Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A854F/5E87C042B73411EDA8D4CCA4F1222468/A9E7538EAB1D11EFB72C5097762E951A.roa
File: A9E7538EAB1D11EFB72C5097762E951A.roa (raw, json)
Hash identifier: NqKCl3kb9xNr163sdOFgQlxzsCzuZMnHtHlXrjU7kb8=
Subject key identifier: A9:4B:CF:E3:23:96:B0:AC:2A:E2:E5:4A:5D:05:16:C9:5E:5D:E0:1A
Certificate issuer: /CN=F36A854FAF/serialNumber=8BE4035BEBC9C83428B5A27BE85BAC966D76E5CB
Certificate serial: 029B
Authority key identifier: 8B:E4:03:5B:EB:C9:C8:34:28:B5:A2:7B:E8:5B:AC:96:6D:76:E5:CB
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/i-QDW-vJyDQotaJ76Fuslm125cs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A854F/5E87C042B73411EDA8D4CCA4F1222468/A9E7538EAB1D11EFB72C5097762E951A.roa
Signing time: Mon 25 Nov 2024 11:08:56 +0000
ROA not before: Mon 25 Nov 2024 11:08:53 +0000
ROA not after: Tue 25 Nov 2025 11:08:53 +0000
asID: 37143
IP address blocks: 41.222.56.0/22 maxlen: 22
41.222.60.0/23 maxlen: 23
41.222.62.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 667 (0x29b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A854FAF
Validity
Not Before: Nov 25 11:08:53 2024 GMT
Not After : Nov 25 11:08:53 2025 GMT
Subject: CN=67445ac8-108e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:54:8b:15:97:a2:d3:5c:26:a2:6d:72:a6:79:
f2:89:41:fc:54:b3:60:8c:c5:60:04:70:ca:d4:ac:
c2:6b:12:c2:6a:ba:84:af:5e:e1:af:00:ce:e1:bf:
9a:97:d8:ff:0c:10:bc:62:4d:6e:8f:f2:06:0d:90:
d7:6e:6b:49:ec:39:c6:b3:f6:52:62:cf:00:16:a0:
f8:93:25:ec:14:75:66:22:7f:53:33:ab:23:b2:50:
db:c3:54:29:3e:96:00:7f:53:7c:4a:9e:6e:da:7b:
c6:fb:93:7d:0c:f4:a2:48:af:6d:dc:89:30:13:9d:
4a:8f:65:c4:f6:d2:50:66:e4:d2:71:5a:d0:29:0b:
89:a5:ba:8e:b9:c5:eb:a3:50:e6:69:e2:38:ed:ad:
6f:0f:6f:31:2f:37:41:5b:23:c3:fc:5f:56:f0:23:
42:e5:39:fb:6c:4f:86:55:83:78:bb:2a:35:6a:76:
ba:74:6e:62:1f:9d:29:ac:3b:6a:b8:32:84:c4:22:
84:6c:be:8d:2b:a9:77:4f:ff:7e:78:d4:6d:a1:28:
30:08:5b:71:d9:92:8f:fe:fe:8c:75:3b:fc:72:ee:
b2:dd:aa:43:69:e0:c4:1f:b8:ec:b0:b4:0a:d7:47:
d4:aa:f3:66:86:cf:a9:75:9d:d0:c2:02:8a:40:88:
01:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:4B:CF:E3:23:96:B0:AC:2A:E2:E5:4A:5D:05:16:C9:5E:5D:E0:1A
X509v3 Authority Key Identifier:
keyid:8B:E4:03:5B:EB:C9:C8:34:28:B5:A2:7B:E8:5B:AC:96:6D:76:E5:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A854F/5E87C042B73411EDA8D4CCA4F1222468/i-QDW-vJyDQotaJ76Fuslm125cs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/i-QDW-vJyDQotaJ76Fuslm125cs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A854F/5E87C042B73411EDA8D4CCA4F1222468/A9E7538EAB1D11EFB72C5097762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.222.56.0-41.222.62.255
Signature Algorithm: sha256WithRSAEncryption
1d:b6:cd:8b:35:de:26:d4:58:2f:f3:d7:19:ec:a5:34:26:e5:
e0:f4:e2:e7:58:68:ec:c7:ba:3b:52:08:33:dc:06:06:7e:df:
7a:06:1c:b9:66:b4:cd:15:4b:7f:45:61:59:41:2b:13:69:ba:
7b:36:2d:ec:c3:86:29:26:e4:24:15:ce:9e:f3:f8:c1:ce:23:
0b:7a:dd:8e:00:71:17:dc:bb:dd:5c:ea:40:b4:be:9d:8c:94:
30:2f:7f:eb:35:cf:b0:cc:73:06:1e:08:b0:77:4a:c8:63:37:
71:2f:b9:93:d6:33:39:d5:84:0f:a3:7a:5b:80:10:8e:1e:ae:
0e:41:fb:28:5c:ee:42:a6:bd:03:10:a1:3b:27:e8:4f:4d:bd:
cd:b5:9e:f7:b0:28:d4:91:9d:fe:fd:74:42:73:f8:eb:9a:a4:
7b:27:f8:75:5f:6d:2d:cc:88:83:f9:8c:ed:49:12:b9:68:8e:
d5:94:75:cf:08:3a:6b:d6:22:03:98:f6:54:84:93:6c:fa:4b:
49:ab:62:bf:16:ee:89:05:41:8e:2b:4e:ab:81:7a:8a:72:0c:
8f:59:6c:18:f0:ab:fd:56:03:f5:52:70:45:41:27:6e:9a:0f:
ad:88:d9:ea:5d:e7:57:b5:83:67:38:bb:30:ca:02:f7:26:a9:
db:2a:21:be
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICApswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTg1NEZBRjExMC8GA1UEBRMoOEJFNDAzNUJFQkM5QzgzNDI4QjVBMjdCRTg1QkFD
OTY2RDc2RTVDQjAeFw0yNDExMjUxMTA4NTNaFw0yNTExMjUxMTA4NTNaMBgxFjAU
BgNVBAMTDTY3NDQ1YWM4LTEwOGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDSVIsVl6LTXCaibXKmefKJQfxUs2CMxWAEcMrUrMJrEsJquoSvXuGvAM7h
v5qX2P8MELxiTW6P8gYNkNdua0nsOcaz9lJizwAWoPiTJewUdWYif1MzqyOyUNvD
VCk+lgB/U3xKnm7ae8b7k30M9KJIr23ciTATnUqPZcT20lBm5NJxWtApC4mluo65
xeujUOZp4jjtrW8PbzEvN0FbI8P8X1bwI0LlOftsT4ZVg3i7KjVqdrp0bmIfnSms
O2q4MoTEIoRsvo0rqXdP/3541G2hKDAIW3HZko/+/ox1O/xy7rLdqkNp4MQfuOyw
tArXR9Sq82aGz6l1ndDCAopAiAFzAgMBAAGjggKtMIICqTAdBgNVHQ4EFgQUqUvP
4yOWsKwq4uVKXQUWyV5d4BowHwYDVR0jBBgwFoAUi+QDW+vJyDQotaJ76Fuslm12
5cswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE4NTRGLzVFODdDMDQyQjczNDExRURBOEQ0Q0NBNEYxMjIyNDY4L2ktUURX
LXZKeURRb3RhSjc2RnVzbG0xMjVjcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2ktUURXLXZKeURRb3RhSjc2RnVzbG0xMjVjcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkE4NTRGLzVFODdDMDQyQjczNDExRURBOEQ0Q0NBNEYx
MjIyNDY4L0E5RTc1MzhFQUIxRDExRUZCNzJDNTA5Nzc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwJwYIKwYBBQUHAQcBAf8EGDAWMBQEAgABMA4wDAMEAyneOAMEACnePjANBgkq
hkiG9w0BAQsFAAOCAQEAHbbNizXeJtRYL/PXGeylNCbl4PTi51ho7Me6O1IIM9wG
Bn7fegYcuWa0zRVLf0VhWUErE2m6ezYt7MOGKSbkJBXOnvP4wc4jC3rdjgBxF9y7
3VzqQLS+nYyUMC9/6zXPsMxzBh4IsHdKyGM3cS+5k9YzOdWED6N6W4AQjh6uDkH7
KFzuQqa9AxChOyfoT029zbWe97Ao1JGd/v10QnP465qkeyf4dV9tLcyIg/mM7UkS
uWiO1ZR1zwg6a9YiA5j2VISTbPpLSativxbuiQVBjitOq4F6inIMj1lsGPCr/VYD
9VJwRUEnbpoPrYjZ6l3nV7WDZzi7MMoC9yap2yohvg==
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:12:34 2025 by rpki-client