Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/42378C42DA1E11EFA5613684762E951A.roa
File: 42378C42DA1E11EFA5613684762E951A.roa (raw, json)
Hash identifier: 6bUbJMvhfoxtBQcM9y9Afb7BE9TDfaQ9amAj/iOaGcA=
Subject key identifier: CB:DD:87:A5:77:C0:8A:7B:F4:A0:CA:8A:9A:E7:A0:04:3F:60:64:83
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0143F4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/42378C42DA1E11EFA5613684762E951A.roa
Signing time: Fri 24 Jan 2025 06:41:37 +0000
ROA not before: Fri 24 Jan 2025 06:41:33 +0000
ROA not after: Tue 13 May 2025 06:41:33 +0000
asID: 138915
IP address blocks: 154.205.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82932 (0x143f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 24 06:41:33 2025 GMT
Not After : May 13 06:41:33 2025 GMT
Subject: CN=67933621-c478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:2a:a0:b0:e9:eb:2b:5b:c7:ac:03:3d:a3:88:
81:43:2c:2b:7e:a7:c4:89:36:bf:56:f5:b5:2d:a9:
72:f4:cf:db:2b:e1:96:47:89:48:96:c5:90:65:27:
a3:cc:da:5a:b3:0e:01:5d:0d:90:f9:13:fd:ed:f8:
cc:32:72:cc:8f:e4:38:d2:32:40:c3:7a:74:02:ee:
4a:c6:b4:00:10:9b:b1:2a:65:f6:fc:f2:8c:a5:a0:
b5:e9:57:6a:c1:d0:40:70:c4:48:61:db:ca:af:e2:
3e:fe:41:03:f8:86:d5:73:47:55:51:33:97:08:d6:
62:95:2c:d3:6d:e7:69:7b:6c:2c:f4:b0:3a:6f:c3:
3e:0d:5c:41:07:af:ff:7a:46:d7:70:27:a1:f5:6d:
d7:9e:f4:31:67:6b:16:09:e1:ff:40:8a:9f:64:14:
38:2d:3b:96:2b:50:89:b3:f2:aa:d4:a0:77:e7:d0:
08:45:74:83:62:08:95:8d:61:f3:5a:b3:9b:e4:4a:
1a:b4:89:d4:68:67:e8:65:b0:7a:5a:81:af:f0:28:
e1:3b:e7:f5:61:00:7f:c2:e4:02:fa:96:7c:b0:dd:
b2:21:84:d2:f0:02:2a:ad:f9:d3:02:08:39:d9:1d:
b0:ae:c6:bc:6e:d8:14:9e:43:8d:45:ee:5f:d0:b5:
23:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:DD:87:A5:77:C0:8A:7B:F4:A0:CA:8A:9A:E7:A0:04:3F:60:64:83
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/42378C42DA1E11EFA5613684762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.138.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:02:e1:62:cb:b1:2a:d0:8d:d7:59:7b:bf:41:7d:9d:86:ad:
2d:83:1f:ef:fa:61:89:ea:17:e4:16:02:55:37:34:f8:29:50:
35:3e:74:c3:6a:70:14:86:87:b7:8c:81:8f:14:ca:7d:bc:f0:
7a:76:d1:74:70:97:4b:85:d0:9e:78:10:9d:14:97:6a:00:aa:
c8:c3:f8:54:1c:a5:e0:38:52:f5:6c:36:82:55:a0:b1:26:7c:
63:63:fc:4f:8e:ce:58:47:38:60:16:55:93:36:2e:7d:4b:b4:
29:5a:f2:ae:3a:66:ee:ad:a5:ca:e2:8c:5b:55:57:40:03:7d:
01:a3:b8:d2:24:c2:72:60:45:32:65:4a:5d:77:fd:4f:4d:ac:
5b:9b:47:7f:44:7c:5c:7d:18:ad:d2:e0:00:16:b4:25:c4:bb:
0f:bf:16:e8:87:2d:44:4f:38:fb:66:d8:c3:91:0e:fa:6d:16:
f0:8c:2e:38:97:43:71:a3:db:d9:3c:f5:a3:be:b8:ce:30:27:
0a:40:c0:93:42:0e:1f:0a:aa:ee:81:ea:82:e1:5a:01:ae:45:
a8:5a:e5:0d:4d:fa:2a:bb:12:cf:d2:04:d7:cf:87:fb:90:58:
21:42:17:12:02:eb:ed:b7:ed:05:3c:d6:60:9e:ed:4e:56:10:
10:2c:4a:1b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUP0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDY0MTMzWhcNMjUwNTEzMDY0MTMzWjAYMRYw
FAYDVQQDEw02NzkzMzYyMS1jNDc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzyqgsOnrK1vHrAM9o4iBQywrfqfEiTa/VvW1Laly9M/bK+GWR4lIlsWQ
ZSejzNpasw4BXQ2Q+RP97fjMMnLMj+Q40jJAw3p0Au5KxrQAEJuxKmX2/PKMpaC1
6VdqwdBAcMRIYdvKr+I+/kED+IbVc0dVUTOXCNZilSzTbedpe2ws9LA6b8M+DVxB
B6//ekbXcCeh9W3XnvQxZ2sWCeH/QIqfZBQ4LTuWK1CJs/Kq1KB359AIRXSDYgiV
jWHzWrOb5EoatInUaGfoZbB6WoGv8CjhO+f1YQB/wuQC+pZ8sN2yIYTS8AIqrfnT
Agg52R2wrsa8btgUnkONRe5f0LUj2wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMvd
h6V3wIp79KDKiprnoAQ/YGSDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MjM3OEM0MkRBMUUxMUVGQTU2MTM2ODQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms2KMA0GCSqGSIb3DQEB
CwUAA4IBAQCaAuFiy7Eq0I3XWXu/QX2dhq0tgx/v+mGJ6hfkFgJVNzT4KVA1PnTD
anAUhoe3jIGPFMp9vPB6dtF0cJdLhdCeeBCdFJdqAKrIw/hUHKXgOFL1bDaCVaCx
JnxjY/xPjs5YRzhgFlWTNi59S7QpWvKuOmburaXK4oxbVVdAA30Bo7jSJMJyYEUy
ZUpdd/1PTaxbm0d/RHxcfRit0uAAFrQlxLsPvxbohy1ETzj7ZtjDkQ76bRbwjC44
l0Nxo9vZPPWjvrjOMCcKQMCTQg4fCqrugeqC4VoBrkWoWuUNTfoquxLP0gTXz4f7
kFghQhcSAuvtt+0FPNZgnu1OVhAQLEob
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:16 2025 by rpki-client