Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DCF02D82D95D11EF982E7F72762E951A.roa
File: DCF02D82D95D11EF982E7F72762E951A.roa (raw, json)
Hash identifier: D+2PvFJfXmeHGiJYi8SWLxDEoz2FMfJkPXXeJTcvkYc=
Subject key identifier: 78:CB:AA:FA:97:12:DC:B4:D0:F1:7E:20:39:28:E3:D2:A0:FF:CC:A8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014051
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DCF02D82D95D11EF982E7F72762E951A.roa
Signing time: Thu 23 Jan 2025 07:44:23 +0000
ROA not before: Thu 23 Jan 2025 07:44:20 +0000
ROA not after: Sat 08 Feb 2025 07:44:20 +0000
asID: 18229
IP address blocks: 154.210.169.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82001 (0x14051)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 23 07:44:20 2025 GMT
Not After : Feb 8 07:44:20 2025 GMT
Subject: CN=6791f357-7bfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:35:5d:29:f3:43:2f:89:a3:66:4a:5c:e9:a5:
22:5b:7b:ec:0d:7b:dd:63:09:2a:80:a3:bd:95:ab:
e6:67:f4:fc:a2:c7:02:51:53:27:90:5f:09:4b:c7:
14:d2:21:c0:0d:44:15:4e:a1:ef:28:76:bf:50:88:
a5:0c:51:2c:83:a4:0f:c5:5e:05:2e:27:d1:02:ce:
fe:c0:b9:5c:d6:a2:09:03:77:e4:c6:b2:81:44:d0:
9c:dc:02:a1:49:e5:0e:4b:f5:60:57:b4:ba:ea:9a:
aa:a1:39:86:1b:26:17:9b:1d:15:48:37:13:a7:58:
43:d7:6e:81:b0:0c:d0:59:0f:0b:af:17:c1:21:a1:
cc:e2:74:82:8b:e6:06:18:52:87:66:8e:45:86:f2:
fb:22:79:0b:17:fb:d2:2b:df:7e:90:d7:85:99:b3:
8b:ad:31:d8:72:b1:6a:8a:7a:6c:15:0c:dd:68:48:
0b:8e:b4:82:4c:44:fc:73:36:6c:bc:cd:ea:51:d7:
c4:25:53:ae:aa:e1:ff:22:c6:08:7f:f4:ce:9a:77:
d8:b9:03:10:9a:45:4a:ed:56:32:15:59:a4:e1:45:
05:8c:bc:ff:66:bc:90:0e:b1:bb:38:dc:f7:0d:db:
49:9c:f2:52:4b:90:1f:43:4c:21:bb:91:dd:e1:b8:
8d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:CB:AA:FA:97:12:DC:B4:D0:F1:7E:20:39:28:E3:D2:A0:FF:CC:A8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DCF02D82D95D11EF982E7F72762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.169.0/24
Signature Algorithm: sha256WithRSAEncryption
68:15:74:b8:e9:e4:15:c1:6d:64:1b:9c:63:74:71:7b:81:2c:
db:29:c4:58:2f:02:75:65:2f:5d:44:a7:9f:b6:09:86:cb:dd:
7a:db:59:37:df:c0:99:5b:2e:ad:50:d3:4d:83:e9:f6:33:0f:
1c:1e:38:41:72:16:90:3c:64:46:4c:b5:18:f1:d0:89:73:69:
04:43:be:2c:ef:fe:ba:df:4f:17:0f:5e:7b:d1:18:ad:01:90:
19:d6:96:ca:ae:5a:39:b9:c5:ed:74:2f:71:ef:9e:0c:57:95:
a1:c4:21:e3:1c:dd:ed:e8:c6:3e:87:fb:53:42:f3:bc:88:51:
ac:de:37:ec:aa:66:ff:68:cf:2e:57:07:7a:f0:d8:07:60:14:
4a:88:c1:5b:52:63:b0:55:26:8f:df:69:68:c7:11:d2:29:34:
e9:b0:61:ee:58:56:81:c9:19:32:ea:38:93:11:7c:00:53:e4:
50:17:51:e8:a1:6b:52:60:5a:f8:7b:a3:55:f9:e9:32:c6:be:
81:3b:52:81:14:12:42:e2:b3:2f:bb:96:29:35:10:50:b5:59:
58:74:77:1c:4e:3f:8f:2c:4e:21:c6:0d:59:c4:38:dd:a7:2a:
b1:db:c0:d3:ab:0d:0b:2f:a5:de:6a:03:74:f5:51:f3:2b:f8:
ec:13:4b:43
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUBRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMDc0NDIwWhcNMjUwMjA4MDc0NDIwWjAYMRYw
FAYDVQQDEw02NzkxZjM1Ny03YmZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqTVdKfNDL4mjZkpc6aUiW3vsDXvdYwkqgKO9lavmZ/T8oscCUVMnkF8J
S8cU0iHADUQVTqHvKHa/UIilDFEsg6QPxV4FLifRAs7+wLlc1qIJA3fkxrKBRNCc
3AKhSeUOS/VgV7S66pqqoTmGGyYXmx0VSDcTp1hD126BsAzQWQ8LrxfBIaHM4nSC
i+YGGFKHZo5FhvL7InkLF/vSK99+kNeFmbOLrTHYcrFqinpsFQzdaEgLjrSCTET8
czZsvM3qUdfEJVOuquH/IsYIf/TOmnfYuQMQmkVK7VYyFVmk4UUFjLz/ZryQDrG7
ONz3DdtJnPJSS5AfQ0whu5Hd4biNqQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHjL
qvqXEty00PF+IDko49Kg/8yoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQ0YwMkQ4MkQ5NUQxMUVGOTgyRTdGNzI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtKpMA0GCSqGSIb3DQEB
CwUAA4IBAQBoFXS46eQVwW1kG5xjdHF7gSzbKcRYLwJ1ZS9dRKeftgmGy91621k3
38CZWy6tUNNNg+n2Mw8cHjhBchaQPGRGTLUY8dCJc2kEQ74s7/66308XD1570Rit
AZAZ1pbKrlo5ucXtdC9x754MV5WhxCHjHN3t6MY+h/tTQvO8iFGs3jfsqmb/aM8u
Vwd68NgHYBRKiMFbUmOwVSaP32loxxHSKTTpsGHuWFaByRky6jiTEXwAU+RQF1Ho
oWtSYFr4e6NV+ekyxr6BO1KBFBJC4rMvu5YpNRBQtVlYdHccTj+PLE4hxg1ZxDjd
pyqx28DTqw0LL6XeagN09VHzK/jsE0tD
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:42:45 2025 by rpki-client