Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/324868B2C92311EFB1D9E998762E951A.roa
File: 324868B2C92311EFB1D9E998762E951A.roa (raw, json)
Hash identifier: MNT0kYpqA8oIP4EI2v0ysQBEVO/YkXFo+vA2XrrgdXE=
Subject key identifier: A2:D9:4C:9E:99:0A:8D:57:F0:5D:29:43:AD:95:DC:63:57:91:DF:86
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01333D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/324868B2C92311EFB1D9E998762E951A.roa
Signing time: Thu 02 Jan 2025 16:04:08 +0000
ROA not before: Thu 02 Jan 2025 16:04:04 +0000
ROA not after: Mon 13 Dec 2027 16:04:04 +0000
asID: 17561
IP address blocks: 154.222.100.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78653 (0x1333d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 16:04:04 2025 GMT
Not After : Dec 13 16:04:04 2027 GMT
Subject: CN=6776b8f8-8f7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a1:ab:48:71:1d:5c:4c:3b:3a:f6:57:3f:2d:
b8:76:cf:ad:2b:a1:6e:39:47:c3:87:42:7b:e6:f0:
02:2e:47:29:18:46:81:99:71:f4:ea:48:87:c3:01:
24:56:fd:34:d6:5e:ea:bf:08:c2:cc:49:76:36:98:
a1:da:79:b9:88:8e:bb:6b:f3:87:d4:eb:91:98:f6:
82:b4:1f:ac:a1:a4:ce:37:fb:60:37:a7:7e:8a:7b:
b1:5d:d5:ad:44:8a:c9:db:09:09:ba:30:b0:4f:77:
83:85:2b:7a:50:f8:c3:52:b6:55:e6:4a:37:84:cc:
5f:ff:b4:ac:0e:83:2f:aa:8d:50:71:45:ba:40:5b:
21:94:39:77:1f:a0:f3:81:98:4a:cd:06:87:9a:f7:
f5:b8:9c:a9:db:28:02:00:5a:35:60:bf:f7:66:c2:
11:a2:e8:1e:39:e3:39:ba:be:7d:d9:89:98:00:d6:
01:c8:c9:51:4c:37:b5:81:e5:ff:4d:ea:3b:a6:63:
3c:22:cc:f9:a5:96:23:70:92:5d:26:ff:68:65:06:
ed:1c:c2:da:b4:31:6a:b9:fd:c7:7c:e5:a2:87:5c:
76:04:95:2f:c1:bf:3b:2f:cc:d5:d9:bf:64:f6:ad:
7f:6e:72:80:d3:0c:c8:4e:68:8e:31:53:35:7b:0d:
9d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D9:4C:9E:99:0A:8D:57:F0:5D:29:43:AD:95:DC:63:57:91:DF:86
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/324868B2C92311EFB1D9E998762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.100.0/24
Signature Algorithm: sha256WithRSAEncryption
98:dc:98:26:ae:64:3f:19:1a:08:3d:b3:73:91:e2:86:43:a5:
07:ad:5e:6a:93:1f:45:91:3b:17:15:88:31:30:c2:21:df:0f:
d8:1a:57:0e:e9:48:e5:56:01:0b:cb:4c:f4:59:e0:74:20:47:
70:f2:6e:ac:32:95:6f:24:66:24:90:f2:f4:d1:6e:47:ab:29:
d2:0c:bc:80:df:ea:24:50:33:99:ee:03:a7:46:ec:4d:e3:f8:
09:45:d4:6d:f2:f6:63:61:fa:95:0d:45:4e:ae:b2:38:b4:07:
0b:9f:f3:d9:18:a9:7a:e5:1e:5f:44:95:51:e8:3e:76:11:47:
43:84:a0:7b:5e:00:a5:4d:05:b9:27:23:c9:3d:02:e2:3f:f3:
ae:ae:cf:45:ae:48:0f:ef:95:ae:06:75:ae:31:b6:49:c7:8d:
3c:96:52:0c:ce:52:dd:de:df:f1:78:27:f6:3d:45:5d:4e:16:
85:37:47:90:20:f7:83:98:2a:68:55:ff:1a:de:03:f1:05:a5:
e2:f3:a3:98:bf:45:eb:3a:20:86:6a:3c:35:42:5b:a5:a5:65:
41:83:99:71:10:cb:cb:24:e6:8e:10:5f:60:09:a6:49:a5:09:
ba:c3:f8:a6:b4:83:70:f8:7f:d6:28:0e:39:c2:81:ea:ff:93:
38:fb:5b:a1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATM9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTYwNDA0WhcNMjcxMjEzMTYwNDA0WjAYMRYw
FAYDVQQDEw02Nzc2YjhmOC04ZjdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs6GrSHEdXEw7OvZXPy24ds+tK6FuOUfDh0J75vACLkcpGEaBmXH06kiH
wwEkVv001l7qvwjCzEl2Npih2nm5iI67a/OH1OuRmPaCtB+soaTON/tgN6d+inux
XdWtRIrJ2wkJujCwT3eDhSt6UPjDUrZV5ko3hMxf/7SsDoMvqo1QcUW6QFshlDl3
H6DzgZhKzQaHmvf1uJyp2ygCAFo1YL/3ZsIRougeOeM5ur592YmYANYByMlRTDe1
geX/Teo7pmM8Isz5pZYjcJJdJv9oZQbtHMLatDFquf3HfOWih1x2BJUvwb87L8zV
2b9k9q1/bnKA0wzITmiOMVM1ew2diwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKLZ
TJ6ZCo1X8F0pQ62V3GNXkd+GMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMjQ4NjhCMkM5MjMxMUVGQjFEOUU5OTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt5kMA0GCSqGSIb3DQEB
CwUAA4IBAQCY3JgmrmQ/GRoIPbNzkeKGQ6UHrV5qkx9FkTsXFYgxMMIh3w/YGlcO
6UjlVgELy0z0WeB0IEdw8m6sMpVvJGYkkPL00W5HqynSDLyA3+okUDOZ7gOnRuxN
4/gJRdRt8vZjYfqVDUVOrrI4tAcLn/PZGKl65R5fRJVR6D52EUdDhKB7XgClTQW5
JyPJPQLiP/Ours9FrkgP75WuBnWuMbZJx408llIMzlLd3t/xeCf2PUVdThaFN0eQ
IPeDmCpoVf8a3gPxBaXi86OYv0XrOiCGajw1QlulpWVBg5lxEMvLJOaOEF9gCaZJ
pQm6w/imtINw+H/WKA45woHq/5M4+1uh
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:39:34 2025 by rpki-client