Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C2BE15CEC25511EF9E9D2753762E951A.roa
File: C2BE15CEC25511EF9E9D2753762E951A.roa (raw, json)
Hash identifier: BOD6uQjJRoUjfFk0+6P+yS1+gJrfFGY7NAwcvvSSuB0=
Subject key identifier: EA:34:99:81:1C:BA:F9:CF:33:F7:3D:5E:E2:76:6F:58:92:33:EC:7D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01232F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C2BE15CEC25511EF9E9D2753762E951A.roa
Signing time: Wed 25 Dec 2024 00:18:27 +0000
ROA not before: Wed 25 Dec 2024 00:00:23 +0000
ROA not after: Wed 10 Dec 2025 00:00:23 +0000
asID: 984
IP address blocks: 154.199.36.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74543 (0x1232f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 00:00:23 2024 GMT
Not After : Dec 10 00:00:23 2025 GMT
Subject: CN=676b4f53-d5db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c5:86:15:1c:79:28:ac:1e:7d:1e:07:d9:39:
9a:2d:a4:5a:2b:a4:de:2e:7e:b9:e0:ca:7a:1a:b4:
79:7f:96:00:53:2f:42:ac:35:58:b0:f0:f4:c5:50:
61:7f:e1:16:f1:cf:4a:27:43:7d:5f:06:6e:45:d8:
17:ac:c0:fe:61:71:2d:f2:65:da:83:a3:d4:af:d2:
75:ed:4f:f5:e2:96:81:1e:f5:bc:06:6e:6f:60:4d:
50:07:d5:59:2e:19:e1:ea:10:3f:70:9f:dc:c7:89:
0a:b7:aa:93:dc:c5:02:9a:b3:37:56:25:4f:2c:6b:
42:fe:a8:c7:8e:b0:fb:2f:da:d1:31:da:b5:cb:02:
0f:0d:70:ff:1f:8c:af:5a:cd:4c:df:52:ed:ed:9a:
f1:22:49:5d:bb:6c:b0:2a:c8:03:41:da:e9:86:44:
29:73:8c:c3:51:54:41:df:df:d6:4e:a1:2a:42:23:
56:00:d1:88:23:8b:99:ba:03:1c:a3:2f:e7:c6:f9:
a8:f3:66:00:1f:eb:c9:cb:31:ea:ce:35:b2:e1:40:
04:51:b5:4e:25:5f:cc:c1:ed:ff:fe:82:a5:61:de:
24:df:8a:5c:22:d3:69:20:de:95:87:59:43:c6:f3:
6f:96:b0:95:b7:6f:06:11:04:6f:b1:76:8f:12:1e:
bb:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:34:99:81:1C:BA:F9:CF:33:F7:3D:5E:E2:76:6F:58:92:33:EC:7D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C2BE15CEC25511EF9E9D2753762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.36.0/24
Signature Algorithm: sha256WithRSAEncryption
43:89:57:ef:16:b0:23:28:2c:79:b3:04:73:a3:55:65:b3:70:
27:81:94:3e:bb:1d:78:ba:ba:ea:ef:50:8b:7a:a0:4a:19:ec:
9d:f5:4e:c7:62:45:91:6a:1c:88:b5:63:53:b0:60:c2:1b:2f:
30:f4:60:7e:8e:4f:5a:b9:7d:98:55:0d:5e:ee:87:e7:49:99:
9f:8d:82:bd:c8:5f:58:df:4b:95:fd:8d:b5:f0:1b:74:20:a7:
9c:3e:56:79:80:e4:d9:1a:64:5c:5c:0a:df:dd:6a:f8:32:cb:
b4:fa:90:6d:ef:19:03:78:46:3c:40:c3:1c:9b:c7:99:bf:b2:
f5:49:1e:78:1b:83:fd:e7:e1:5c:a0:79:9a:99:c7:35:ad:1e:
d9:13:a1:d4:43:d5:af:49:1c:34:92:e5:a8:c4:92:57:fd:33:
1f:0f:0e:50:cf:08:8f:05:ba:98:c4:10:75:5d:0e:0d:08:2e:
28:e2:7c:c8:5f:64:b7:3a:35:e8:26:96:03:c5:5c:3b:b2:cb:
d2:89:31:bc:1b:32:07:2a:59:e6:e4:92:b4:e1:fb:2e:dc:8a:
56:db:f7:a6:f6:0d:ff:c5:42:a7:cb:76:cf:13:c9:11:c9:28:
0b:ac:de:56:38:28:ea:28:d0:4a:98:63:b0:90:3d:7d:d0:76:
36:7a:08:5a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASMvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDAwMDIzWhcNMjUxMjEwMDAwMDIzWjAYMRYw
FAYDVQQDEw02NzZiNGY1My1kNWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy8WGFRx5KKwefR4H2TmaLaRaK6TeLn654Mp6GrR5f5YAUy9CrDVYsPD0
xVBhf+EW8c9KJ0N9XwZuRdgXrMD+YXEt8mXag6PUr9J17U/14paBHvW8Bm5vYE1Q
B9VZLhnh6hA/cJ/cx4kKt6qT3MUCmrM3ViVPLGtC/qjHjrD7L9rRMdq1ywIPDXD/
H4yvWs1M31Lt7ZrxIkldu2ywKsgDQdrphkQpc4zDUVRB39/WTqEqQiNWANGII4uZ
ugMcoy/nxvmo82YAH+vJyzHqzjWy4UAEUbVOJV/Mwe3//oKlYd4k34pcItNpIN6V
h1lDxvNvlrCVt28GEQRvsXaPEh67VQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOo0
mYEcuvnPM/c9XuJ2b1iSM+x9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMkJFMTVDRUMyNTUxMUVGOUU5RDI3NTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsckMA0GCSqGSIb3DQEB
CwUAA4IBAQBDiVfvFrAjKCx5swRzo1Vls3AngZQ+ux14urrq71CLeqBKGeyd9U7H
YkWRahyItWNTsGDCGy8w9GB+jk9auX2YVQ1e7ofnSZmfjYK9yF9Y30uV/Y218Bt0
IKecPlZ5gOTZGmRcXArf3Wr4Msu0+pBt7xkDeEY8QMMcm8eZv7L1SR54G4P95+Fc
oHmamcc1rR7ZE6HUQ9WvSRw0kuWoxJJX/TMfDw5QzwiPBbqYxBB1XQ4NCC4o4nzI
X2S3OjXoJpYDxVw7ssvSiTG8GzIHKlnm5JK04fsu3IpW2/em9g3/xUKny3bPE8kR
ySgLrN5WOCjqKNBKmGOwkD190HY2egha
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:59:49 2025 by rpki-client