Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EA2BD32ECCCA11EFA499AF59762E951A.roa
File: EA2BD32ECCCA11EFA499AF59762E951A.roa (raw, json)
Hash identifier: xwi3Y62YxNREV9PRTsRdk3+n4RyBL0664CbFNuP+fYM=
Subject key identifier: 0D:41:11:6C:F2:D4:53:B3:CC:76:9E:A5:B3:D2:2F:7B:DB:7B:E6:3C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01365D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EA2BD32ECCCA11EFA499AF59762E951A.roa
Signing time: Tue 07 Jan 2025 07:42:16 +0000
ROA not before: Tue 07 Jan 2025 07:42:12 +0000
ROA not after: Thu 13 Feb 2025 07:42:12 +0000
asID: 203020
IP address blocks: 154.209.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79453 (0x1365d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 7 07:42:12 2025 GMT
Not After : Feb 13 07:42:12 2025 GMT
Subject: CN=677cdad7-5075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c5:57:84:59:30:71:a6:dd:42:24:d8:d7:d4:
20:5c:57:81:7c:bb:82:e5:e9:c0:8e:70:e3:bd:e0:
27:07:96:46:ef:67:14:33:01:94:34:0b:f5:12:ec:
d0:ab:e5:14:6a:bd:12:41:6c:06:24:b2:ed:02:fe:
13:3a:9d:84:fb:7b:98:81:cc:d7:7b:87:d9:1e:6f:
e1:24:fe:79:6a:cf:02:d3:f0:65:1e:13:7f:b2:44:
35:58:d0:ce:98:7f:1c:df:08:a0:c7:12:57:01:e4:
49:33:83:19:96:9c:b4:ab:80:e1:4b:e4:51:78:01:
46:97:8b:bd:04:b0:d3:65:23:3d:ff:d0:33:88:ce:
6b:d7:38:41:e9:46:62:58:d8:a6:b5:cb:c1:25:4a:
74:a4:61:de:19:4a:84:79:26:aa:09:5f:fa:4a:0e:
5c:c0:06:8d:49:df:dd:25:58:fc:6d:5c:fd:e0:ad:
f5:6c:8b:2f:22:ee:ce:5e:0d:57:44:41:97:83:ef:
cd:e8:e0:31:13:82:3a:33:67:f9:21:ec:69:b9:9f:
e7:5c:eb:ed:c4:99:53:f5:75:41:e4:0a:85:1f:5a:
a8:e5:0c:d5:a0:4f:3e:1e:1c:56:50:3d:55:d8:7a:
86:b6:6e:5e:c1:98:f4:6f:05:d1:a4:d8:15:9a:04:
b2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:41:11:6C:F2:D4:53:B3:CC:76:9E:A5:B3:D2:2F:7B:DB:7B:E6:3C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EA2BD32ECCCA11EFA499AF59762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.250.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:d7:eb:a9:eb:70:27:8f:30:c1:20:d0:b6:f1:12:e4:a5:68:
07:7d:ae:3a:a5:a0:1f:0f:f0:c7:08:4f:a7:d7:a2:d1:30:3b:
4e:69:38:35:99:27:e6:ae:8f:83:61:a1:db:fb:9f:3d:54:c3:
bd:06:ce:ae:c8:6f:28:ec:ec:a2:5c:f5:e7:a1:1f:61:c9:f9:
30:27:85:13:a7:dd:5e:51:d2:3a:b3:4c:44:d6:48:9f:9d:cf:
25:b4:75:96:2d:4d:8c:18:d0:99:88:54:6e:18:df:59:33:57:
0d:a8:c0:f3:45:c7:89:0c:cc:4f:7c:bd:b4:24:b3:db:e2:6f:
49:4d:96:b8:04:d9:d3:cc:a7:38:22:53:7c:45:aa:3b:2f:8a:
44:0b:c7:e3:aa:6e:9f:2d:2c:1d:eb:a8:0b:2d:d8:15:7e:4f:
9b:bb:3b:40:55:81:65:0c:63:06:1f:9c:f1:84:69:24:b9:6b:
35:db:d0:1f:71:03:a0:49:84:96:87:b9:13:18:de:25:64:b9:
37:25:00:a5:59:55:ce:c5:50:f2:9c:0d:4a:bb:76:21:6f:c6:
87:e3:83:70:35:78:45:86:fe:a4:e1:3d:42:76:2d:94:8b:ea:
6f:0d:f5:31:6b:84:41:91:ae:72:46:fc:bf:44:19:3d:6c:f8:
fc:04:67:0a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATZdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA3MDc0MjEyWhcNMjUwMjEzMDc0MjEyWjAYMRYw
FAYDVQQDEw02NzdjZGFkNy01MDc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAosVXhFkwcabdQiTY19QgXFeBfLuC5enAjnDjveAnB5ZG72cUMwGUNAv1
EuzQq+UUar0SQWwGJLLtAv4TOp2E+3uYgczXe4fZHm/hJP55as8C0/BlHhN/skQ1
WNDOmH8c3wigxxJXAeRJM4MZlpy0q4DhS+RReAFGl4u9BLDTZSM9/9AziM5r1zhB
6UZiWNimtcvBJUp0pGHeGUqEeSaqCV/6Sg5cwAaNSd/dJVj8bVz94K31bIsvIu7O
Xg1XREGXg+/N6OAxE4I6M2f5IexpuZ/nXOvtxJlT9XVB5AqFH1qo5QzVoE8+HhxW
UD1V2HqGtm5ewZj0bwXRpNgVmgSy3wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFA1B
EWzy1FOzzHaepbPSL3vbe+Y8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FQTJCRDMyRUNDQ0ExMUVGQTQ5OUFGNTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtH6MA0GCSqGSIb3DQEB
CwUAA4IBAQBs1+up63AnjzDBINC28RLkpWgHfa46paAfD/DHCE+n16LRMDtOaTg1
mSfmro+DYaHb+589VMO9Bs6uyG8o7OyiXPXnoR9hyfkwJ4UTp91eUdI6s0xE1kif
nc8ltHWWLU2MGNCZiFRuGN9ZM1cNqMDzRceJDMxPfL20JLPb4m9JTZa4BNnTzKc4
IlN8Rao7L4pEC8fjqm6fLSwd66gLLdgVfk+buztAVYFlDGMGH5zxhGkkuWs129Af
cQOgSYSWh7kTGN4lZLk3JQClWVXOxVDynA1Ku3Yhb8aH44NwNXhFhv6k4T1Cdi2U
i+pvDfUxa4RBka5yRvy/RBk9bPj8BGcK
-----END CERTIFICATE-----
Generated at Fri Apr 25 16:44:11 2025 by rpki-client