Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F043FAF6C5CD11EFA638716D762E951A.roa
File: F043FAF6C5CD11EFA638716D762E951A.roa (raw, json)
Hash identifier: 6/NDa2UR+RaWNR1dMrt4MUrzKH9qhRxoaXiOlP/Yk9A=
Subject key identifier: B4:95:DC:DE:5D:4A:00:D5:BD:71:C6:7E:82:18:33:9A:0D:46:69:39
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012D10
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F043FAF6C5CD11EFA638716D762E951A.roa
Signing time: Sun 29 Dec 2024 10:16:16 +0000
ROA not before: Sun 29 Dec 2024 10:16:12 +0000
ROA not after: Sun 02 Feb 2025 10:16:12 +0000
asID: 20473
IP address blocks: 154.196.165.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77072 (0x12d10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Dec 29 10:16:12 2024 GMT
Not After : Feb 2 10:16:12 2025 GMT
Subject: CN=67712170-966e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:30:5d:a6:c3:95:7b:a3:1b:d7:81:11:9b:6d:
39:44:4c:00:0e:80:01:6a:be:09:e2:51:fe:c9:bc:
03:90:dc:e6:89:f0:51:33:ec:ca:73:6b:e4:a9:7c:
07:48:76:37:4b:7a:23:f1:c5:65:bd:cb:38:bc:6a:
06:c5:ef:0e:26:6d:a1:f9:b5:2e:f6:23:63:eb:e0:
f9:10:3e:a9:b7:fe:0d:74:1a:b6:77:d6:71:df:de:
fa:59:4a:ce:39:05:8f:10:24:4e:a6:4d:9e:d1:22:
70:7d:e4:af:6d:fd:35:75:97:cb:84:2d:eb:23:b1:
0a:77:6f:8e:e8:8d:99:5a:0c:c5:c2:59:a7:17:a5:
53:ee:15:d4:6e:99:a5:00:e5:9c:8c:c3:ed:a4:3e:
f5:a4:2c:06:ac:1a:72:9b:dc:b0:b5:83:99:e9:cc:
8f:19:71:a3:8c:f4:6c:96:be:e0:36:59:f9:a3:f4:
41:f8:80:1c:d9:93:68:6e:79:9f:23:39:9c:ab:9b:
44:d3:18:7b:c6:0c:45:ee:3d:91:1e:07:ef:2f:87:
41:d4:3b:ba:f5:ad:20:8f:41:05:30:22:95:a1:93:
b9:ca:a5:8e:00:86:e0:89:57:2e:8f:69:8e:23:b6:
40:73:d2:df:11:80:fa:03:d4:fc:a8:39:7c:e9:9c:
e0:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:95:DC:DE:5D:4A:00:D5:BD:71:C6:7E:82:18:33:9A:0D:46:69:39
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F043FAF6C5CD11EFA638716D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.165.0/24
Signature Algorithm: sha256WithRSAEncryption
38:d2:ea:7a:d3:47:7a:40:93:dd:e9:92:0c:22:f5:51:26:e7:
4d:d4:d6:e9:c1:d8:a4:84:c8:56:fd:50:d6:60:a3:2a:2f:85:
30:96:79:98:b8:44:97:7e:b5:03:87:8e:1a:a8:b1:73:f7:f0:
af:14:7c:6a:5a:dd:58:c3:10:f6:bf:5f:73:a4:2b:8f:57:1e:
47:8e:8e:6f:91:b5:83:aa:1e:60:b4:74:65:da:0a:9f:66:74:
45:6b:6e:fb:0e:6e:fa:29:e1:a5:d6:85:c4:ff:38:2c:81:a9:
ac:7e:31:1e:6d:97:fb:4c:19:05:1f:99:2e:4f:6e:64:06:88:
21:a1:ee:59:1f:ab:2b:be:d0:dc:98:f8:2b:3f:d3:4e:22:29:
24:99:eb:55:5a:0c:26:7c:8e:15:07:3a:bd:d4:20:69:8f:e7:
18:7c:77:fb:fb:bc:46:e0:90:45:9c:b0:d4:1a:87:5f:49:55:
0e:9f:fd:cd:56:6c:74:cc:9f:1a:53:73:07:43:a1:0b:ed:16:
45:38:07:2b:a5:ff:13:67:20:1d:86:36:01:09:0e:cb:ed:ac:
f3:66:25:03:a0:e0:04:66:7b:0e:55:8d:4a:bb:5f:ee:3e:69:
2f:67:d6:e5:6a:d9:19:87:d8:31:79:b8:cc:90:d1:99:30:b8:
38:8f:1e:41
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS0QMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTAxNjEyWhcNMjUwMjAyMTAxNjEyWjAYMRYw
FAYDVQQDEw02NzcxMjE3MC05NjZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5DBdpsOVe6Mb14ERm205REwADoABar4J4lH+ybwDkNzmifBRM+zKc2vk
qXwHSHY3S3oj8cVlvcs4vGoGxe8OJm2h+bUu9iNj6+D5ED6pt/4NdBq2d9Zx3976
WUrOOQWPECROpk2e0SJwfeSvbf01dZfLhC3rI7EKd2+O6I2ZWgzFwlmnF6VT7hXU
bpmlAOWcjMPtpD71pCwGrBpym9ywtYOZ6cyPGXGjjPRslr7gNln5o/RB+IAc2ZNo
bnmfIzmcq5tE0xh7xgxF7j2RHgfvL4dB1Du69a0gj0EFMCKVoZO5yqWOAIbgiVcu
j2mOI7ZAc9LfEYD6A9T8qDl86ZzgLQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLSV
3N5dSgDVvXHGfoIYM5oNRmk5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMDQzRkFGNkM1Q0QxMUVGQTYzODcxNkQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsSlMA0GCSqGSIb3DQEB
CwUAA4IBAQA40up600d6QJPd6ZIMIvVRJudN1NbpwdikhMhW/VDWYKMqL4UwlnmY
uESXfrUDh44aqLFz9/CvFHxqWt1YwxD2v19zpCuPVx5Hjo5vkbWDqh5gtHRl2gqf
ZnRFa277Dm76KeGl1oXE/zgsgamsfjEebZf7TBkFH5kuT25kBoghoe5ZH6srvtDc
mPgrP9NOIikkmetVWgwmfI4VBzq91CBpj+cYfHf7+7xG4JBFnLDUGodfSVUOn/3N
Vmx0zJ8aU3MHQ6EL7RZFOAcrpf8TZyAdhjYBCQ7L7azzZiUDoOAEZnsOVY1Ku1/u
PmkvZ9blatkZh9gxebjMkNGZMLg4jx5B
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:55:54 2025 by rpki-client