Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A31C5/6F90618AAD7F11EFA5498697762E951A/7AE36338AD8011EF9210379E762E951A.roa
File: 7AE36338AD8011EF9210379E762E951A.roa (raw, json)
Hash identifier: XKLpYRyjT4GR/+JJ89LUWYlPWbTP8lT2SU+RbEft1XA=
Subject key identifier: E3:78:1E:6F:9B:B7:07:38:AC:D2:3E:9A:00:BB:16:1C:D2:A7:C0:EC
Certificate issuer: /CN=F36A31C5AF/serialNumber=8127744DA4EE003B29DE11034F72DEB8DFEC28FD
Certificate serial: 02
Authority key identifier: 81:27:74:4D:A4:EE:00:3B:29:DE:11:03:4F:72:DE:B8:DF:EC:28:FD
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/gSd0TaTuADsp3hEDT3LeuN_sKP0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A31C5/6F90618AAD7F11EFA5498697762E951A/7AE36338AD8011EF9210379E762E951A.roa
Signing time: Thu 28 Nov 2024 12:01:20 +0000
ROA not before: Thu 28 Nov 2024 12:01:10 +0000
ROA not after: Tue 28 Feb 2045 12:01:10 +0000
asID: 37063
IP address blocks: 41.77.72.0/21 maxlen: 24
41.191.76.0/22 maxlen: 24
102.219.72.0/23 maxlen: 24
154.0.128.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A31C5AF
Validity
Not Before: Nov 28 12:01:10 2024 GMT
Not After : Feb 28 12:01:10 2045 GMT
Subject: CN=67485b90-a044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:59:45:48:8f:2d:2a:66:10:94:d7:4a:dc:bd:
09:2c:2f:96:aa:c6:72:fc:60:65:01:93:b2:b1:34:
bf:ef:f0:af:3a:34:f7:3a:27:ce:ea:f5:c7:b9:73:
31:81:7d:a3:f5:72:2e:7f:ef:33:ed:db:01:32:be:
bf:a2:42:7b:89:86:82:5b:ae:2c:2f:c9:b4:b4:4e:
94:39:b8:60:0b:4f:42:74:09:00:c5:08:a4:27:05:
03:f1:6c:99:19:37:40:6e:83:1d:1d:18:02:7f:6e:
36:1e:e4:32:f9:b3:89:86:67:96:14:be:20:74:9f:
ef:d2:ae:04:3b:43:a9:1f:b9:32:2f:d0:07:0f:ba:
42:1e:e0:53:de:17:b6:81:82:ac:e4:0a:e2:de:86:
27:b4:9d:77:e0:f0:da:29:13:55:e5:1a:92:5e:d1:
b9:50:68:74:5a:2a:4b:19:2e:cf:a6:44:ce:a5:69:
80:3c:3b:6b:6a:8c:7f:a3:9f:6f:aa:76:99:3a:5d:
21:4a:66:03:ec:46:af:d4:3f:fb:7b:61:1c:2b:7e:
f1:48:51:1b:1f:c5:b6:a3:33:ab:f2:a6:55:92:e4:
86:f8:e7:4f:81:75:98:be:aa:db:93:b5:6d:c6:60:
c3:9a:b5:d8:0f:af:60:09:14:71:09:12:d3:01:b3:
a0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:78:1E:6F:9B:B7:07:38:AC:D2:3E:9A:00:BB:16:1C:D2:A7:C0:EC
X509v3 Authority Key Identifier:
keyid:81:27:74:4D:A4:EE:00:3B:29:DE:11:03:4F:72:DE:B8:DF:EC:28:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A31C5/6F90618AAD7F11EFA5498697762E951A/gSd0TaTuADsp3hEDT3LeuN_sKP0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gSd0TaTuADsp3hEDT3LeuN_sKP0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A31C5/6F90618AAD7F11EFA5498697762E951A/7AE36338AD8011EF9210379E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.77.72.0/21
41.191.76.0/22
102.219.72.0/23
154.0.128.0/20
Signature Algorithm: sha256WithRSAEncryption
8a:f4:ac:f2:29:8b:e7:22:c6:7f:87:1f:39:ae:b6:aa:f8:25:
87:03:cc:56:a4:5a:4f:9a:ac:a6:00:b9:f3:f8:15:9c:33:98:
76:47:65:02:6b:41:a5:e1:b5:87:38:64:27:97:44:e5:c9:19:
cf:dd:b1:4f:e2:f7:49:95:de:b1:e7:de:7d:cd:24:83:d8:46:
9e:53:ed:72:6a:df:44:da:5e:24:33:69:7b:dd:f3:51:04:43:
a4:9e:23:97:5e:9c:82:34:13:49:56:58:22:1c:a0:e5:05:bc:
43:61:62:21:5b:bb:39:83:e5:4a:77:e2:bb:24:bb:51:b6:50:
64:0d:dd:33:9f:31:ac:5e:00:e0:05:8b:e7:fc:e0:ad:da:67:
8b:3d:b0:53:f5:f9:d2:b6:97:70:15:c5:b6:56:dd:9c:bb:cc:
90:ca:53:b4:fe:74:68:bb:3c:b6:46:a8:0d:d9:9b:f6:bd:1c:
49:06:f3:76:b0:36:17:b3:e4:aa:7e:6b:e5:76:d6:57:b9:60:
fb:50:67:79:45:5b:c6:35:0b:fe:d3:f4:d7:68:8a:31:f3:84:
d7:dd:14:84:2d:d6:f2:c1:6c:6d:73:7f:7f:a9:70:6a:fa:f3:
82:fe:0b:fb:d3:e9:04:d6:c8:9e:db:2f:49:aa:02:e9:7f:2a:
cb:77:15:44
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
MzFDNUFGMTEwLwYDVQQFEyg4MTI3NzQ0REE0RUUwMDNCMjlERTExMDM0RjcyREVC
OERGRUMyOEZEMB4XDTI0MTEyODEyMDExMFoXDTQ1MDIyODEyMDExMFowGDEWMBQG
A1UEAxMNNjc0ODViOTAtYTA0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKdZRUiPLSpmEJTXSty9CSwvlqrGcvxgZQGTsrE0v+/wrzo09zonzur1x7lz
MYF9o/VyLn/vM+3bATK+v6JCe4mGgluuLC/JtLROlDm4YAtPQnQJAMUIpCcFA/Fs
mRk3QG6DHR0YAn9uNh7kMvmziYZnlhS+IHSf79KuBDtDqR+5Mi/QBw+6Qh7gU94X
toGCrOQK4t6GJ7Sdd+Dw2ikTVeUakl7RuVBodFoqSxkuz6ZEzqVpgDw7a2qMf6Of
b6p2mTpdIUpmA+xGr9Q/+3thHCt+8UhRGx/FtqMzq/KmVZLkhvjnT4F1mL6q25O1
bcZgw5q12A+vYAkUcQkS0wGzoLECAwEAAaOCArcwggKzMB0GA1UdDgQWBBTjeB5v
m7cHOKzSPpoAuxYc0qfA7DAfBgNVHSMEGDAWgBSBJ3RNpO4AOyneEQNPct643+wo
/TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTMxQzUvNkY5MDYxOEFBRDdGMTFFRkE1NDk4Njk3NzYyRTk1MUEvZ1NkMFRh
VHVBRHNwM2hFRFQzTGV1Tl9zS1AwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZ1NkMFRhVHVBRHNwM2hFRFQzTGV1Tl9zS1AwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTMxQzUvNkY5MDYxOEFBRDdGMTFFRkE1NDk4Njk3NzYy
RTk1MUEvN0FFMzYzMzhBRDgwMTFFRjkyMTAzNzlFNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAylNSAMEAim/TAMEAWbbSAME
BJoAgDANBgkqhkiG9w0BAQsFAAOCAQEAivSs8imL5yLGf4cfOa62qvglhwPMVqRa
T5qspgC58/gVnDOYdkdlAmtBpeG1hzhkJ5dE5ckZz92xT+L3SZXesefefc0kg9hG
nlPtcmrfRNpeJDNpe93zUQRDpJ4jl16cgjQTSVZYIhyg5QW8Q2FiIVu7OYPlSnfi
uyS7UbZQZA3dM58xrF4A4AWL5/zgrdpniz2wU/X50raXcBXFtlbdnLvMkMpTtP50
aLs8tkaoDdmb9r0cSQbzdrA2F7Pkqn5r5XbWV7lg+1BneUVbxjUL/tP012iKMfOE
190UhC3W8sFsbXN/f6lwavrzgv4L+9PpBNbIntsvSaoC6X8qy3cVRA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:59:12 2025 by rpki-client