Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3DAD40FEE2CA11EFBF192F85762E951A.roa
File: 3DAD40FEE2CA11EFBF192F85762E951A.roa (raw, json)
Hash identifier: +kjTS2K02U1uRim142aTn0RMqACu9PuJc/DOoEjjAtY=
Subject key identifier: 14:37:5B:55:80:D9:9C:74:CA:7D:75:72:75:E2:CA:AA:C3:AA:9F:E4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01507A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3DAD40FEE2CA11EFBF192F85762E951A.roa
Signing time: Tue 04 Feb 2025 07:32:52 +0000
ROA not before: Tue 04 Feb 2025 07:32:48 +0000
ROA not after: Wed 30 Apr 2025 07:32:48 +0000
asID: 18229
IP address blocks: 154.206.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86138 (0x1507a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 4 07:32:48 2025 GMT
Not After : Apr 30 07:32:48 2025 GMT
Subject: CN=67a1c2a4-d78f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ce:85:36:8b:fa:36:58:46:c3:a6:9a:0b:11:
e6:84:57:8d:2e:4d:1a:94:3b:5e:11:eb:54:8c:ca:
a2:2f:7e:2f:70:a0:f5:38:16:95:ef:a0:ef:6f:54:
2d:be:c1:c8:ba:63:05:8c:a6:5b:28:6f:64:4b:c5:
4c:13:d6:2f:c4:97:88:f8:39:1f:60:02:72:04:5c:
b5:9c:59:71:6d:92:18:c9:1a:c0:2a:77:af:c1:88:
33:5e:9a:3d:f8:b4:9a:46:31:26:03:ba:ea:17:67:
ee:6b:0f:3c:32:7e:b2:66:d2:21:71:0b:e4:c5:9c:
25:d7:cc:37:5c:f1:c9:e2:22:a2:38:e8:81:28:39:
22:fa:33:32:19:33:99:20:70:98:9d:47:a3:0c:eb:
a1:94:3f:2a:45:bc:36:f2:3d:a5:e7:d7:ce:9d:ef:
35:65:97:26:56:4d:08:15:0a:44:bb:4c:40:f4:dd:
c9:26:1b:d9:dc:17:58:64:ab:1e:ee:ad:de:21:64:
4d:54:a8:56:0e:da:8e:35:48:88:e8:04:4e:02:a9:
18:e3:50:56:a3:e8:66:43:16:82:6d:c3:4c:a5:17:
10:70:f9:24:03:94:e3:fd:60:36:9a:8a:72:94:ac:
a7:5d:2f:f4:d7:2c:24:ef:cd:56:d5:73:0f:6d:d7:
4b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:37:5B:55:80:D9:9C:74:CA:7D:75:72:75:E2:CA:AA:C3:AA:9F:E4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3DAD40FEE2CA11EFBF192F85762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.23.0/24
Signature Algorithm: sha256WithRSAEncryption
29:89:98:11:67:80:c6:80:87:9b:1b:0b:60:ce:d7:27:fc:e9:
12:c8:ee:d3:3e:01:2d:34:46:48:3e:67:7a:8f:4b:50:54:1f:
3b:43:d9:37:61:61:26:20:5c:22:3f:2c:95:5f:b7:99:de:85:
4e:14:85:1f:76:54:f0:53:2f:0a:61:9d:30:e3:37:79:8c:f7:
c8:00:7b:37:08:ce:eb:07:b0:db:8c:9e:ca:5d:32:c5:64:5b:
e6:3f:5f:3f:17:ab:07:73:c2:44:7d:8d:22:1d:e7:1a:85:b1:
49:7f:65:2e:14:47:9a:a1:7a:a1:83:d1:2e:1e:b0:95:e2:cd:
b6:2c:b4:6c:8f:b6:0e:a5:b8:54:da:5a:20:19:55:f0:27:93:
20:77:1a:dc:38:b8:12:e8:d4:17:b9:5b:d7:dd:19:2c:53:ea:
2f:1f:bd:01:fe:29:86:33:e4:b3:73:cb:14:e6:23:92:a5:ca:
98:f8:f1:90:0b:d4:6c:6e:11:b6:0f:1b:21:f5:18:96:67:c6:
f4:a0:84:1a:73:0d:dc:d6:52:49:20:46:fb:9c:63:f2:37:4f:
46:22:5f:dc:82:2c:a6:01:46:af:18:af:fa:58:4a:3d:56:fb:
a8:2f:17:f0:55:6b:58:f2:a2:f2:a5:76:1d:33:02:17:7a:82:
24:9e:ba:85
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVB6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjA0MDczMjQ4WhcNMjUwNDMwMDczMjQ4WjAYMRYw
FAYDVQQDEw02N2ExYzJhNC1kNzhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2s6FNov6NlhGw6aaCxHmhFeNLk0alDteEetUjMqiL34vcKD1OBaV76Dv
b1QtvsHIumMFjKZbKG9kS8VME9YvxJeI+DkfYAJyBFy1nFlxbZIYyRrAKnevwYgz
Xpo9+LSaRjEmA7rqF2fuaw88Mn6yZtIhcQvkxZwl18w3XPHJ4iKiOOiBKDki+jMy
GTOZIHCYnUejDOuhlD8qRbw28j2l59fOne81ZZcmVk0IFQpEu0xA9N3JJhvZ3BdY
ZKse7q3eIWRNVKhWDtqONUiI6AROAqkY41BWo+hmQxaCbcNMpRcQcPkkA5Tj/WA2
mopylKynXS/01ywk781W1XMPbddLgQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBQ3
W1WA2Zx0yn11cnXiyqrDqp/kMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zREFENDBGRUUyQ0ExMUVGQkYxOTJGODU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms4XMA0GCSqGSIb3DQEB
CwUAA4IBAQApiZgRZ4DGgIebGwtgztcn/OkSyO7TPgEtNEZIPmd6j0tQVB87Q9k3
YWEmIFwiPyyVX7eZ3oVOFIUfdlTwUy8KYZ0w4zd5jPfIAHs3CM7rB7DbjJ7KXTLF
ZFvmP18/F6sHc8JEfY0iHecahbFJf2UuFEeaoXqhg9EuHrCV4s22LLRsj7YOpbhU
2logGVXwJ5MgdxrcOLgS6NQXuVvX3RksU+ovH70B/imGM+Szc8sU5iOSpcqY+PGQ
C9RsbhG2Dxsh9RiWZ8b0oIQacw3c1lJJIEb7nGPyN09GIl/cgiymAUavGK/6WEo9
VvuoLxfwVWtY8qLypXYdMwIXeoIknrqF
-----END CERTIFICATE-----
Generated at Thu Apr 10 23:50:36 2025 by rpki-client