Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F33E0228D8B611EF85B40E8E762E951A.roa
File: F33E0228D8B611EF85B40E8E762E951A.roa (raw, json)
Hash identifier: jHosfaqyxbABn4PGRy0XCH9GN4RvO42RtN7pc9Bf+9s=
Subject key identifier: BF:10:00:60:70:90:66:20:DA:EA:7F:DC:FF:18:7B:94:C3:83:09:99
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013F14
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F33E0228D8B611EF85B40E8E762E951A.roa
Signing time: Wed 22 Jan 2025 11:49:35 +0000
ROA not before: Wed 22 Jan 2025 11:49:31 +0000
ROA not after: Sat 08 Feb 2025 11:49:31 +0000
asID: 18229
IP address blocks: 154.210.205.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81684 (0x13f14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 22 11:49:31 2025 GMT
Not After : Feb 8 11:49:31 2025 GMT
Subject: CN=6790db4f-a00c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2e:c3:ce:9c:87:d3:e3:51:a6:e1:db:f8:da:
3c:c6:02:3f:e4:53:1f:e8:6c:7d:bc:a2:dc:08:1c:
a7:1e:48:8b:9a:f8:9b:c5:a7:7d:f0:11:53:83:57:
e5:ae:5c:88:25:bb:17:da:92:ba:d0:54:6f:54:eb:
33:53:dd:4d:c7:c8:d9:2e:fc:cb:07:41:05:28:ce:
8d:ca:80:d0:45:9b:f8:bd:f0:c4:f1:24:0e:19:0c:
99:c1:da:3c:6e:63:a9:e7:7a:27:83:89:73:68:bc:
54:bf:41:64:a5:46:d8:57:92:72:2f:d8:b7:09:05:
e0:aa:6e:47:bf:bb:bf:f4:38:b8:83:33:f0:c8:64:
7e:c1:90:92:03:2b:82:54:7e:f6:f6:be:fb:fe:32:
d9:56:d7:13:d2:75:16:e3:5d:67:36:ca:aa:f5:4a:
fe:44:ee:c6:fc:51:a3:76:43:b9:da:60:13:70:b2:
b5:3f:1c:ec:b9:a9:de:f0:08:a9:65:d6:18:8e:ea:
9e:7e:e6:11:d2:84:42:b7:0f:fe:70:85:9f:b4:88:
1d:36:c5:36:82:50:4c:3d:df:62:30:13:22:c5:9d:
85:72:82:35:75:9d:e2:33:d2:bd:83:c8:86:6d:1b:
1f:4d:d1:e5:25:00:7e:fc:92:55:6f:f0:40:35:ed:
70:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:10:00:60:70:90:66:20:DA:EA:7F:DC:FF:18:7B:94:C3:83:09:99
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F33E0228D8B611EF85B40E8E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.205.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:f4:4d:44:7c:4d:33:d6:26:0f:1d:c5:20:46:99:48:51:d0:
53:1c:f7:16:39:81:e4:56:e1:86:ca:00:2c:7e:f5:ee:86:ae:
6e:a5:a9:b1:a1:a0:8d:e5:3e:93:59:b2:3c:5e:92:9f:e2:4a:
ea:5b:40:c1:f8:e1:45:76:88:e2:69:1e:e0:0a:fe:40:31:40:
1b:1f:64:d6:a2:76:6f:ab:6a:b3:69:7e:9b:a8:d7:8d:70:48:
93:f4:e8:51:7f:fe:42:3a:35:9d:86:b3:49:65:cc:18:ad:c1:
55:f4:d2:7d:0f:cc:2d:c4:f1:c8:f5:96:0e:a2:95:3b:79:5a:
61:c8:8b:51:da:3b:d1:93:ef:81:51:2e:5e:dd:ba:5f:56:8f:
dc:ea:da:2f:7f:b3:9c:a4:9d:1e:d9:21:cc:b0:8e:ee:67:c5:
fa:02:93:3f:ee:89:50:5c:c2:da:62:db:73:92:b8:5b:3f:b9:
87:b3:05:c3:5d:ac:61:d0:4e:97:84:d8:3e:c3:ef:db:dc:6f:
6d:ce:3d:69:cd:5a:98:7a:8a:e6:02:49:0a:24:fe:86:57:d5:
ba:87:59:0f:35:f4:f2:45:6d:58:06:24:98:17:8d:ae:b5:b8:
b3:95:ef:75:0b:4f:6c:b7:4d:b5:de:88:a6:75:ac:ab:71:de:
f2:21:ce:3b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT8UMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIyMTE0OTMxWhcNMjUwMjA4MTE0OTMxWjAYMRYw
FAYDVQQDEw02NzkwZGI0Zi1hMDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0S7DzpyH0+NRpuHb+No8xgI/5FMf6Gx9vKLcCBynHkiLmvibxad98BFT
g1flrlyIJbsX2pK60FRvVOszU91Nx8jZLvzLB0EFKM6NyoDQRZv4vfDE8SQOGQyZ
wdo8bmOp53ong4lzaLxUv0FkpUbYV5JyL9i3CQXgqm5Hv7u/9Di4gzPwyGR+wZCS
AyuCVH729r77/jLZVtcT0nUW411nNsqq9Ur+RO7G/FGjdkO52mATcLK1Pxzsuane
8AipZdYYjuqefuYR0oRCtw/+cIWftIgdNsU2glBMPd9iMBMixZ2FcoI1dZ3iM9K9
g8iGbRsfTdHlJQB+/JJVb/BANe1wXQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL8Q
AGBwkGYg2up/3P8Ye5TDgwmZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMzNFMDIyOEQ4QjYxMUVGODVCNDBFOEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtLNMA0GCSqGSIb3DQEB
CwUAA4IBAQCl9E1EfE0z1iYPHcUgRplIUdBTHPcWOYHkVuGGygAsfvXuhq5upamx
oaCN5T6TWbI8XpKf4krqW0DB+OFFdojiaR7gCv5AMUAbH2TWonZvq2qzaX6bqNeN
cEiT9OhRf/5COjWdhrNJZcwYrcFV9NJ9D8wtxPHI9ZYOopU7eVphyItR2jvRk++B
US5e3bpfVo/c6tovf7OcpJ0e2SHMsI7uZ8X6ApM/7olQXMLaYttzkrhbP7mHswXD
Xaxh0E6XhNg+w+/b3G9tzj1pzVqYeormAkkKJP6GV9W6h1kPNfTyRW1YBiSYF42u
tbizle91C09st0213oimdayrcd7yIc47
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:53:20 2025 by rpki-client