Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F681CFD6D98411EF99E41C79762E951A.roa
File: F681CFD6D98411EF99E41C79762E951A.roa (raw, json)
Hash identifier: qtpIZ4ZRqSbaCS5SA5YCMu8b0MBJYHmsJzY09kS7qaQ=
Subject key identifier: 8B:BA:F1:DC:39:A6:B8:46:94:C7:D9:05:14:45:A6:A5:F7:19:04:5F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01420D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F681CFD6D98411EF99E41C79762E951A.roa
Signing time: Thu 23 Jan 2025 12:24:17 +0000
ROA not before: Thu 23 Jan 2025 12:24:12 +0000
ROA not after: Thu 13 Mar 2025 12:24:12 +0000
asID: 138915
IP address blocks: 154.203.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82445 (0x1420d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 23 12:24:12 2025 GMT
Not After : Mar 13 12:24:12 2025 GMT
Subject: CN=679234f1-ab3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:2d:d8:65:ad:a5:b7:10:3f:5e:aa:e3:81:08:
11:98:8d:1f:66:34:98:66:f9:33:b1:08:d2:21:39:
bc:55:a8:9a:84:41:e5:8d:9c:0c:3a:3c:bf:f4:62:
99:29:6e:9b:c5:f7:20:1a:1f:b8:4e:b8:e5:ab:1b:
5f:1e:21:39:76:80:36:1b:f2:73:3d:09:19:38:41:
59:66:ab:d0:80:28:53:1f:b5:ff:28:3a:30:16:ed:
8d:ea:3e:62:b7:d9:e8:a9:98:9b:74:4a:6f:d1:21:
85:c7:46:c0:ef:b7:1c:ab:03:7c:a4:76:ce:3d:57:
f7:e1:5c:58:a2:85:c6:31:01:c0:b1:a1:0e:5a:7e:
b1:72:30:90:74:55:2f:89:80:f3:69:4e:e0:c4:de:
03:02:02:af:2c:5b:e1:a0:25:98:ed:37:e9:eb:dc:
7d:ac:b4:97:53:d4:fa:7c:8f:a7:75:c8:35:77:b1:
9f:ab:9f:ab:e8:18:0f:a4:fa:c3:73:db:1e:b9:cd:
88:9d:c2:02:4e:30:1c:33:c5:cc:62:62:4c:88:51:
f6:64:f7:f0:1c:7e:04:18:55:b9:82:bc:86:df:3a:
ed:f8:56:b8:6e:80:9a:79:6b:7a:e4:fd:96:70:fc:
06:a5:10:06:56:1a:c5:b8:a8:ad:de:da:86:35:ce:
0e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:BA:F1:DC:39:A6:B8:46:94:C7:D9:05:14:45:A6:A5:F7:19:04:5F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F681CFD6D98411EF99E41C79762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.152.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:a3:7f:89:c2:93:65:48:58:6b:1f:7f:ed:30:cc:83:c2:5c:
b1:d9:18:eb:23:74:79:2c:f7:53:b7:8c:01:d5:ed:f0:56:2f:
2a:00:46:2f:1a:fa:b3:b7:a7:59:25:eb:fa:88:4c:fa:bd:92:
3f:47:c3:e6:d2:e3:a8:a3:4b:59:1e:b2:67:29:ea:26:33:d1:
17:35:ce:c8:46:9f:04:c2:54:e0:8d:28:6d:a8:2b:e3:d4:2f:
b1:72:b5:58:d6:ac:c4:78:fc:fd:68:a8:17:b0:75:e9:9b:9e:
79:e9:6c:e8:67:6f:9d:c5:58:f3:1b:88:8a:c0:3c:22:af:46:
2a:1a:12:8d:c9:f5:8c:ad:35:f1:4a:0b:27:d2:3b:92:66:e5:
12:62:cd:06:11:2d:f0:5d:81:1e:ae:b9:95:14:1f:aa:bd:17:
c8:64:98:b7:e1:db:a7:e7:02:78:48:9b:9b:2c:28:e0:ed:f3:
fa:02:b5:85:31:e9:62:04:47:ac:78:51:34:8c:be:f6:0a:39:
8a:2b:8a:67:3b:f8:3e:6f:92:f9:75:55:67:64:94:9c:21:27:
18:2a:ff:ee:b5:f7:da:69:01:5b:80:3d:85:e1:bb:55:29:9d:
1d:5f:46:5f:ff:5c:a0:8f:87:20:90:bb:c2:a7:bf:3a:98:7a:
50:e7:e2:25
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUINMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMTIyNDEyWhcNMjUwMzEzMTIyNDEyWjAYMRYw
FAYDVQQDEw02NzkyMzRmMS1hYjNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6i3YZa2ltxA/XqrjgQgRmI0fZjSYZvkzsQjSITm8VaiahEHljZwMOjy/
9GKZKW6bxfcgGh+4TrjlqxtfHiE5doA2G/JzPQkZOEFZZqvQgChTH7X/KDowFu2N
6j5it9noqZibdEpv0SGFx0bA77ccqwN8pHbOPVf34VxYooXGMQHAsaEOWn6xcjCQ
dFUviYDzaU7gxN4DAgKvLFvhoCWY7Tfp69x9rLSXU9T6fI+ndcg1d7Gfq5+r6BgP
pPrDc9seuc2IncICTjAcM8XMYmJMiFH2ZPfwHH4EGFW5gryG3zrt+Fa4boCaeWt6
5P2WcPwGpRAGVhrFuKit3tqGNc4O6wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIu6
8dw5prhGlMfZBRRFpqX3GQRfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNjgxQ0ZENkQ5ODQxMUVGOTlFNDFDNzk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsuYMA0GCSqGSIb3DQEB
CwUAA4IBAQAco3+JwpNlSFhrH3/tMMyDwlyx2RjrI3R5LPdTt4wB1e3wVi8qAEYv
Gvqzt6dZJev6iEz6vZI/R8Pm0uOoo0tZHrJnKeomM9EXNc7IRp8EwlTgjShtqCvj
1C+xcrVY1qzEePz9aKgXsHXpm5556WzoZ2+dxVjzG4iKwDwir0YqGhKNyfWMrTXx
Sgsn0juSZuUSYs0GES3wXYEerrmVFB+qvRfIZJi34dun5wJ4SJubLCjg7fP6ArWF
MeliBEeseFE0jL72CjmKK4pnO/g+b5L5dVVnZJScIScYKv/utffaaQFbgD2F4btV
KZ0dX0Zf/1ygj4cgkLvCp786mHpQ5+Il
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:58:50 2025 by rpki-client