Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362793F/065D4DBAA64311EF8B4D3E8B762E951A/796B8BB8B7BF11EF93F532AB762E951A.roa
File: 796B8BB8B7BF11EF93F532AB762E951A.roa (raw, json)
Hash identifier: J+EvOiYcq3PKgVKQ9c2yiQ2co1r01VUQAXxsxupX0YU=
Subject key identifier: 82:87:82:BE:19:E8:2E:AA:FE:94:6B:A4:71:50:EB:5A:66:04:C0:45
Certificate issuer: /CN=F362793FAF/serialNumber=DAA872FF9A04446B718A8D9F47554BFA581B3A0E
Certificate serial: 29
Authority key identifier: DA:A8:72:FF:9A:04:44:6B:71:8A:8D:9F:47:55:4B:FA:58:1B:3A:0E
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/2qhy_5oERGtxio2fR1VL-lgbOg4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F362793F/065D4DBAA64311EF8B4D3E8B762E951A/796B8BB8B7BF11EF93F532AB762E951A.roa
Signing time: Wed 11 Dec 2024 12:57:28 +0000
ROA not before: Wed 11 Dec 2024 12:57:22 +0000
ROA not after: Fri 01 Dec 2034 12:57:22 +0000
asID: 328467
IP address blocks: 102.67.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41 (0x29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F362793FAF
Validity
Not Before: Dec 11 12:57:22 2024 GMT
Not After : Dec 1 12:57:22 2034 GMT
Subject: CN=67598c38-43cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:25:3a:10:c8:43:2c:56:81:21:42:9c:5e:a9:
a4:95:ae:97:e8:73:c3:71:42:7a:57:0a:8c:ec:f2:
33:07:e4:c1:e1:c8:b8:c9:2a:ec:36:8d:73:65:3b:
0f:9a:f3:25:7f:5e:cc:7b:06:05:06:27:80:c3:e3:
22:e7:c4:4f:8c:04:a3:96:29:35:e5:4a:31:eb:60:
80:2c:bc:39:cd:76:05:13:c6:5a:fd:4b:70:74:43:
7b:bd:48:74:89:5d:36:85:80:a7:90:57:3a:b5:10:
19:cd:ed:ce:f4:59:1c:e1:de:7c:d1:47:a9:38:e9:
5b:60:b1:78:f6:55:00:bb:bb:af:ad:c2:a7:f5:8c:
9c:0c:f1:8d:44:9f:9b:a4:9a:e7:6c:7b:60:5e:5e:
5d:94:20:0e:66:83:00:70:c3:42:c5:67:46:bc:c5:
42:ca:3b:a5:a4:46:93:0c:3c:69:ec:b6:ad:5c:1d:
5c:9a:ab:df:e9:c1:da:c6:fc:15:58:14:00:bd:f0:
b7:0f:24:a1:eb:c2:45:be:61:b6:c2:7b:5f:c6:cb:
31:8b:4f:91:16:31:da:3e:ab:1e:e3:90:fa:63:16:
f6:6c:59:30:f7:5a:d0:34:6b:21:bf:b9:a0:6f:fb:
c5:63:70:ce:64:33:a6:93:ed:93:74:43:92:94:00:
82:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:87:82:BE:19:E8:2E:AA:FE:94:6B:A4:71:50:EB:5A:66:04:C0:45
X509v3 Authority Key Identifier:
keyid:DA:A8:72:FF:9A:04:44:6B:71:8A:8D:9F:47:55:4B:FA:58:1B:3A:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F362793F/065D4DBAA64311EF8B4D3E8B762E951A/2qhy_5oERGtxio2fR1VL-lgbOg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/2qhy_5oERGtxio2fR1VL-lgbOg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362793F/065D4DBAA64311EF8B4D3E8B762E951A/796B8BB8B7BF11EF93F532AB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.67.135.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:94:fe:6e:a2:8d:f6:71:01:e7:7a:62:cc:af:b9:77:e8:00:
73:39:5c:be:b7:38:6d:59:50:53:d7:52:84:e1:46:2f:14:97:
a7:40:74:93:a2:88:c1:1c:86:ea:a3:85:cd:d5:c0:53:ab:79:
77:44:a0:7a:fe:d5:ab:55:55:b2:16:cd:d3:1f:38:09:27:47:
e8:25:88:40:35:6c:7c:0e:e4:69:06:05:7b:a3:35:cb:83:75:
e2:dd:55:2c:d7:be:c6:bf:3d:56:51:c0:2e:00:5a:44:91:fa:
8d:a1:79:c5:d3:6f:db:24:6d:db:c3:39:53:ec:7c:bc:e7:2e:
fc:16:4e:10:f7:80:93:f7:cf:74:d4:c8:7c:25:55:89:1a:cd:
aa:93:3b:13:3d:bc:e3:89:16:89:15:a3:b3:9c:e8:ec:44:d2:
ad:27:8b:48:e5:91:6b:83:bb:41:cd:c6:8b:d8:e1:50:47:64:
51:f0:12:5c:f6:92:10:69:e7:94:c1:cf:e3:b1:b4:b5:dc:24:
23:8c:2a:ec:e9:1d:f2:7a:79:6a:21:59:95:06:3c:c5:c7:bd:
e6:ce:59:c9:51:11:8e:b5:a1:cf:af:72:a1:dc:17:c7:65:bb:
0a:52:8f:2e:cc:0f:4b:66:89:51:d6:f9:58:80:9a:08:47:04:
47:05:af:18
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBKTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
NzkzRkFGMTEwLwYDVQQFEyhEQUE4NzJGRjlBMDQ0NDZCNzE4QThEOUY0NzU1NEJG
QTU4MUIzQTBFMB4XDTI0MTIxMTEyNTcyMloXDTM0MTIwMTEyNTcyMlowGDEWMBQG
A1UEAxMNNjc1OThjMzgtNDNjYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKglOhDIQyxWgSFCnF6ppJWul+hzw3FCelcKjOzyMwfkweHIuMkq7DaNc2U7
D5rzJX9ezHsGBQYngMPjIufET4wEo5YpNeVKMetggCy8Oc12BRPGWv1LcHRDe71I
dIldNoWAp5BXOrUQGc3tzvRZHOHefNFHqTjpW2CxePZVALu7r63Cp/WMnAzxjUSf
m6Sa52x7YF5eXZQgDmaDAHDDQsVnRrzFQso7paRGkww8aey2rVwdXJqr3+nB2sb8
FVgUAL3wtw8koevCRb5htsJ7X8bLMYtPkRYx2j6rHuOQ+mMW9mxZMPda0DRrIb+5
oG/7xWNwzmQzppPtk3RDkpQAgkMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSCh4K+
Geguqv6Ua6RxUOtaZgTARTAfBgNVHSMEGDAWgBTaqHL/mgREa3GKjZ9HVUv6WBs6
DjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Mjc5M0YvMDY1RDREQkFBNjQzMTFFRjhCNEQzRThCNzYyRTk1MUEvMnFoeV81
b0VSR3R4aW8yZlIxVkwtbGdiT2c0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvMnFoeV81b0VSR3R4aW8yZlIxVkwtbGdiT2c0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Mjc5M0YvMDY1RDREQkFBNjQzMTFFRjhCNEQzRThCNzYy
RTk1MUEvNzk2QjhCQjhCN0JGMTFFRjkzRjUzMkFCNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGZDhzANBgkqhkiG9w0BAQsF
AAOCAQEAC5T+bqKN9nEB53pizK+5d+gAczlcvrc4bVlQU9dShOFGLxSXp0B0k6KI
wRyG6qOFzdXAU6t5d0Sgev7Vq1VVshbN0x84CSdH6CWIQDVsfA7kaQYFe6M1y4N1
4t1VLNe+xr89VlHALgBaRJH6jaF5xdNv2yRt28M5U+x8vOcu/BZOEPeAk/fPdNTI
fCVViRrNqpM7Ez2844kWiRWjs5zo7ETSrSeLSOWRa4O7Qc3Gi9jhUEdkUfASXPaS
EGnnlMHP47G0tdwkI4wq7Okd8np5aiFZlQY8xce95s5ZyVERjrWhz69yodwXx2W7
ClKPLswPS2aJUdb5WICaCEcERwWvGA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:12:58 2025 by rpki-client