Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B4CC8/2BD7A67C9DA611EE9420865CD25BE465/6B19BD749DA711EE8B40AC5ED25BE465.roa
File: 6B19BD749DA711EE8B40AC5ED25BE465.roa (raw, json)
Hash identifier: NgzSPsDLZHTS8GcIuQL4M+RUtb2W4HialOJ/KKr08S4=
Subject key identifier: 40:10:7B:AA:CE:D9:96:C1:1F:EB:E0:65:18:0D:E8:BE:F8:D3:A7:59
Certificate issuer: /CN=F36B4CC8AF/serialNumber=9D911F39235A9E71CAE49957A69A2E5242A0DD35
Certificate serial: 02
Authority key identifier: 9D:91:1F:39:23:5A:9E:71:CA:E4:99:57:A6:9A:2E:52:42:A0:DD:35
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/nZEfOSNannHK5JlXppouUkKg3TU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36B4CC8/2BD7A67C9DA611EE9420865CD25BE465/6B19BD749DA711EE8B40AC5ED25BE465.roa
Signing time: Mon 18 Dec 2023 13:14:48 +0000
ROA not before: Mon 18 Dec 2023 13:14:44 +0000
ROA not after: Mon 18 Dec 2028 13:14:44 +0000
asID: 328797
IP address blocks: 102.221.28.0/23 maxlen: 23
102.221.28.0/24 maxlen: 24
102.221.29.0/24 maxlen: 24
102.221.30.0/23 maxlen: 23
102.221.30.0/24 maxlen: 24
102.221.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36B4CC8AF
Validity
Not Before: Dec 18 13:14:44 2023 GMT
Not After : Dec 18 13:14:44 2028 GMT
Subject: CN=658045c8-9587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:aa:bc:4f:f9:d4:b7:99:27:02:72:cf:5d:6c:
a0:ee:1e:fc:5c:2c:1a:bc:a1:a8:5b:25:62:f3:29:
2c:96:77:88:cf:0a:83:2c:b2:30:46:ea:66:39:fe:
be:b7:cb:c2:ed:a4:62:23:c9:8a:1a:b2:d7:9f:f4:
ed:58:ee:40:16:a9:09:67:72:d8:80:6d:7a:64:41:
e9:51:89:67:cb:93:73:4c:7e:cd:e5:0d:e5:71:bc:
b4:de:cd:34:58:f4:f9:d8:ae:85:eb:b6:f0:4b:64:
c6:25:3c:e8:d2:17:b8:bf:c7:ba:3a:43:95:6a:16:
54:7b:35:37:57:5f:c6:48:d9:dd:a4:5b:d2:32:1e:
9e:b1:4e:67:e4:43:b6:50:bd:4e:73:94:fe:3f:f6:
0d:fd:a2:4e:b9:dc:21:8d:93:32:06:6a:43:66:90:
5c:ad:b7:06:bb:72:0d:2c:65:a6:cd:e7:12:68:d3:
c3:eb:f7:4c:29:70:0d:b4:4a:7a:55:37:78:e0:3f:
a4:0c:8d:92:b7:36:68:41:c5:7c:50:76:9e:e0:a3:
4f:2c:07:2a:3e:95:5e:73:b5:d9:c3:5c:6c:89:8b:
ea:a7:a7:86:52:df:d8:ad:3a:d3:5d:cd:14:ba:91:
b7:9d:35:a2:0e:2a:b9:cb:34:67:0b:c1:c9:73:a3:
4b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:10:7B:AA:CE:D9:96:C1:1F:EB:E0:65:18:0D:E8:BE:F8:D3:A7:59
X509v3 Authority Key Identifier:
keyid:9D:91:1F:39:23:5A:9E:71:CA:E4:99:57:A6:9A:2E:52:42:A0:DD:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36B4CC8/2BD7A67C9DA611EE9420865CD25BE465/nZEfOSNannHK5JlXppouUkKg3TU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/nZEfOSNannHK5JlXppouUkKg3TU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B4CC8/2BD7A67C9DA611EE9420865CD25BE465/6B19BD749DA711EE8B40AC5ED25BE465.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.221.28.0/22
Signature Algorithm: sha256WithRSAEncryption
46:51:ab:0f:13:bd:56:79:7f:da:bc:4c:60:dd:df:99:20:e2:
92:c4:60:3b:89:5c:c6:5f:68:d3:e1:42:69:c8:b2:e1:78:7e:
4d:43:53:a5:1b:66:9a:41:9d:4b:02:9d:ad:03:42:11:bd:f4:
56:7b:34:cc:03:ec:ab:90:1a:57:10:c7:38:00:83:b9:cb:19:
51:95:98:3b:db:4c:25:82:d7:07:35:3f:52:26:7c:55:ba:94:
db:18:5a:ba:11:e6:8b:2c:b4:a3:19:2b:da:68:f0:e6:a1:cc:
7c:75:37:cd:c5:a3:e8:00:cd:c0:a1:c1:aa:ad:ee:14:6f:6e:
fb:71:03:d9:14:8d:21:48:48:23:5e:d3:6e:93:d9:20:e0:4d:
47:f7:78:36:ae:47:70:3b:ad:c5:de:bc:d9:76:18:eb:52:79:
1f:05:1e:e2:75:09:c9:b9:f7:a3:fb:b5:08:ae:a3:35:2c:27:
4d:75:71:9f:b2:3e:dd:92:0a:06:ff:86:da:07:47:b5:81:e2:
d3:29:ca:84:14:df:f5:5c:c1:56:31:66:33:c9:d1:61:f5:21:
d9:ea:c7:65:76:45:5e:d8:92:53:bc:f2:8b:bb:4b:e8:5f:56:
69:6c:f5:f8:32:dc:b8:fe:2f:22:3b:19:34:46:df:bb:3d:a8:
30:85:a8:4e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
NENDOEFGMTEwLwYDVQQFEyg5RDkxMUYzOTIzNUE5RTcxQ0FFNDk5NTdBNjlBMkU1
MjQyQTBERDM1MB4XDTIzMTIxODEzMTQ0NFoXDTI4MTIxODEzMTQ0NFowGDEWMBQG
A1UEAxMNNjU4MDQ1YzgtOTU4NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALaqvE/51LeZJwJyz11soO4e/FwsGryhqFslYvMpLJZ3iM8KgyyyMEbqZjn+
vrfLwu2kYiPJihqy15/07VjuQBapCWdy2IBtemRB6VGJZ8uTc0x+zeUN5XG8tN7N
NFj0+diuheu28EtkxiU86NIXuL/HujpDlWoWVHs1N1dfxkjZ3aRb0jIenrFOZ+RD
tlC9TnOU/j/2Df2iTrncIY2TMgZqQ2aQXK23BrtyDSxlps3nEmjTw+v3TClwDbRK
elU3eOA/pAyNkrc2aEHFfFB2nuCjTywHKj6VXnO12cNcbImL6qenhlLf2K06013N
FLqRt501og4qucs0ZwvByXOjS2cCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRAEHuq
ztmWwR/r4GUYDei++NOnWTAfBgNVHSMEGDAWgBSdkR85I1qeccrkmVemmi5SQqDd
NTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QjRDQzgvMkJEN0E2N0M5REE2MTFFRTk0MjA4NjVDRDI1QkU0NjUvblpFZk9T
TmFubkhLNUpsWHBwb3VVa0tnM1RVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvblpFZk9TTmFubkhLNUpsWHBwb3VVa0tnM1RVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QjRDQzgvMkJEN0E2N0M5REE2MTFFRTk0MjA4NjVDRDI1
QkU0NjUvNkIxOUJENzQ5REE3MTFFRThCNDBBQzVFRDI1QkU0NjUucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbdHDANBgkqhkiG9w0BAQsF
AAOCAQEARlGrDxO9Vnl/2rxMYN3fmSDiksRgO4lcxl9o0+FCaciy4Xh+TUNTpRtm
mkGdSwKdrQNCEb30Vns0zAPsq5AaVxDHOACDucsZUZWYO9tMJYLXBzU/UiZ8VbqU
2xhauhHmiyy0oxkr2mjw5qHMfHU3zcWj6ADNwKHBqq3uFG9u+3ED2RSNIUhII17T
bpPZIOBNR/d4Nq5HcDutxd682XYY61J5HwUe4nUJybn3o/u1CK6jNSwnTXVxn7I+
3ZIKBv+G2gdHtYHi0ynKhBTf9VzBVjFmM8nRYfUh2erHZXZFXtiSU7zyi7tL6F9W
aWz1+DLcuP4vIjsZNEbfuz2oMIWoTg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:58:20 2025 by rpki-client