Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE8C22F6E31B11EFB41753A0762E951A.roa
File: CE8C22F6E31B11EFB41753A0762E951A.roa (raw, json)
Hash identifier: gyo4WUNAuFHwZwk+YwRqkHK2fDOhemX2oLqJt22iKlM=
Subject key identifier: 7D:AE:56:F0:F6:CF:48:EB:10:30:24:08:50:EF:15:C4:79:AC:F6:61
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015149
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE8C22F6E31B11EFB41753A0762E951A.roa
Signing time: Tue 04 Feb 2025 17:16:44 +0000
ROA not before: Tue 04 Feb 2025 17:16:40 +0000
ROA not after: Wed 30 Apr 2025 17:16:40 +0000
asID: 139490
IP address blocks: 154.209.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86345 (0x15149)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 4 17:16:40 2025 GMT
Not After : Apr 30 17:16:40 2025 GMT
Subject: CN=67a24b7c-90ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:53:15:3f:97:70:c5:2a:90:a5:cd:17:f2:0b:
cd:71:16:e1:3a:b5:13:5f:8e:d2:4c:2f:28:e4:c4:
f5:b4:45:19:ab:70:a5:e1:fb:2e:78:85:58:fd:20:
e3:f4:e7:c0:11:da:fe:09:e2:75:df:b6:1c:4f:3c:
b5:b1:79:ac:7c:ce:9d:59:b8:8c:3c:7b:05:75:d4:
43:af:ba:06:87:69:8e:7b:44:59:aa:a8:4d:68:99:
d9:40:10:9c:ab:69:4b:0f:67:4d:87:77:8b:e7:85:
d9:5b:74:21:d0:a6:47:16:6a:53:1e:4d:ea:89:ce:
03:d3:c0:e5:a9:bf:71:cc:ec:48:1d:68:ea:4c:f1:
33:c9:83:71:9e:1a:4e:03:5e:51:ff:dc:34:82:46:
dd:54:4e:a8:57:fe:19:ad:fe:e1:5c:0b:52:03:26:
5c:b0:83:17:bf:d3:21:57:4f:35:6c:fd:ce:0b:fc:
00:1a:4e:d5:d3:96:c3:9a:30:38:10:52:77:75:59:
5f:a5:24:a6:e7:6d:a6:35:07:4b:02:ae:b7:dc:68:
78:42:13:bc:1d:06:4c:9b:38:40:81:81:2c:a7:af:
5e:93:f2:48:cd:23:cf:f3:5f:f1:82:a1:f5:ac:e7:
b2:11:c8:19:38:3a:c1:24:da:44:bf:b6:f6:bc:4c:
ab:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:AE:56:F0:F6:CF:48:EB:10:30:24:08:50:EF:15:C4:79:AC:F6:61
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE8C22F6E31B11EFB41753A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.255.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:3d:19:65:ff:77:7e:34:bf:a5:84:4c:b1:7e:0b:91:23:99:
6d:22:d0:c0:f4:96:70:b9:50:fc:23:e3:6c:d8:37:37:ca:0d:
74:54:c3:94:27:cd:3c:60:c1:6f:be:0e:91:39:c3:44:e3:97:
c8:52:d8:96:6d:eb:ed:1a:10:a9:9c:af:c1:74:d6:c2:ff:3a:
c6:91:2d:30:66:2a:f2:23:ab:24:7d:bd:58:27:40:9d:16:c3:
f5:f8:57:be:9f:6f:f5:e2:99:54:3f:b4:1e:47:21:5c:b2:ec:
84:bf:ab:65:10:00:23:bc:70:0c:cc:c9:3e:c9:6a:65:96:c9:
a2:9b:db:af:18:7b:92:2a:80:54:91:6b:b9:01:33:10:c0:15:
f9:f2:0e:b4:40:45:aa:2c:24:a5:5d:0c:84:6a:73:38:a1:58:
31:c7:19:7b:8f:a4:71:c1:a5:d1:0d:76:c5:f5:fa:55:12:6b:
e3:e3:ac:29:f2:83:b5:3d:77:e5:79:a8:72:f3:5e:3c:c8:62:
2c:74:4e:08:64:00:4c:23:fb:22:14:ea:bd:0f:cc:4e:cb:95:
ea:b1:82:98:b7:b7:2c:e9:15:88:57:21:b3:d9:0a:4c:78:b8:
4c:7a:be:86:91:87:7d:a8:22:fb:b2:b5:bc:e9:e3:77:77:97:
92:31:3c:be
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVFJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjA0MTcxNjQwWhcNMjUwNDMwMTcxNjQwWjAYMRYw
FAYDVQQDEw02N2EyNGI3Yy05MGNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt1MVP5dwxSqQpc0X8gvNcRbhOrUTX47STC8o5MT1tEUZq3Cl4fsueIVY
/SDj9OfAEdr+CeJ137YcTzy1sXmsfM6dWbiMPHsFddRDr7oGh2mOe0RZqqhNaJnZ
QBCcq2lLD2dNh3eL54XZW3Qh0KZHFmpTHk3qic4D08Dlqb9xzOxIHWjqTPEzyYNx
nhpOA15R/9w0gkbdVE6oV/4Zrf7hXAtSAyZcsIMXv9MhV081bP3OC/wAGk7V05bD
mjA4EFJ3dVlfpSSm522mNQdLAq633Gh4QhO8HQZMmzhAgYEsp69ek/JIzSPP81/x
gqH1rOeyEcgZODrBJNpEv7b2vEyriwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH2u
VvD2z0jrEDAkCFDvFcR5rPZhMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRThDMjJGNkUzMUIxMUVGQjQxNzUzQTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtH/MA0GCSqGSIb3DQEB
CwUAA4IBAQBaPRll/3d+NL+lhEyxfguRI5ltItDA9JZwuVD8I+Ns2Dc3yg10VMOU
J808YMFvvg6ROcNE45fIUtiWbevtGhCpnK/BdNbC/zrGkS0wZiryI6skfb1YJ0Cd
FsP1+Fe+n2/14plUP7QeRyFcsuyEv6tlEAAjvHAMzMk+yWpllsmim9uvGHuSKoBU
kWu5ATMQwBX58g60QEWqLCSlXQyEanM4oVgxxxl7j6RxwaXRDXbF9fpVEmvj46wp
8oO1PXfleahy8148yGIsdE4IZABMI/siFOq9D8xOy5XqsYKYt7cs6RWIVyGz2QpM
eLhMer6GkYd9qCL7srW86eN3d5eSMTy+
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:14:07 2025 by rpki-client