Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20B1CAAAF35611EFAC110484762E951A.roa
File: 20B1CAAAF35611EFAC110484762E951A.roa (raw, json)
Hash identifier: kHPtPHu4zjW3FIDAYBA5QsSU3oiWfNPO/h+b2qfAnPY=
Subject key identifier: 95:94:69:98:99:93:AA:99:9C:16:D6:A5:A3:45:44:FD:11:71:11:A2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015DCA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20B1CAAAF35611EFAC110484762E951A.roa
Signing time: Tue 25 Feb 2025 08:54:31 +0000
ROA not before: Tue 25 Feb 2025 08:54:28 +0000
ROA not after: Mon 07 Apr 2025 08:54:28 +0000
asID: 63139
IP address blocks: 154.223.36.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89546 (0x15dca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 25 08:54:28 2025 GMT
Not After : Apr 7 08:54:28 2025 GMT
Subject: CN=67bd8547-652c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:38:91:83:13:f1:bd:7f:38:cb:bd:cf:6c:1d:
fc:c6:f5:19:b3:74:4b:6e:c5:4b:3a:06:bd:f8:42:
c5:a8:da:8c:9c:b4:23:e6:ee:7a:40:e9:ca:ed:1b:
cb:b4:35:2b:65:76:cb:72:75:38:b1:41:5b:1b:16:
fa:26:98:ec:ff:b2:d4:d2:fb:78:76:fb:f3:dd:57:
0e:61:7a:ad:c1:ed:07:52:ce:82:02:d5:c6:a2:2c:
b2:14:98:67:f1:4b:c0:76:12:48:e5:e5:45:ff:7e:
f1:ac:67:1f:f5:6a:58:66:68:1a:d3:b8:44:bd:9f:
50:22:73:f9:c1:60:65:96:ad:87:39:28:5c:c0:4d:
5a:8e:d0:8c:fe:9d:97:08:fb:56:6a:e9:dc:5a:b6:
3d:f2:17:da:db:24:0e:b3:21:c2:dc:84:fc:97:c9:
a7:4c:d6:40:af:21:51:c5:3c:f3:ec:7e:1e:00:c6:
03:eb:c3:97:38:9a:70:e8:65:83:f6:e9:f6:17:2c:
1e:06:67:c5:e5:93:fe:61:64:ad:63:3b:ac:47:e1:
eb:92:55:54:ba:3c:33:36:c8:10:73:47:5e:81:46:
e0:69:e7:3d:43:44:88:53:0e:d0:c5:32:fe:39:fd:
4a:aa:96:fc:dc:2c:43:e8:0d:65:c6:22:80:81:ed:
f0:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:94:69:98:99:93:AA:99:9C:16:D6:A5:A3:45:44:FD:11:71:11:A2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20B1CAAAF35611EFAC110484762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.36.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:2a:7e:f8:b7:a7:62:44:08:8c:a6:03:ef:a5:de:4d:fd:34:
d5:90:38:27:bc:36:9c:69:a6:47:d9:1e:14:74:f4:7c:5f:ad:
79:33:13:b8:d0:10:15:7e:96:aa:32:25:fb:8f:d8:d8:94:f0:
25:09:63:e8:c2:a0:0f:94:01:d1:23:24:5b:ff:41:6e:dd:87:
88:32:86:fb:a1:4e:b0:35:0d:c4:f6:30:c0:03:d9:07:d4:5c:
ca:05:d7:40:a8:e1:2e:d6:94:f8:27:83:b2:48:3a:87:58:8a:
97:1e:26:ba:6e:1f:c5:eb:37:14:6c:c9:81:1a:2c:40:cc:ee:
7c:9c:67:4f:65:5c:2c:7d:f4:1f:0a:a0:24:5b:94:8b:6e:34:
7d:d9:e9:37:46:b4:50:21:ff:6a:2e:de:a1:17:cf:71:f4:ef:
c1:44:13:60:13:1f:b6:3c:09:55:22:83:95:89:03:4d:07:d4:
c5:3a:57:ee:24:bf:86:2e:ca:eb:b8:e3:27:6c:1f:3a:1d:75:
dd:fd:44:e9:2a:0a:f8:a9:ec:d7:a5:45:c2:b6:b8:7f:fd:4c:
36:a9:e9:44:7c:7b:3b:98:c8:52:82:2d:50:50:32:3a:36:e9:
01:e4:24:23:b3:4a:21:24:44:6c:0d:3d:62:26:4a:4a:ca:bb:
67:fb:02:5f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAV3KMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI1MDg1NDI4WhcNMjUwNDA3MDg1NDI4WjAYMRYw
FAYDVQQDEw02N2JkODU0Ny02NTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApziRgxPxvX84y73PbB38xvUZs3RLbsVLOga9+ELFqNqMnLQj5u56QOnK
7RvLtDUrZXbLcnU4sUFbGxb6Jpjs/7LU0vt4dvvz3VcOYXqtwe0HUs6CAtXGoiyy
FJhn8UvAdhJI5eVF/37xrGcf9WpYZmga07hEvZ9QInP5wWBllq2HOShcwE1ajtCM
/p2XCPtWauncWrY98hfa2yQOsyHC3IT8l8mnTNZAryFRxTzz7H4eAMYD68OXOJpw
6GWD9un2FyweBmfF5ZP+YWStYzusR+HrklVUujwzNsgQc0degUbgaec9Q0SIUw7Q
xTL+Of1Kqpb83CxD6A1lxiKAge3wKQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJWU
aZiZk6qZnBbWpaNFRP0RcRGiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMEIxQ0FBQUYzNTYxMUVGQUMxMTA0ODQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt8kMA0GCSqGSIb3DQEB
CwUAA4IBAQAMKn74t6diRAiMpgPvpd5N/TTVkDgnvDacaaZH2R4UdPR8X615MxO4
0BAVfpaqMiX7j9jYlPAlCWPowqAPlAHRIyRb/0Fu3YeIMob7oU6wNQ3E9jDAA9kH
1FzKBddAqOEu1pT4J4OySDqHWIqXHia6bh/F6zcUbMmBGixAzO58nGdPZVwsffQf
CqAkW5SLbjR92ek3RrRQIf9qLt6hF89x9O/BRBNgEx+2PAlVIoOViQNNB9TFOlfu
JL+GLsrruOMnbB86HXXd/UTpKgr4qezXpUXCtrh//Uw2qelEfHs7mMhSgi1QUDI6
NukB5CQjs0ohJERsDT1iJkpKyrtn+wJf
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:07 2025 by rpki-client