Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FFEEC93ED96111EF935DED8D762E951A.roa
File: FFEEC93ED96111EF935DED8D762E951A.roa (raw, json)
Hash identifier: YtPPsp+bkcglNjIED3fQ+mH1m7DHI+9bd1O2RwaA+ww=
Subject key identifier: A0:75:21:8C:E8:0E:1A:B3:16:83:E0:D5:B8:B1:B1:17:0A:54:EF:F8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014071
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FFEEC93ED96111EF935DED8D762E951A.roa
Signing time: Thu 23 Jan 2025 08:14:00 +0000
ROA not before: Thu 23 Jan 2025 08:13:57 +0000
ROA not after: Sat 08 Feb 2025 08:13:57 +0000
asID: 18229
IP address blocks: 154.210.185.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82033 (0x14071)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 23 08:13:57 2025 GMT
Not After : Feb 8 08:13:57 2025 GMT
Subject: CN=6791fa48-0a48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2d:b2:c0:dc:dd:7f:36:b0:fb:56:b8:87:d4:
14:55:2e:57:6b:4a:e2:51:51:0d:46:54:98:b8:c2:
b2:0b:95:fd:9e:77:79:01:40:29:ec:a2:cf:97:e2:
43:84:fe:d0:c0:45:f4:34:fe:0a:48:20:4b:ba:5e:
30:d1:66:1e:5b:cc:2c:82:9d:43:7a:13:d2:74:3a:
82:09:b2:7a:1a:a1:ab:a9:46:29:0f:21:bd:ab:07:
a8:72:90:76:19:0e:71:f3:ce:42:9a:5e:8c:81:28:
3e:5f:e4:a0:a3:52:db:1b:a8:b2:0e:7e:97:ef:77:
ed:06:a7:d4:da:94:ee:e4:56:76:f2:d6:4c:57:6d:
b6:43:c7:93:60:0b:cb:46:a5:e8:1e:9b:88:39:3d:
72:c3:98:82:6d:11:4b:58:f8:2d:0f:b5:fa:71:44:
ef:c3:98:b1:e4:00:9f:e9:2e:39:1b:d8:ff:52:22:
45:47:1a:fa:41:36:e4:3c:1b:b5:10:a2:3b:0e:b5:
9c:36:30:c3:0a:cc:b7:15:44:76:2c:20:d2:3f:f7:
9b:50:88:cf:b6:1e:89:da:d8:9b:3d:5c:3c:b0:20:
d8:46:8e:e4:ab:96:46:5a:3f:bd:57:f1:75:32:d5:
03:03:e4:4d:58:7d:c5:d0:c7:59:fd:cf:ba:f5:55:
c0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:75:21:8C:E8:0E:1A:B3:16:83:E0:D5:B8:B1:B1:17:0A:54:EF:F8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FFEEC93ED96111EF935DED8D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.185.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:ce:81:10:f1:e9:80:47:4d:84:4c:42:f5:0a:03:5c:c1:9d:
b5:5d:27:eb:e6:37:11:e6:46:c3:82:f3:9d:9e:36:46:08:06:
b0:62:08:e1:0f:8e:43:bf:33:b9:21:a8:a3:1a:e4:34:57:89:
48:d5:c3:bb:b8:64:d8:68:25:ed:15:8c:d5:7f:f8:77:44:ea:
ef:18:d0:0a:f1:8e:91:43:fd:86:61:79:ce:fa:4a:16:46:0c:
f4:e1:6e:50:b5:87:18:1d:10:21:f5:69:13:44:1c:61:e0:00:
4c:67:b8:06:8a:8b:d2:00:24:14:c2:06:2d:75:83:d5:94:3d:
c2:13:ef:73:3b:29:5f:56:84:59:94:af:33:3a:5a:1f:ab:cc:
f1:43:e8:bf:b3:4b:bc:26:48:07:d9:ec:25:1f:13:c3:70:e0:
80:7b:95:53:a4:36:31:e9:df:b1:c0:18:d0:be:47:3f:26:17:
bb:3f:02:33:9b:fd:9f:17:da:9d:62:03:30:dc:50:20:e1:b9:
9a:4f:6a:04:cb:50:36:1f:98:0f:60:8c:2e:85:8d:9c:03:37:
3b:52:ac:cf:c9:91:1b:4b:18:63:5b:42:bc:5e:d2:a4:0b:ab:
3a:16:73:9d:99:4e:b1:8e:ea:39:02:2c:b7:8b:a3:7d:66:c2:
f0:c0:4d:6c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUBxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMDgxMzU3WhcNMjUwMjA4MDgxMzU3WjAYMRYw
FAYDVQQDEw02NzkxZmE0OC0wYTQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0S2ywNzdfzaw+1a4h9QUVS5Xa0riUVENRlSYuMKyC5X9nnd5AUAp7KLP
l+JDhP7QwEX0NP4KSCBLul4w0WYeW8wsgp1DehPSdDqCCbJ6GqGrqUYpDyG9qweo
cpB2GQ5x885Cml6MgSg+X+Sgo1LbG6iyDn6X73ftBqfU2pTu5FZ28tZMV222Q8eT
YAvLRqXoHpuIOT1yw5iCbRFLWPgtD7X6cUTvw5ix5ACf6S45G9j/UiJFRxr6QTbk
PBu1EKI7DrWcNjDDCsy3FUR2LCDSP/ebUIjPth6J2tibPVw8sCDYRo7kq5ZGWj+9
V/F1MtUDA+RNWH3F0MdZ/c+69VXAvwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKB1
IYzoDhqzFoPg1bixsRcKVO/4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GRkVFQzkzRUQ5NjExMUVGOTM1REVEOEQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtK5MA0GCSqGSIb3DQEB
CwUAA4IBAQCazoEQ8emAR02ETEL1CgNcwZ21XSfr5jcR5kbDgvOdnjZGCAawYgjh
D45DvzO5IaijGuQ0V4lI1cO7uGTYaCXtFYzVf/h3ROrvGNAK8Y6RQ/2GYXnO+koW
Rgz04W5QtYcYHRAh9WkTRBxh4ABMZ7gGiovSACQUwgYtdYPVlD3CE+9zOylfVoRZ
lK8zOlofq8zxQ+i/s0u8JkgH2ewlHxPDcOCAe5VTpDYx6d+xwBjQvkc/Jhe7PwIz
m/2fF9qdYgMw3FAg4bmaT2oEy1A2H5gPYIwuhY2cAzc7UqzPyZEbSxhjW0K8XtKk
C6s6FnOdmU6xjuo5Aiy3i6N9ZsLwwE1s
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:42:55 2025 by rpki-client