Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EC29CF30C60511EFB3DCF84A762E951A.roa
File: EC29CF30C60511EFB3DCF84A762E951A.roa (raw, json)
Hash identifier: ULAVwRtEuAwe9w1b8TrlkoMDeug5y97aWVmkRj3Qsuc=
Subject key identifier: 7F:7D:3A:F4:05:DD:31:BC:E5:2C:97:8C:C2:C9:1F:EA:CB:04:62:F6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012E88
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EC29CF30C60511EFB3DCF84A762E951A.roa
Signing time: Sun 29 Dec 2024 16:57:01 +0000
ROA not before: Sun 29 Dec 2024 16:56:57 +0000
ROA not after: Sun 12 Dec 2027 16:56:57 +0000
asID: 17561
IP address blocks: 154.217.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77448 (0x12e88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 16:56:57 2024 GMT
Not After : Dec 12 16:56:57 2027 GMT
Subject: CN=67717f5d-8f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3c:c8:05:cb:a5:c8:74:18:59:6c:c7:ac:d2:
15:b4:09:dd:82:e8:2e:1d:d4:a3:5a:7e:d1:45:1d:
1d:7f:a7:f4:fa:db:fb:c7:45:4f:b3:17:f7:21:b9:
6c:e1:6f:37:cc:c6:da:e2:3a:81:c1:4f:84:6a:cb:
93:09:39:ca:cb:77:73:33:af:60:7d:65:16:24:32:
f2:82:37:03:1d:13:fc:43:83:ca:94:37:7a:ef:c7:
68:62:45:95:a2:80:f4:20:18:de:78:53:7d:23:a0:
c5:22:20:c4:87:33:6c:46:67:bb:2b:df:f1:aa:1b:
f4:ea:a5:5c:ff:3c:2a:58:03:30:d0:b6:a2:eb:e5:
59:26:51:4e:5e:63:0a:6a:8e:bf:33:15:b1:6c:a1:
8b:6e:06:e7:72:7a:62:7c:28:87:ae:1d:65:36:d0:
35:9d:a7:25:fe:6b:8c:43:d4:fa:21:ea:c2:66:5a:
8f:d2:10:ba:86:05:05:cb:53:fc:47:ae:dc:50:72:
0a:a5:35:c8:2c:d6:b5:ec:f3:71:d8:c9:9b:c7:ff:
20:3f:48:61:5a:03:53:38:aa:d2:50:13:5c:71:d8:
82:97:ee:46:6b:9b:b8:18:0d:88:df:48:82:06:00:
02:7c:15:77:b6:78:a1:d0:c3:70:e5:ef:7c:79:39:
7c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:7D:3A:F4:05:DD:31:BC:E5:2C:97:8C:C2:C9:1F:EA:CB:04:62:F6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EC29CF30C60511EFB3DCF84A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.39.0/24
Signature Algorithm: sha256WithRSAEncryption
38:f9:bf:ab:49:d7:b9:d2:1c:ed:f1:34:7f:b9:5f:21:f0:88:
75:06:44:a3:d8:84:83:01:9d:bd:3b:2a:b2:7a:8f:8e:dd:46:
97:2e:ae:a1:9b:ed:6d:1c:de:ff:1f:0d:1a:09:c0:f9:41:f0:
c9:36:53:62:c4:e2:a6:fa:fe:eb:9f:37:c5:50:80:d1:6e:f2:
a9:e6:aa:9f:67:af:30:56:bd:dc:31:f2:9c:5c:5c:13:eb:06:
e8:f3:bd:47:a4:89:90:2d:72:61:f7:e8:b9:99:78:e2:42:ae:
23:60:cc:23:cf:51:a3:4a:04:e4:56:50:07:7a:53:46:a9:6c:
c0:3d:e4:1c:8a:71:e6:be:71:b9:9d:75:3a:c0:0f:d4:0a:06:
fc:57:92:e6:38:92:1e:32:3b:f5:38:d8:dd:db:50:50:8f:78:
97:b3:06:46:31:3f:60:e0:31:dd:8b:bd:77:77:08:87:93:cc:
fb:7b:1a:45:d5:4e:c2:76:b5:10:31:92:7c:05:65:2f:d7:cc:
a4:39:2f:16:9f:e7:c2:c9:68:96:8b:d6:9f:3e:16:8d:73:d3:
79:c8:b1:59:fc:35:15:69:d9:c2:fa:19:78:63:b5:43:1c:09:
8e:d0:fb:e5:b2:40:da:d2:92:48:c3:25:ce:d5:3b:bf:44:ae:
2e:ed:dc:da
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS6IMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTY1NjU3WhcNMjcxMjEyMTY1NjU3WjAYMRYw
FAYDVQQDEw02NzcxN2Y1ZC04ZjRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtzzIBculyHQYWWzHrNIVtAndguguHdSjWn7RRR0df6f0+tv7x0VPsxf3
Ibls4W83zMba4jqBwU+EasuTCTnKy3dzM69gfWUWJDLygjcDHRP8Q4PKlDd678do
YkWVooD0IBjeeFN9I6DFIiDEhzNsRme7K9/xqhv06qVc/zwqWAMw0Lai6+VZJlFO
XmMKao6/MxWxbKGLbgbncnpifCiHrh1lNtA1nacl/muMQ9T6IerCZlqP0hC6hgUF
y1P8R67cUHIKpTXILNa17PNx2Mmbx/8gP0hhWgNTOKrSUBNccdiCl+5Ga5u4GA2I
30iCBgACfBV3tnih0MNw5e98eTl8IQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH99
OvQF3TG85SyXjMLJH+rLBGL2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FQzI5Q0YzMEM2MDUxMUVGQjNEQ0Y4NEE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtknMA0GCSqGSIb3DQEB
CwUAA4IBAQA4+b+rSde50hzt8TR/uV8h8Ih1BkSj2ISDAZ29Oyqyeo+O3UaXLq6h
m+1tHN7/Hw0aCcD5QfDJNlNixOKm+v7rnzfFUIDRbvKp5qqfZ68wVr3cMfKcXFwT
6wbo871HpImQLXJh9+i5mXjiQq4jYMwjz1GjSgTkVlAHelNGqWzAPeQcinHmvnG5
nXU6wA/UCgb8V5LmOJIeMjv1ONjd21BQj3iXswZGMT9g4DHdi713dwiHk8z7expF
1U7CdrUQMZJ8BWUv18ykOS8Wn+fCyWiWi9afPhaNc9N5yLFZ/DUVadnC+hl4Y7VD
HAmO0PvlskDa0pJIwyXO1Tu/RK4u7dza
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:53:33 2025 by rpki-client