:ef:09:6d:20:81:51:5a:3b:4f:01:4c:29:cb:e7:d0:aa:
ed:02:23:37:57:10:36:75:ab:1c:0e:3e:89:b6:f3:f7:83:9a:
5e:5e:ff:6b:36:58:3a:b2:39:72:42:10:1c:0e:04:43:e5:70:
17:04:3e:12:52:bb:b6:63:b4:1a:4c:96:8c:0c:0d:31:06:4a:
c4:f7:7e:e5:d2:a5:49:b1:4a:af:5c:bd:1d:2b:43:54:05:c6:
41:ab:87:f7:d0:3f:fe:a2:d1:d6:fa:be:da:c7:76:92:6d:85:
ae:96:a9:4e:5f:b6:71:a7:ff:dd:9a:31:7d:da:2d:ed:3a:98:
91:59:84:ad:fb:27:d2:c6:89:74:93:22:6b:e2:3e:80:55:f3:
e0:4d:f5:0e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUTQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDkxNjA0WhcNMjUwMjI4MDkxNjA0WjAYMRYw
FAYDVQQDEw02NzkzNWE1OC0xNGQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuSc3IlLiTAD+cp1BYw54JDqvj5ZDpOQLb/T3mWhtgOnl95B8lAr7W//2
BLI0CotPsqaVWzdBT1btYzE8PVKehQqSym6kvfN+t9wUSzgQyJGbKoB+Rnu8/QrM
d1y92fr5iiSry0wo1pzVm4cfxORsS/EEdBcEXPPeWOZ4F+vair4D5rRJ0rTc/LPQ
CatwatUp2htk73PTFsIEe0gLSiw53mUsAtlegf4BmTVNmTQU5Z6mZVLre7mx8SPP
s88MW/nb3ONT3HO7drt2Bi+krIzyP6z2xW/J596JyxDmkjVB0BgQOCsJVMQzq4xo
0deZmIyE0StsWek57FT4XJBQw0Q4NQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIcv
cxzgJ6u4Q+3feeRwailcauH0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EODU4RTFFOERBMzMxMUVGQkI5MzRBOTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsOeMA0GCSqGSIb3DQEB
CwUAA4IBAQBPpGIVwC9Eood+shsQwBJz86TgMPara68LeJ0URh8oGxGviDLqkZ2K
m/rj6mYw6PCy0HE4p5mEJJhQSpMjxSV8VOFuXOJ6cug6iUnfNhSmQFHWpQtouYgB
mmlS9ES0KeMLDXmPlfLVM5hpxWy9se8JbSCBUVo7TwFMKcvn0KrtAiM3VxA2dasc
Dj6JtvP3g5peXv9rNlg6sjlyQhAcDgRD5XAXBD4SUru2Y7QaTJaMDA0xBkrE937l
0qVJsUqvXL0dK0NUBcZBq4f30D/+otHW+r7ax3aSbYWulqlOX7Zxp//dmjF92i3t
OpiRWYSt+yfSxol0kyJr4j6AVfPgTfUO
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:39:45 2025 by rpki-client