Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3640DFD/AE0987D2896E11EF8242EE77762E951A/32ECB694906E11EFB54F5B57762E951A.roa
File: 32ECB694906E11EFB54F5B57762E951A.roa (raw, json)
Hash identifier: U23PUnjwq2kXRrdbse3Nf1EpfCGUhU+jjeGB7WHEMMA=
Subject key identifier: 11:A5:27:B9:90:E1:EC:13:64:68:E9:99:40:1B:EA:9D:E0:63:74:D5
Certificate issuer: /CN=F3640DFDAF/serialNumber=4E1CF64DA223F8B8A270A1DF0FA8DEC792A45CDB
Certificate serial: 1D
Authority key identifier: 4E:1C:F6:4D:A2:23:F8:B8:A2:70:A1:DF:0F:A8:DE:C7:92:A4:5C:DB
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Thz2TaIj-LiicKHfD6jex5KkXNs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3640DFD/AE0987D2896E11EF8242EE77762E951A/32ECB694906E11EFB54F5B57762E951A.roa
Signing time: Tue 22 Oct 2024 12:07:25 +0000
ROA not before: Tue 22 Oct 2024 12:07:20 +0000
ROA not after: Fri 30 Oct 2026 12:07:20 +0000
asID: 37629
IP address blocks: 154.65.4.0/22 maxlen: 24
196.1.176.0/20 maxlen: 24
2c0f:f128::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29 (0x1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3640DFDAF/serialNumber=4E1CF64DA223F8B8A270A1DF0FA8DEC792A45CDB
Validity
Not Before: Oct 22 12:07:20 2024 GMT
Not After : Oct 30 12:07:20 2026 GMT
Subject: CN=6717957d-38b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:09:14:2b:ce:fd:5d:c2:61:68:20:db:7f:a4:
76:68:6b:d4:ef:bd:12:79:ca:15:1f:89:c1:98:5a:
df:9f:d7:1a:0e:7a:f3:7d:3c:ff:fb:9a:47:f4:df:
55:1b:a1:1a:65:75:9c:bf:23:16:5f:51:50:c1:df:
94:a0:4a:db:0f:d3:df:cf:97:60:8d:42:05:73:72:
f3:b2:bb:05:ca:c4:d0:39:86:62:9e:fe:60:46:f8:
53:74:81:18:c4:80:5e:ef:62:26:eb:0f:d7:93:ec:
c2:45:48:a1:b9:e6:0e:3c:da:7b:07:f7:7d:10:a6:
98:e1:3a:14:81:80:99:8e:b2:fa:90:c3:3e:0f:24:
56:16:e8:92:0c:1c:8d:da:9f:3d:16:37:3d:01:60:
89:51:a6:e9:96:89:82:41:a6:d6:24:30:98:4f:e4:
94:e1:5b:30:9c:75:80:94:b3:9c:f2:6e:62:07:ed:
16:b3:0e:16:a8:de:aa:f6:f9:ce:c5:1f:c5:aa:75:
88:ac:c5:fd:aa:27:1b:3c:e2:b4:56:12:b8:e5:0d:
3b:15:58:09:0f:6e:e6:d1:a0:71:c9:09:18:d2:d3:
62:f9:f2:84:75:c2:28:b1:cc:87:2e:21:12:c9:33:
59:ab:7f:f6:87:69:5c:47:21:14:04:4f:95:a4:8d:
58:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:A5:27:B9:90:E1:EC:13:64:68:E9:99:40:1B:EA:9D:E0:63:74:D5
X509v3 Authority Key Identifier:
keyid:4E:1C:F6:4D:A2:23:F8:B8:A2:70:A1:DF:0F:A8:DE:C7:92:A4:5C:DB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3640DFD/AE0987D2896E11EF8242EE77762E951A/Thz2TaIj-LiicKHfD6jex5KkXNs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Thz2TaIj-LiicKHfD6jex5KkXNs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3640DFD/AE0987D2896E11EF8242EE77762E951A/32ECB694906E11EFB54F5B57762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.65.4.0/22
196.1.176.0/20
IPv6:
2c0f:f128::/32
Signature Algorithm: sha256WithRSAEncryption
45:6f:ed:e1:bf:79:1f:1e:7b:e7:12:85:ac:e4:f1:ff:fe:11:
dd:c7:95:12:be:31:0f:84:d4:60:05:a6:93:8c:a0:df:99:3e:
13:68:fa:6e:3b:ff:71:2b:05:70:1d:ce:1d:e5:b1:dd:bd:58:
41:e9:d2:0d:41:55:1e:01:03:0b:07:d6:d0:79:1f:a2:0b:46:
98:18:f9:15:52:c8:c9:d2:07:f1:75:a6:75:99:e3:de:cc:da:
a4:35:a0:66:49:81:55:1d:66:01:56:51:da:a8:31:6a:3e:0c:
e4:61:de:24:86:a4:89:71:69:63:1d:6c:97:1e:88:f0:94:83:
dd:0d:f4:95:7c:1d:e0:ba:93:de:b5:b0:6a:e3:fd:2d:31:84:
fa:6e:50:7b:f1:93:7f:e1:7b:9d:2f:4d:17:b1:58:fe:e5:09:
81:3e:59:be:72:8e:87:97:9a:58:b7:1d:38:69:3e:90:ac:b6:
af:a1:d4:73:8a:4e:01:e0:34:af:3b:24:eb:ac:38:cf:88:98:
5e:d7:4e:04:dc:76:62:6f:55:5b:4d:4e:24:d7:9d:c1:13:30:
3f:69:4b:be:06:54:17:32:a4:a4:3a:8d:29:55:cc:82:38:fb:
9d:4c:72:67:24:89:24:56:9d:fd:22:a3:83:ce:1c:96:03:45:
58:52:95:06
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIBHTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
MERGREFGMTEwLwYDVQQFEyg0RTFDRjY0REEyMjNGOEI4QTI3MEExREYwRkE4REVD
NzkyQTQ1Q0RCMB4XDTI0MTAyMjEyMDcyMFoXDTI2MTAzMDEyMDcyMFowGDEWMBQG
A1UEAxMNNjcxNzk1N2QtMzhiMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4JFCvO/V3CYWgg23+kdmhr1O+9EnnKFR+JwZha35/XGg568308//uaR/Tf
VRuhGmV1nL8jFl9RUMHflKBK2w/T38+XYI1CBXNy87K7BcrE0DmGYp7+YEb4U3SB
GMSAXu9iJusP15PswkVIobnmDjzaewf3fRCmmOE6FIGAmY6y+pDDPg8kVhbokgwc
jdqfPRY3PQFgiVGm6ZaJgkGm1iQwmE/klOFbMJx1gJSznPJuYgftFrMOFqjeqvb5
zsUfxap1iKzF/aonGzzitFYSuOUNOxVYCQ9u5tGgcckJGNLTYvnyhHXCKLHMhy4h
EskzWat/9odpXEchFARPlaSNWPkCAwEAAaOCArowggK2MB0GA1UdDgQWBBQRpSe5
kOHsE2Ro6ZlAG+qd4GN01TAfBgNVHSMEGDAWgBROHPZNoiP4uKJwod8PqN7HkqRc
2zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDBERkQvQUUwOTg3RDI4OTZFMTFFRjgyNDJFRTc3NzYyRTk1MUEvVGh6MlRh
SWotTGlpY0tIZkQ2amV4NUtrWE5zLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVGh6MlRhSWotTGlpY0tIZkQ2amV4NUtrWE5zLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDBERkQvQUUwOTg3RDI4OTZFMTFFRjgyNDJFRTc3NzYy
RTk1MUEvMzJFQ0I2OTQ5MDZFMTFFRkI1NEY1QjU3NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAppBBAMEBMQBsDANBAIAAjAH
AwUALA/xKDANBgkqhkiG9w0BAQsFAAOCAQEARW/t4b95Hx575xKFrOTx//4R3ceV
Er4xD4TUYAWmk4yg35k+E2j6bjv/cSsFcB3OHeWx3b1YQenSDUFVHgEDCwfW0Hkf
ogtGmBj5FVLIydIH8XWmdZnj3szapDWgZkmBVR1mAVZR2qgxaj4M5GHeJIakiXFp
Yx1slx6I8JSD3Q30lXwd4LqT3rWwauP9LTGE+m5Qe/GTf+F7nS9NF7FY/uUJgT5Z
vnKOh5eaWLcdOGk+kKy2r6HUc4pOAeA0rzsk66w4z4iYXtdOBNx2Ym9VW01OJNed
wRMwP2lLvgZUFzKkpDqNKVXMgjj7nUxyZySJJFad/SKjg84clgNFWFKVBg==
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:33:51 2024 by rpki-client on console-ams.rpki-client.org