Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FD371516DA3811EFBA623BB7762E951A.roa
File: FD371516DA3811EFBA623BB7762E951A.roa (raw, json)
Hash identifier: eMaxHCIj7qq+hxNHytiIk6jGB81BlZTXwfSRYZWzLPU=
Subject key identifier: 6C:69:AF:E5:5D:33:CD:5D:48:08:5E:95:9E:6A:D5:EB:4E:ED:7F:26
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01452D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FD371516DA3811EFBA623BB7762E951A.roa
Signing time: Fri 24 Jan 2025 09:52:57 +0000
ROA not before: Fri 24 Jan 2025 09:52:54 +0000
ROA not after: Wed 05 Mar 2025 09:52:54 +0000
asID: 202656
IP address blocks: 154.219.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83245 (0x1452d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 09:52:54 2025 GMT
Not After : Mar 5 09:52:54 2025 GMT
Subject: CN=679362f9-50a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:54:e5:60:0c:6a:3d:03:60:67:16:58:68:e3:
69:4f:4d:21:2b:db:cb:0f:67:88:13:fc:8d:4b:8c:
c1:83:24:6d:83:66:76:b8:a6:64:01:39:12:10:92:
54:ae:1f:ac:a6:b0:24:ec:ab:fc:75:39:d8:7f:38:
e2:09:5e:fb:26:5f:d0:49:57:0a:4c:19:b4:67:32:
70:0e:8a:9b:85:ac:13:51:1b:7e:28:33:46:62:d7:
5b:30:62:7c:a2:59:8d:57:49:cf:e4:98:f5:c8:90:
3e:80:dc:28:37:2b:71:dc:2b:27:cc:e3:5c:8f:c0:
d0:ca:aa:47:2b:4f:d9:36:62:55:79:12:1f:da:2a:
75:c5:d1:63:0a:ec:d3:57:8b:2d:9d:b1:01:81:df:
35:4d:d6:8f:d2:0a:80:c3:8d:06:43:4a:49:1c:87:
d2:29:df:d8:54:95:73:4f:f4:13:44:61:92:40:8e:
52:74:f5:3c:5c:9e:0b:89:13:0d:4e:ec:f4:60:2e:
13:a8:4d:c7:6a:59:b3:2a:38:df:88:a8:b9:c4:63:
62:bb:fe:f9:52:a9:28:66:84:0a:80:31:a7:92:72:
f0:45:a2:1c:55:dd:a5:50:22:22:9d:3b:88:75:77:
72:ff:32:92:0b:24:5c:f0:1d:b6:7e:5c:90:b0:5b:
5c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:69:AF:E5:5D:33:CD:5D:48:08:5E:95:9E:6A:D5:EB:4E:ED:7F:26
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FD371516DA3811EFBA623BB7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.231.0/24
Signature Algorithm: sha256WithRSAEncryption
15:74:34:2d:8d:e7:93:cf:69:46:90:30:e0:b5:82:b0:49:29:
01:cb:b0:4f:f7:83:39:5c:ef:39:d4:c5:75:33:3d:2c:5f:d7:
7c:50:cb:a3:ca:d1:1e:ea:08:e6:eb:18:d0:1c:41:f6:e0:2c:
d4:59:74:48:54:1e:6e:a1:c2:ec:c3:a1:24:fb:e0:a0:ed:0c:
9b:2e:b1:c9:60:c6:72:04:77:08:59:f9:6e:86:26:31:ab:af:
96:bf:2d:f7:75:1e:fb:e3:3e:95:cc:a6:2b:2d:52:e9:29:15:
0a:56:75:28:20:8f:c6:48:a7:f3:59:3f:aa:2b:5f:d9:14:5c:
28:94:08:03:28:63:72:74:18:b2:19:9e:5f:8d:d0:0e:fe:af:
4d:f1:4e:3f:9b:4b:58:2d:6d:55:4c:02:b3:ee:06:6c:ff:e5:
48:3c:55:ff:d2:9d:a3:50:43:4d:0e:30:fc:30:25:90:68:ea:
36:23:e4:73:ee:b5:98:ac:ee:d6:1d:4c:24:09:44:ad:62:da:
b6:cb:0c:93:45:fb:bf:95:be:18:f4:71:35:16:6f:fb:c8:10:
ef:35:eb:6d:7b:29:1b:ad:54:42:ff:43:c9:02:4f:3b:4b:b8:
ae:d7:c3:7b:4c:f9:d3:e5:b7:03:ed:87:25:22:00:79:03:e2:
8f:94:14:8b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUUtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDk1MjU0WhcNMjUwMzA1MDk1MjU0WjAYMRYw
FAYDVQQDEw02NzkzNjJmOS01MGEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA11TlYAxqPQNgZxZYaONpT00hK9vLD2eIE/yNS4zBgyRtg2Z2uKZkATkS
EJJUrh+sprAk7Kv8dTnYfzjiCV77Jl/QSVcKTBm0ZzJwDoqbhawTURt+KDNGYtdb
MGJ8olmNV0nP5Jj1yJA+gNwoNytx3CsnzONcj8DQyqpHK0/ZNmJVeRIf2ip1xdFj
CuzTV4stnbEBgd81TdaP0gqAw40GQ0pJHIfSKd/YVJVzT/QTRGGSQI5SdPU8XJ4L
iRMNTuz0YC4TqE3HalmzKjjfiKi5xGNiu/75UqkoZoQKgDGnknLwRaIcVd2lUCIi
nTuIdXdy/zKSCyRc8B22flyQsFtcRwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGxp
r+VdM81dSAhelZ5q1etO7X8mMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GRDM3MTUxNkRBMzgxMUVGQkE2MjNCQjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtvnMA0GCSqGSIb3DQEB
CwUAA4IBAQAVdDQtjeeTz2lGkDDgtYKwSSkBy7BP94M5XO851MV1Mz0sX9d8UMuj
ytEe6gjm6xjQHEH24CzUWXRIVB5uocLsw6Ek++Cg7QybLrHJYMZyBHcIWfluhiYx
q6+Wvy33dR774z6VzKYrLVLpKRUKVnUoII/GSKfzWT+qK1/ZFFwolAgDKGNydBiy
GZ5fjdAO/q9N8U4/m0tYLW1VTAKz7gZs/+VIPFX/0p2jUENNDjD8MCWQaOo2I+Rz
7rWYrO7WHUwkCUStYtq2ywyTRfu/lb4Y9HE1Fm/7yBDvNetteykbrVRC/0PJAk87
S7iu18N7TPnT5bcD7YclIgB5A+KPlBSL
-----END CERTIFICATE-----
Generated at Sun Apr 27 07:32:39 2025 by rpki-client