Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3B056F4C60011EF85D4DAAA762E951A.roa
File: D3B056F4C60011EF85D4DAAA762E951A.roa (raw, json)
Hash identifier: V148iqNhIB3Xlq6UuGMTN17zuzaKB4kxglqeqpRcGOw=
Subject key identifier: A3:DB:96:8E:6A:6B:3D:1E:95:1E:B9:C3:63:88:0C:89:B1:D4:46:70
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012E5C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3B056F4C60011EF85D4DAAA762E951A.roa
Signing time: Sun 29 Dec 2024 16:20:33 +0000
ROA not before: Sun 29 Dec 2024 16:20:29 +0000
ROA not after: Sun 12 Dec 2027 16:20:29 +0000
asID: 17561
IP address blocks: 154.217.17.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77404 (0x12e5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 16:20:29 2024 GMT
Not After : Dec 12 16:20:29 2027 GMT
Subject: CN=677176d0-4f4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:bf:11:41:b4:a4:14:ae:b4:1f:be:7b:96:94:
72:e0:b9:2c:2e:cc:4b:a8:d4:e0:a2:3e:5e:50:b2:
98:d8:ca:01:cb:1a:10:ea:e4:28:1d:b7:5c:23:fe:
01:e8:6c:fb:7d:76:b2:77:e3:e0:42:26:a7:01:98:
38:cf:54:38:ca:31:2b:c7:c2:0d:1d:be:97:f0:6c:
f3:e2:c7:e2:48:a4:92:45:cf:92:6f:66:30:b4:ad:
3c:fe:0d:18:2d:dc:2f:5c:70:09:e2:0e:5b:d9:41:
57:a9:11:3b:e0:e6:3d:2a:f3:1c:96:64:d4:0a:1f:
25:a0:42:26:9e:59:cd:31:ff:1c:b8:25:64:db:4c:
51:97:a2:4e:87:92:ab:f4:d8:bb:0f:00:a0:ab:12:
a9:85:fd:be:78:e1:a2:e6:d6:ef:e9:69:0c:d5:20:
86:10:51:ee:f4:64:86:32:ad:d2:92:4d:08:f2:e1:
d3:40:59:f5:da:3d:f2:10:e5:8a:93:cf:2d:27:ba:
a1:18:97:c1:27:b9:a2:6f:ef:d8:d2:3c:ac:d2:a9:
1b:c4:06:79:b6:7f:40:6a:24:a9:73:f3:9a:21:69:
67:9f:80:e7:ad:2f:8b:2b:4c:7d:fc:84:32:4d:7a:
47:89:fd:5c:2c:07:cf:c4:3a:a7:89:24:0e:79:ad:
db:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:DB:96:8E:6A:6B:3D:1E:95:1E:B9:C3:63:88:0C:89:B1:D4:46:70
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3B056F4C60011EF85D4DAAA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.17.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:cd:f6:a7:29:0b:67:b3:1e:79:33:37:ec:3e:d2:06:8e:e7:
67:24:a7:47:11:d9:e5:53:30:63:23:90:0d:02:f4:9e:25:19:
19:c2:c3:ff:0b:d0:c0:59:87:f6:c1:f2:fc:b8:40:38:d1:6e:
72:92:89:6d:17:c1:7b:e3:cf:5e:4c:ad:c1:f2:43:d4:5c:27:
ba:6c:be:e4:40:08:e6:1f:da:21:c8:09:0f:38:fe:05:2e:6f:
ce:c2:ce:4f:6d:d3:eb:a4:5a:67:dd:18:48:fa:d7:96:e6:88:
b5:be:1d:e7:8e:d0:dc:1f:86:32:87:dc:a0:16:03:7c:42:4a:
51:b3:ae:97:06:c4:43:d3:71:41:1b:b6:91:9b:a7:9a:f2:29:
c0:74:78:6e:42:6d:e5:f3:9d:e4:80:6a:48:9f:d8:7b:19:be:
07:25:40:12:eb:a5:14:a0:35:95:bc:53:ca:9d:22:ba:f6:c3:
47:39:c1:da:15:ac:54:06:c2:c1:ae:e2:7e:34:3c:06:7b:28:
bf:ae:27:df:24:3d:1a:47:d6:4c:c5:eb:2a:90:70:0f:d3:cd:
b5:09:a3:f9:6d:5e:56:c1:47:5c:4f:32:9b:a9:07:43:3b:2b:
b1:49:a5:1c:11:39:39:0d:0e:c6:c8:5c:cd:28:38:b1:1d:5c:
e9:ce:db:1b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS5cMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTYyMDI5WhcNMjcxMjEyMTYyMDI5WjAYMRYw
FAYDVQQDEw02NzcxNzZkMC00ZjRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApr8RQbSkFK60H757lpRy4LksLsxLqNTgoj5eULKY2MoByxoQ6uQoHbdc
I/4B6Gz7fXayd+PgQianAZg4z1Q4yjErx8INHb6X8Gzz4sfiSKSSRc+Sb2YwtK08
/g0YLdwvXHAJ4g5b2UFXqRE74OY9KvMclmTUCh8loEImnlnNMf8cuCVk20xRl6JO
h5Kr9Ni7DwCgqxKphf2+eOGi5tbv6WkM1SCGEFHu9GSGMq3Skk0I8uHTQFn12j3y
EOWKk88tJ7qhGJfBJ7mib+/Y0jys0qkbxAZ5tn9AaiSpc/OaIWlnn4DnrS+LK0x9
/IQyTXpHif1cLAfPxDqniSQOea3bjwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKPb
lo5qaz0elR65w2OIDImx1EZwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EM0IwNTZGNEM2MDAxMUVGODVENERBQUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtkRMA0GCSqGSIb3DQEB
CwUAA4IBAQA7zfanKQtnsx55MzfsPtIGjudnJKdHEdnlUzBjI5ANAvSeJRkZwsP/
C9DAWYf2wfL8uEA40W5ykoltF8F7489eTK3B8kPUXCe6bL7kQAjmH9ohyAkPOP4F
Lm/Ows5PbdPrpFpn3RhI+teW5oi1vh3njtDcH4Yyh9ygFgN8QkpRs66XBsRD03FB
G7aRm6ea8inAdHhuQm3l853kgGpIn9h7Gb4HJUAS66UUoDWVvFPKnSK69sNHOcHa
FaxUBsLBruJ+NDwGeyi/riffJD0aR9ZMxesqkHAP0821CaP5bV5WwUdcTzKbqQdD
OyuxSaUcETk5DQ7GyFzNKDixHVzpztsb
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:08:04 2025 by rpki-client