Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365C79E/1FC34BE6BEDA11EB8F5CE243F8AEA228/FB1FEEF4D6B111EF8099CF40762E951A.roa
File: FB1FEEF4D6B111EF8099CF40762E951A.roa (raw, json)
Hash identifier: +7phxm5TzkZRyeFGhR37ALd4AEcaf9TKaQBnWBb/gF0=
Subject key identifier: E2:88:04:A9:C7:1C:20:A9:7A:BD:95:7C:80:9E:6D:2E:8A:56:71:EB
Certificate issuer: /CN=F365C79EAF/serialNumber=DD7499A8C8C12AB67E15EB492808A692ED4B59F4
Certificate serial: 056A
Authority key identifier: DD:74:99:A8:C8:C1:2A:B6:7E:15:EB:49:28:08:A6:92:ED:4B:59:F4
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/3XSZqMjBKrZ-FetJKAimku1LWfQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F365C79E/1FC34BE6BEDA11EB8F5CE243F8AEA228/FB1FEEF4D6B111EF8099CF40762E951A.roa
Signing time: Sun 19 Jan 2025 22:08:58 +0000
ROA not before: Mon 20 Jan 2025 22:08:55 +0000
ROA not after: Tue 20 Jan 2026 22:08:55 +0000
asID: 328732
IP address blocks: 102.221.216.0/22 maxlen: 24
2c0f:e9a8::/32 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1386 (0x56a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F365C79EAF
Validity
Not Before: Jan 20 22:08:55 2025 GMT
Not After : Jan 20 22:08:55 2026 GMT
Subject: CN=678d77fa-9748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a1:56:39:03:31:b3:44:6c:94:cb:25:53:51:
01:b6:ac:89:ed:99:fc:79:3d:b4:c3:32:4b:dc:b8:
b7:6c:dd:86:74:f1:a7:99:4b:54:35:c6:93:7e:93:
1d:f8:44:6c:68:3a:b4:fd:96:75:0e:fe:25:f1:a7:
86:50:60:0a:d3:e2:27:ee:ae:71:be:49:9f:1a:61:
ae:c9:51:b6:83:2b:10:3d:2d:4a:98:2d:e6:46:d1:
80:60:58:b7:53:df:12:a5:7c:8c:d1:70:41:8d:98:
83:8e:12:f8:9c:66:3e:7d:a5:f2:67:d1:6d:5c:51:
4c:30:44:de:f7:25:0e:59:92:62:7d:dc:bb:0e:17:
e4:dc:a5:fa:98:35:63:f6:03:0a:49:8c:a7:dc:05:
1f:0c:c1:19:4f:cc:1a:e6:32:b6:c6:d9:89:7e:04:
7d:2e:0f:b5:ca:74:44:dc:ef:f4:d8:19:ff:3f:df:
f3:be:9b:33:1b:f7:ee:6f:b5:de:ba:d2:3f:47:26:
cf:90:b7:b1:27:40:0e:e7:01:94:db:d5:e7:55:f6:
5c:99:93:f2:72:e5:d6:33:ff:a8:e3:e7:10:69:0b:
30:3a:f5:17:42:b8:8e:6c:60:95:3f:f5:3b:7d:66:
86:12:57:e7:8c:4b:18:ae:c0:1c:04:b6:43:f5:42:
e6:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:88:04:A9:C7:1C:20:A9:7A:BD:95:7C:80:9E:6D:2E:8A:56:71:EB
X509v3 Authority Key Identifier:
keyid:DD:74:99:A8:C8:C1:2A:B6:7E:15:EB:49:28:08:A6:92:ED:4B:59:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F365C79E/1FC34BE6BEDA11EB8F5CE243F8AEA228/3XSZqMjBKrZ-FetJKAimku1LWfQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/3XSZqMjBKrZ-FetJKAimku1LWfQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365C79E/1FC34BE6BEDA11EB8F5CE243F8AEA228/FB1FEEF4D6B111EF8099CF40762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.221.216.0/22
IPv6:
2c0f:e9a8::/32
Signature Algorithm: sha256WithRSAEncryption
b1:09:97:79:9e:01:0f:de:da:a6:67:0e:d9:9a:23:84:66:52:
43:32:ca:fb:82:12:c4:8f:e8:8f:50:d1:86:a5:f6:96:da:90:
70:7f:62:31:2e:8a:6f:0b:e4:a4:a6:c7:bc:f4:d6:c0:95:1e:
82:0e:0b:56:8f:5b:5d:90:b3:f5:6c:2f:64:c5:70:20:c8:13:
22:76:43:85:a1:ad:ed:2c:a7:b8:bf:ba:2b:3f:6c:56:20:55:
15:30:3e:ea:12:83:6b:88:43:f9:20:f6:85:be:86:36:74:d6:
e9:fa:7d:2c:44:8b:c1:b3:b2:0e:f9:32:df:c9:05:aa:a6:35:
63:8c:94:ef:bc:28:fb:23:31:d6:51:61:91:b5:f8:97:7b:67:
2d:8a:16:51:d1:0e:9f:46:6d:4c:65:9f:7a:e5:c8:59:b6:44:
ab:51:13:cc:5b:de:66:a1:82:a5:ca:7e:6c:66:a5:75:bd:d8:
3a:bc:f5:b3:e7:b4:7d:a5:c3:7a:97:de:ac:a0:d8:46:88:5c:
16:a2:ee:2c:14:b6:8b:ce:59:39:40:68:4f:67:3a:6e:da:58:
16:8b:dd:1e:42:46:7e:f5:59:99:01:2f:53:fd:29:f2:35:b0:
e9:ce:78:cc:02:d5:fc:6b:1d:b0:ed:8c:32:51:f7:aa:81:db:
ca:af:2c:a9
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICBWowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NUM3OUVBRjExMC8GA1UEBRMoREQ3NDk5QThDOEMxMkFCNjdFMTVFQjQ5MjgwOEE2
OTJFRDRCNTlGNDAeFw0yNTAxMjAyMjA4NTVaFw0yNjAxMjAyMjA4NTVaMBgxFjAU
BgNVBAMTDTY3OGQ3N2ZhLTk3NDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDfoVY5AzGzRGyUyyVTUQG2rIntmfx5PbTDMkvcuLds3YZ08aeZS1Q1xpN+
kx34RGxoOrT9lnUO/iXxp4ZQYArT4ifurnG+SZ8aYa7JUbaDKxA9LUqYLeZG0YBg
WLdT3xKlfIzRcEGNmIOOEvicZj59pfJn0W1cUUwwRN73JQ5ZkmJ93LsOF+TcpfqY
NWP2AwpJjKfcBR8MwRlPzBrmMrbG2Yl+BH0uD7XKdETc7/TYGf8/3/O+mzMb9+5v
td660j9HJs+Qt7EnQA7nAZTb1edV9lyZk/Jy5dYz/6jj5xBpCzA69RdCuI5sYJU/
9Tt9ZoYSV+eMSxiuwBwEtkP1QubBAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQU4ogE
qcccIKl6vZV8gJ5tLopWceswHwYDVR0jBBgwFoAU3XSZqMjBKrZ+FetJKAimku1L
WfQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjVDNzlFLzFGQzM0QkU2QkVEQTExRUI4RjVDRTI0M0Y4QUVBMjI4LzNYU1px
TWpCS3JaLUZldEpLQWlta3UxTFdmUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzNYU1pxTWpCS3JaLUZldEpLQWlta3UxTFdmUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjVDNzlFLzFGQzM0QkU2QkVEQTExRUI4RjVDRTI0M0Y4
QUVBMjI4L0ZCMUZFRUY0RDZCMTExRUY4MDk5Q0Y0MDc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJm3dgwDQQCAAIwBwMFACwP
6agwDQYJKoZIhvcNAQELBQADggEBALEJl3meAQ/e2qZnDtmaI4RmUkMyyvuCEsSP
6I9Q0Yal9pbakHB/YjEuim8L5KSmx7z01sCVHoIOC1aPW12Qs/VsL2TFcCDIEyJ2
Q4Whre0sp7i/uis/bFYgVRUwPuoSg2uIQ/kg9oW+hjZ01un6fSxEi8Gzsg75Mt/J
BaqmNWOMlO+8KPsjMdZRYZG1+Jd7Zy2KFlHRDp9GbUxln3rlyFm2RKtRE8xb3mah
gqXKfmxmpXW92Dq89bPntH2lw3qX3qyg2EaIXBai7iwUtovOWTlAaE9nOm7aWBaL
3R5CRn71WZkBL1P9KfI1sOnOeMwC1fxrHbDtjDJR96qB28qvLKk=
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:17:45 2025 by rpki-client