Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/039A6858BEDD11EFBFC27968762E951A.roa
File: 039A6858BEDD11EFBFC27968762E951A.roa (raw, json)
Hash identifier: 1eWnhXc4u5ev90/QDtixUMmF0XHzXugnI7THMwundYo=
Subject key identifier: B5:D6:36:75:2B:C4:2B:FF:9F:D2:71:90:09:5E:49:52:4F:C1:8E:69
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011D36
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/039A6858BEDD11EFBFC27968762E951A.roa
Signing time: Fri 20 Dec 2024 14:16:33 +0000
ROA not before: Fri 20 Dec 2024 14:16:29 +0000
ROA not after: Wed 25 Jun 2025 14:16:29 +0000
asID: 400619
IP address blocks: 154.84.48.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73014 (0x11d36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 20 14:16:29 2024 GMT
Not After : Jun 25 14:16:29 2025 GMT
Subject: CN=67657c41-4f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:fb:03:47:d7:ed:43:4f:fb:e7:d7:ef:df:d0:
46:72:12:9a:b6:de:ed:ec:b1:96:82:5b:20:1c:07:
89:cd:3b:da:d9:83:fe:89:8e:33:cf:9d:ef:9a:f4:
8e:13:70:1e:85:62:12:24:5c:e1:4e:00:ba:a6:cc:
19:2f:a0:a0:e9:0f:40:05:e8:da:c8:15:8b:f5:59:
b7:d1:23:ce:92:88:5d:13:35:39:5f:ce:ed:cf:ec:
68:53:d9:64:54:03:41:f8:ae:fa:35:2e:8e:31:43:
b5:aa:4f:e0:45:ec:83:d3:3a:3b:e5:30:ad:81:21:
1d:29:86:34:57:4a:92:a6:cd:82:8f:02:78:d3:5c:
6c:06:be:ec:f0:f9:d4:64:11:3e:20:1a:8b:40:d6:
01:83:0e:7c:d4:09:08:8b:2b:a3:fd:ef:12:6e:af:
38:5d:73:9e:f7:ed:94:97:ad:70:5f:c0:9d:e5:3f:
e7:62:2b:bd:f5:71:0e:69:27:89:cd:b9:cb:74:a5:
d9:3c:1e:84:87:04:dd:56:8f:11:84:89:74:88:d9:
2b:39:ae:92:24:69:18:09:4e:c6:1d:f1:ed:9e:ed:
f2:37:f2:66:0c:03:4a:26:7e:70:99:ec:eb:05:57:
b3:14:c3:80:ab:50:61:83:fe:86:aa:4d:8c:10:12:
3a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:D6:36:75:2B:C4:2B:FF:9F:D2:71:90:09:5E:49:52:4F:C1:8E:69
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/039A6858BEDD11EFBFC27968762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.48.0/21
Signature Algorithm: sha256WithRSAEncryption
2d:0f:0f:d4:94:80:10:1a:ba:c8:c3:69:48:39:ad:fd:53:24:
f3:d4:ff:ef:cf:52:5a:7c:f2:56:93:c6:ba:2b:f6:8d:23:9f:
64:46:cd:bf:bc:a2:27:c0:58:b7:39:90:ad:0f:ed:bf:91:dc:
5e:80:4e:69:10:a4:29:45:6f:fe:fd:e8:ff:e3:62:c9:15:bc:
bf:8d:56:a1:5a:3f:dd:94:fc:a2:dd:84:aa:bf:15:ec:63:b4:
94:21:18:5f:3a:57:71:5c:ec:f4:3a:33:f9:78:e2:e9:1b:59:
bf:8b:30:e2:0f:d1:52:1d:47:cb:d8:e8:48:4e:a5:b3:4b:12:
ff:d0:26:3b:0b:d9:fb:54:b0:46:b6:7f:72:a3:ed:00:5c:bc:
79:2d:2f:18:25:42:7d:a4:e8:02:e2:97:65:74:91:db:85:78:
1a:ec:fe:00:7c:e7:8a:36:83:1b:8a:b4:3e:b0:2e:92:3e:51:
9d:b2:54:29:69:11:62:46:57:f6:d3:4a:ab:b8:78:a8:29:4e:
ea:df:41:60:4c:08:6e:36:4a:bd:c8:55:56:c2:f5:28:36:4f:
df:b6:db:30:f9:93:54:07:31:a5:1c:e3:5b:ac:bf:87:aa:6f:
6d:da:66:86:8f:ca:c9:04:82:15:46:16:ec:fd:8f:82:37:a1:
00:bd:7e:66
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR02MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIwMTQxNjI5WhcNMjUwNjI1MTQxNjI5WjAYMRYw
FAYDVQQDEw02NzY1N2M0MS00ZjRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3PsDR9ftQ0/759fv39BGchKatt7t7LGWglsgHAeJzTva2YP+iY4zz53v
mvSOE3AehWISJFzhTgC6pswZL6Cg6Q9ABejayBWL9Vm30SPOkohdEzU5X87tz+xo
U9lkVANB+K76NS6OMUO1qk/gReyD0zo75TCtgSEdKYY0V0qSps2CjwJ401xsBr7s
8PnUZBE+IBqLQNYBgw581AkIiyuj/e8Sbq84XXOe9+2Ul61wX8Cd5T/nYiu99XEO
aSeJzbnLdKXZPB6EhwTdVo8RhIl0iNkrOa6SJGkYCU7GHfHtnu3yN/JmDANKJn5w
mezrBVezFMOAq1Bhg/6Gqk2MEBI6AQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLXW
NnUrxCv/n9JxkAleSVJPwY5pMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMzlBNjg1OEJFREQxMUVGQkZDMjc5Njg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmlQwMA0GCSqGSIb3DQEB
CwUAA4IBAQAtDw/UlIAQGrrIw2lIOa39UyTz1P/vz1JafPJWk8a6K/aNI59kRs2/
vKInwFi3OZCtD+2/kdxegE5pEKQpRW/+/ej/42LJFby/jVahWj/dlPyi3YSqvxXs
Y7SUIRhfOldxXOz0OjP5eOLpG1m/izDiD9FSHUfL2OhITqWzSxL/0CY7C9n7VLBG
tn9yo+0AXLx5LS8YJUJ9pOgC4pdldJHbhXga7P4AfOeKNoMbirQ+sC6SPlGdslQp
aRFiRlf200qruHioKU7q30FgTAhuNkq9yFVWwvUoNk/fttsw+ZNUBzGlHONbrL+H
qm9t2maGj8rJBIIVRhbs/Y+CN6EAvX5m
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:38:00 2025 by rpki-client