Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14DD96B2C8B011EF8C7DCE42762E951A.roa
File: 14DD96B2C8B011EF8C7DCE42762E951A.roa (raw, json)
Hash identifier: LYxjvrIBPYWys4WZCPQxy41uqm2U8tVNdBuV0u9PyVA=
Subject key identifier: 1E:DE:31:78:99:2C:47:A9:F2:AA:93:72:9D:A5:DA:5A:7D:0A:E0:DE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0131A0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14DD96B2C8B011EF8C7DCE42762E951A.roa
Signing time: Thu 02 Jan 2025 02:20:06 +0000
ROA not before: Thu 02 Jan 2025 02:20:02 +0000
ROA not after: Mon 13 Dec 2027 02:20:02 +0000
asID: 17561
IP address blocks: 154.220.172.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78240 (0x131a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 02:20:02 2025 GMT
Not After : Dec 13 02:20:02 2027 GMT
Subject: CN=6775f7d6-83e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f0:56:33:90:03:7f:26:4e:88:a3:cd:af:01:
17:6b:0c:ab:3a:b5:82:dc:0c:0f:ab:86:82:9c:f8:
9f:3b:9b:ce:88:38:62:a2:ea:bd:87:eb:17:26:32:
5b:ce:d6:80:fc:24:b4:c7:e7:6b:69:d5:ed:e2:d3:
07:7f:26:61:a0:1f:42:bd:87:b1:f0:25:fb:25:ae:
fa:42:83:2b:d2:e2:d2:d4:dd:b6:11:1c:56:9c:9b:
e3:79:0c:fb:a6:3c:ec:1c:7e:22:0c:e5:09:0e:e5:
24:88:c0:ef:92:35:1d:8f:38:88:91:17:e2:2c:40:
7a:46:b1:a8:3c:67:99:d1:af:68:2e:30:04:87:12:
32:c1:2e:1a:26:f5:a5:17:a0:7f:c4:ad:04:3c:9c:
66:4c:ee:41:31:86:78:8b:98:08:cb:a4:cf:d1:ae:
9a:f8:8e:0a:df:25:5b:74:19:f5:47:ad:d8:8e:3d:
9e:02:31:1d:da:23:da:1b:82:1f:c7:7a:ad:68:28:
43:95:d6:fb:c5:ec:31:36:a0:ee:b7:91:74:05:00:
c7:19:0f:22:dc:09:82:85:b6:cd:a6:cf:40:49:ca:
d0:03:7e:f9:c7:21:ce:aa:e2:2c:67:eb:04:8b:88:
a9:4a:9a:b7:a4:ab:96:78:35:90:c8:33:a3:0a:5d:
d8:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:DE:31:78:99:2C:47:A9:F2:AA:93:72:9D:A5:DA:5A:7D:0A:E0:DE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14DD96B2C8B011EF8C7DCE42762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.172.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:a0:74:0a:04:9c:21:86:35:5d:af:78:be:5d:96:6e:df:82:
59:0f:42:3a:2b:3b:2d:86:45:e1:cf:7a:ae:86:58:eb:ea:aa:
2a:cc:98:bf:70:e9:d9:18:08:66:7f:39:51:6c:1c:e8:dd:ad:
e6:43:b8:1f:48:f4:40:75:95:4b:d3:11:50:6f:0f:8c:62:fc:
f9:65:cc:b8:6b:b8:17:93:21:7c:74:01:3d:fd:b3:22:86:7c:
28:8a:2b:5a:61:f4:33:34:31:c0:b1:e5:37:d0:19:03:59:a4:
91:42:24:d2:0b:a2:c1:ad:5f:ee:af:3c:4e:a2:b4:91:b7:71:
e0:5e:0a:a4:10:e1:c3:81:56:59:c5:ed:b5:ee:2c:2e:dc:35:
c3:66:f5:0f:81:f2:08:34:28:39:fb:6a:25:f8:50:ef:12:9c:
ce:bb:73:04:88:d1:42:13:cb:b9:24:9b:f0:22:0c:6d:84:b9:
ce:ce:2c:c8:cd:11:bc:30:91:9c:7c:84:d2:06:ec:a2:34:c3:
bc:35:d6:2a:ad:cd:4a:64:e0:a2:d2:cf:98:7c:90:ce:51:63:
d3:d5:de:de:d6:f6:7d:88:7a:94:87:86:2f:02:5f:2c:02:ac:
30:e5:c7:ee:b8:bf:a9:e5:34:8a:5d:a4:d2:7b:38:0d:ca:85:
fa:01:2b:88
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATGgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMDIyMDAyWhcNMjcxMjEzMDIyMDAyWjAYMRYw
FAYDVQQDEw02Nzc1ZjdkNi04M2UyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2vBWM5ADfyZOiKPNrwEXawyrOrWC3AwPq4aCnPifO5vOiDhiouq9h+sX
JjJbztaA/CS0x+dradXt4tMHfyZhoB9CvYex8CX7Ja76QoMr0uLS1N22ERxWnJvj
eQz7pjzsHH4iDOUJDuUkiMDvkjUdjziIkRfiLEB6RrGoPGeZ0a9oLjAEhxIywS4a
JvWlF6B/xK0EPJxmTO5BMYZ4i5gIy6TP0a6a+I4K3yVbdBn1R63Yjj2eAjEd2iPa
G4Ifx3qtaChDldb7xewxNqDut5F0BQDHGQ8i3AmChbbNps9AScrQA375xyHOquIs
Z+sEi4ipSpq3pKuWeDWQyDOjCl3Y2QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFB7e
MXiZLEep8qqTcp2l2lp9CuDeMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNEREOTZCMkM4QjAxMUVGOEM3RENFNDI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtysMA0GCSqGSIb3DQEB
CwUAA4IBAQDXoHQKBJwhhjVdr3i+XZZu34JZD0I6KzsthkXhz3quhljr6qoqzJi/
cOnZGAhmfzlRbBzo3a3mQ7gfSPRAdZVL0xFQbw+MYvz5Zcy4a7gXkyF8dAE9/bMi
hnwoiitaYfQzNDHAseU30BkDWaSRQiTSC6LBrV/urzxOorSRt3HgXgqkEOHDgVZZ
xe217iwu3DXDZvUPgfIINCg5+2ol+FDvEpzOu3MEiNFCE8u5JJvwIgxthLnOzizI
zRG8MJGcfITSBuyiNMO8NdYqrc1KZOCi0s+YfJDOUWPT1d7e1vZ9iHqUh4YvAl8s
Aqww5cfuuL+p5TSKXaTSezgNyoX6ASuI
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:53:03 2025 by rpki-client