Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A302947AF34D11EFA8122F4B762E951A.roa
File: A302947AF34D11EFA8122F4B762E951A.roa (raw, json)
Hash identifier: sSepTvFvffV6OAUCHlcKOaFgsu4T7QhcYGRf8aRfV2E=
Subject key identifier: B3:3E:B1:C8:12:6A:29:04:C6:D4:EC:17:06:F5:6A:AE:10:BF:8D:8E
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1A1D
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A302947AF34D11EFA8122F4B762E951A.roa
Signing time: Tue 25 Feb 2025 07:53:44 +0000
ROA not before: Tue 25 Feb 2025 07:53:41 +0000
ROA not after: Thu 25 Feb 2027 07:53:41 +0000
asID: 396356
IP address blocks: 154.16.157.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6685 (0x1a1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Feb 25 07:53:41 2025 GMT
Not After : Feb 25 07:53:41 2027 GMT
Subject: CN=67bd7708-f8be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f7:c7:c0:47:a8:da:26:ee:94:fc:10:09:a4:
0a:ec:94:c6:6b:d4:31:c2:83:c4:6e:31:d2:76:95:
28:c3:1d:59:cf:f2:6b:e5:d2:b4:10:21:88:8b:48:
1d:a3:c9:8e:ad:73:9c:36:8f:e0:6b:cf:c6:9c:43:
0f:3c:7b:8f:dd:cb:7b:6d:df:9e:c4:ff:d5:d1:e9:
a0:c2:fd:80:4f:b2:ea:b4:60:1f:be:cc:b0:27:c6:
75:ac:e0:4a:1b:3f:72:cb:a8:68:7e:a5:51:10:17:
f1:42:43:6e:d2:d2:c0:cb:44:04:96:35:05:e9:65:
61:38:6a:cd:37:88:03:fd:bb:4c:ab:2d:c3:b2:50:
cb:1b:59:b5:0f:e2:57:41:d7:01:be:d8:df:04:6b:
d6:cd:54:c6:01:8a:55:e1:cb:e4:0b:44:10:51:c9:
84:9e:fc:d0:90:01:64:87:15:42:de:2a:1a:d0:14:
9a:0f:71:ce:b7:b6:25:77:88:b8:00:12:b3:fa:9e:
ce:31:22:ab:94:77:97:80:dd:4e:cc:00:38:e8:db:
60:42:59:01:90:f0:33:d4:1d:b3:fe:ee:bb:89:e0:
d2:94:c5:59:94:ff:a3:4d:e7:e6:e0:b4:9c:3d:66:
c3:20:0f:53:1b:a2:3c:03:f8:86:60:f9:ab:c9:19:
5d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:3E:B1:C8:12:6A:29:04:C6:D4:EC:17:06:F5:6A:AE:10:BF:8D:8E
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A302947AF34D11EFA8122F4B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.157.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:5e:0e:02:c6:fd:58:d0:32:e4:63:5a:7f:ea:0a:98:22:44:
d0:74:5c:2b:b4:79:6c:b9:8a:54:37:cf:ed:3a:9e:e9:a4:24:
94:34:00:59:5a:6d:48:f6:9b:36:15:fc:62:aa:51:6f:ab:a4:
f9:3c:61:e1:e1:ce:99:01:c0:9e:f3:d1:42:32:55:83:d9:71:
28:8d:37:4b:dd:37:44:37:3c:91:2a:35:c7:d9:ae:56:58:0f:
3d:b0:90:46:64:a6:4c:73:8c:a7:56:a6:48:8c:0a:02:d3:a6:
d4:6b:39:c9:bc:02:f7:0c:28:8e:35:1e:a1:b8:67:c4:55:a6:
94:ac:10:2e:09:ae:79:95:0a:93:5b:c8:4d:0e:98:6e:58:72:
23:d0:d7:60:63:ff:60:e6:c5:93:90:3a:56:35:c3:2e:c8:71:
6a:d0:8b:4c:1a:cd:65:69:25:31:72:90:08:8f:81:d0:f5:89:
90:5e:26:82:d6:02:6c:d0:3a:6e:13:e2:03:11:ac:d0:3a:16:
c7:20:fd:de:4f:ea:6a:15:6b:03:85:79:07:fb:3e:a0:a2:7f:
c0:ed:02:0e:92:f1:88:e3:7b:5a:a0:eb:b1:74:71:31:c7:16:
4c:12:cf:91:34:43:d3:dc:37:bd:88:c6:26:3e:2a:eb:86:5e:
13:83:91:a4
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGh0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTAyMjUwNzUzNDFaFw0yNzAyMjUwNzUzNDFaMBgxFjAU
BgNVBAMTDTY3YmQ3NzA4LWY4YmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCn98fAR6jaJu6U/BAJpArslMZr1DHCg8RuMdJ2lSjDHVnP8mvl0rQQIYiL
SB2jyY6tc5w2j+Brz8acQw88e4/dy3tt357E/9XR6aDC/YBPsuq0YB++zLAnxnWs
4EobP3LLqGh+pVEQF/FCQ27S0sDLRASWNQXpZWE4as03iAP9u0yrLcOyUMsbWbUP
4ldB1wG+2N8Ea9bNVMYBilXhy+QLRBBRyYSe/NCQAWSHFULeKhrQFJoPcc63tiV3
iLgAErP6ns4xIquUd5eA3U7MADjo22BCWQGQ8DPUHbP+7ruJ4NKUxVmU/6NN5+bg
tJw9ZsMgD1MbojwD+IZg+avJGV2vAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUsz6x
yBJqKQTG1OwXBvVqrhC/jY4wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0EzMDI5NDdBRjM0RDExRUZBODEyMkY0Qjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEJ0wDQYJKoZIhvcNAQEL
BQADggEBAF9eDgLG/VjQMuRjWn/qCpgiRNB0XCu0eWy5ilQ3z+06numkJJQ0AFla
bUj2mzYV/GKqUW+rpPk8YeHhzpkBwJ7z0UIyVYPZcSiNN0vdN0Q3PJEqNcfZrlZY
Dz2wkEZkpkxzjKdWpkiMCgLTptRrOcm8AvcMKI41HqG4Z8RVppSsEC4JrnmVCpNb
yE0OmG5YciPQ12Bj/2DmxZOQOlY1wy7IcWrQi0wazWVpJTFykAiPgdD1iZBeJoLW
AmzQOm4T4gMRrNA6Fscg/d5P6moVawOFeQf7PqCif8DtAg6S8Yjje1qg67F0cTHH
FkwSz5E0Q9PcN72IxiY+KuuGXhODkaQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:14:53 2025 by rpki-client