Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F2CD45A8DA6711EFBA651977762E951A.roa
File: F2CD45A8DA6711EFBA651977762E951A.roa (raw, json)
Hash identifier: WtLNg3fmCfwOdPPTLzpQHLiLuIDxI2hA+jY0UeJESJY=
Subject key identifier: 32:95:8C:32:53:9B:9A:4B:59:EB:DF:FF:93:FD:9B:36:5F:7C:17:5C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0148A8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F2CD45A8DA6711EFBA651977762E951A.roa
Signing time: Fri 24 Jan 2025 15:29:06 +0000
ROA not before: Fri 24 Jan 2025 15:29:02 +0000
ROA not after: Mon 03 Mar 2025 15:29:02 +0000
asID: 203020
IP address blocks: 154.223.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84136 (0x148a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 15:29:02 2025 GMT
Not After : Mar 3 15:29:02 2025 GMT
Subject: CN=6793b1c2-e658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:51:4f:d2:01:40:69:08:d2:70:9d:2c:05:83:
fb:2e:d5:7c:7e:a5:88:fb:20:ce:97:c2:4c:a3:17:
4a:27:e5:92:4b:62:56:59:8c:a9:0a:29:63:ea:ff:
e7:01:f6:fb:6f:46:78:78:9b:f8:5e:a3:cb:f6:68:
e5:f6:00:81:4d:56:2f:7c:b6:40:15:ba:13:4e:df:
95:61:29:08:c3:ae:4c:9b:0d:98:63:b5:f2:45:f8:
fd:fb:70:c3:6a:18:37:cc:bc:a8:1c:06:ec:7b:95:
c6:e4:dc:08:37:bd:61:bd:c1:0a:38:a0:e6:f4:8f:
6d:ff:54:9e:ee:be:ac:88:cf:42:dd:a7:78:cb:28:
90:9e:59:c4:9f:2a:b8:63:e8:19:c8:87:1b:3c:d2:
c2:67:e6:a1:cc:6c:2e:45:8a:97:fb:33:56:07:de:
6f:08:3b:53:06:a9:a9:c5:65:59:cb:9b:5e:14:54:
1d:90:f3:ca:60:d2:a1:06:45:fd:34:f1:4a:53:69:
b0:2f:a2:93:33:3f:ec:3a:2c:65:12:4c:62:04:88:
66:ad:74:9f:12:a1:9d:bb:b5:ac:1d:50:9f:0c:50:
3e:07:95:1f:d4:26:cd:52:57:38:3b:b5:6c:06:1b:
15:43:75:de:90:fa:03:6a:5a:ce:3c:a2:ba:75:1a:
43:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:95:8C:32:53:9B:9A:4B:59:EB:DF:FF:93:FD:9B:36:5F:7C:17:5C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F2CD45A8DA6711EFBA651977762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.143.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:a0:2b:fd:9e:37:84:cd:2e:b4:e5:34:c1:4a:d0:af:30:27:
28:5f:68:6b:f2:e1:3e:04:51:4d:69:68:70:d9:16:c8:58:76:
9c:f9:7a:2c:3d:0a:0a:27:f1:4d:3b:25:d0:38:db:a0:78:12:
69:90:fe:c8:48:bc:1c:3c:bb:9d:5c:ca:b3:5d:eb:20:85:de:
d1:99:4f:00:2a:aa:59:a4:37:78:32:c6:c9:88:46:cb:6c:c8:
cf:8c:06:df:ca:41:f8:86:62:0e:04:2e:b2:3a:0e:d5:5a:3c:
a7:92:36:77:a5:7a:6d:5c:96:96:61:5a:6c:9a:88:ec:4c:24:
37:39:63:94:4e:ad:15:7d:f7:35:34:4a:87:c6:f4:2c:21:39:
0b:7d:70:ca:26:b8:40:33:a5:33:4a:ec:6e:02:22:9f:55:70:
09:20:8f:bd:69:cc:7b:6c:96:b7:ca:b5:a5:1a:f0:82:d4:73:
03:72:3d:f3:ac:c9:7b:e6:e9:9f:08:c5:4b:7f:1c:f6:f0:ef:
e9:8a:a4:5b:c7:48:15:fb:0b:96:ac:15:da:d1:cf:a8:af:e9:
22:b6:a7:0e:d0:1c:61:56:83:ae:c1:c4:70:c6:b5:be:9e:84:
04:bb:25:48:ef:4e:30:07:43:7b:82:59:11:85:f3:3c:3a:9f:
b7:32:6f:10
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUioMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTUyOTAyWhcNMjUwMzAzMTUyOTAyWjAYMRYw
FAYDVQQDEw02NzkzYjFjMi1lNjU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsFFP0gFAaQjScJ0sBYP7LtV8fqWI+yDOl8JMoxdKJ+WSS2JWWYypCilj
6v/nAfb7b0Z4eJv4XqPL9mjl9gCBTVYvfLZAFboTTt+VYSkIw65Mmw2YY7XyRfj9
+3DDahg3zLyoHAbse5XG5NwIN71hvcEKOKDm9I9t/1Se7r6siM9C3ad4yyiQnlnE
nyq4Y+gZyIcbPNLCZ+ahzGwuRYqX+zNWB95vCDtTBqmpxWVZy5teFFQdkPPKYNKh
BkX9NPFKU2mwL6KTMz/sOixlEkxiBIhmrXSfEqGdu7WsHVCfDFA+B5Uf1CbNUlc4
O7VsBhsVQ3XekPoDalrOPKK6dRpDRwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDKV
jDJTm5pLWevf/5P9mzZffBdcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMkNENDVBOERBNjcxMUVGQkE2NTE5Nzc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt+PMA0GCSqGSIb3DQEB
CwUAA4IBAQDXoCv9njeEzS605TTBStCvMCcoX2hr8uE+BFFNaWhw2RbIWHac+Xos
PQoKJ/FNOyXQONugeBJpkP7ISLwcPLudXMqzXesghd7RmU8AKqpZpDd4MsbJiEbL
bMjPjAbfykH4hmIOBC6yOg7VWjynkjZ3pXptXJaWYVpsmojsTCQ3OWOUTq0Vffc1
NEqHxvQsITkLfXDKJrhAM6UzSuxuAiKfVXAJII+9acx7bJa3yrWlGvCC1HMDcj3z
rMl75umfCMVLfxz28O/piqRbx0gV+wuWrBXa0c+or+kitqcO0BxhVoOuwcRwxrW+
noQEuyVI704wB0N7glkRhfM8Op+3Mm8Q
-----END CERTIFICATE-----
Generated at Fri Apr 25 16:40:53 2025 by rpki-client