Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/3BF2FE14FC9911EFBDC67694762E951A.roa
File: 3BF2FE14FC9911EFBDC67694762E951A.roa (raw, json)
Hash identifier: L4Bxvdm+SwXKL0xTi/PE3toLeg1pTr6CDA2dFeMD1ns=
Subject key identifier: D2:65:02:6E:8C:07:41:4D:A1:AA:EA:D9:5D:89:3F:81:1E:9A:28:C5
Certificate issuer: /CN=F36CA351AF/serialNumber=58DA3BE331A612AAAE4F6A30637704063AC3DD42
Certificate serial: 01D8
Authority key identifier: 58:DA:3B:E3:31:A6:12:AA:AE:4F:6A:30:63:77:04:06:3A:C3:DD:42
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/WNo74zGmEqquT2owY3cEBjrD3UI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/3BF2FE14FC9911EFBDC67694762E951A.roa
Signing time: Sun 09 Mar 2025 03:47:34 +0000
ROA not before: Sun 09 Mar 2025 03:47:30 +0000
ROA not after: Mon 09 Mar 2026 03:47:30 +0000
asID: 328988
IP address blocks: 102.213.68.0/24 maxlen: 24
102.213.69.0/24 maxlen: 24
102.213.70.0/24 maxlen: 24
102.213.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 472 (0x1d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36CA351AF
Validity
Not Before: Mar 9 03:47:30 2025 GMT
Not After : Mar 9 03:47:30 2026 GMT
Subject: CN=67cd0f56-c332
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:3d:e2:b4:10:45:9c:8b:bf:f0:62:93:75:c7:
f4:a9:71:e1:a3:dd:d7:7c:c1:b6:47:b1:9d:5c:4c:
35:b9:18:e6:cb:49:16:f4:8c:bc:cb:92:c0:2f:41:
af:fd:48:34:3c:8c:76:79:8f:e4:c5:67:86:fc:43:
b0:72:d3:25:b9:6e:07:ef:0f:b4:f6:f8:d3:b6:23:
da:0e:4e:29:79:da:e0:86:83:a8:c5:9c:ea:56:ec:
ae:da:2e:cd:7b:28:af:56:9a:0c:31:be:fd:91:84:
57:d8:31:b8:9d:5c:96:98:4b:43:8a:07:34:3d:1a:
f9:9a:8b:a5:70:f3:ef:2e:33:d3:06:e1:d9:7b:0e:
47:8c:10:d1:97:a3:9b:93:03:9c:cd:04:04:35:0c:
9d:dd:0a:e1:f9:d9:ca:82:3c:48:ff:5b:1d:ff:ee:
af:c6:a8:73:21:8d:12:c2:5f:ad:28:de:6d:83:92:
ab:e9:71:c3:31:32:9a:61:bd:09:2f:ce:0e:b8:93:
38:93:56:c4:33:fb:12:7c:62:66:ec:c9:5f:e4:7b:
cf:e8:20:3f:10:d3:16:2f:88:6e:d5:18:58:65:8a:
fb:7f:a7:6d:d5:24:52:98:bd:53:f2:4e:d2:36:22:
a8:8c:ad:a6:38:d8:4a:4f:5f:ca:62:0c:5f:ff:ff:
9c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:65:02:6E:8C:07:41:4D:A1:AA:EA:D9:5D:89:3F:81:1E:9A:28:C5
X509v3 Authority Key Identifier:
keyid:58:DA:3B:E3:31:A6:12:AA:AE:4F:6A:30:63:77:04:06:3A:C3:DD:42
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/WNo74zGmEqquT2owY3cEBjrD3UI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/WNo74zGmEqquT2owY3cEBjrD3UI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CA351/D8E6C5EAC2E611EE8B90697B775412E6/3BF2FE14FC9911EFBDC67694762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.213.68.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:a7:fe:c1:d0:f1:8d:81:aa:50:49:10:e8:b6:28:19:52:74:
95:99:f0:2a:2b:28:ee:59:93:0c:af:bc:50:27:5d:a3:fc:ee:
4b:e5:f2:c8:15:de:51:4c:5e:e7:56:1c:f1:8b:d2:c2:55:0a:
b9:8a:3b:c6:d3:0c:59:d0:a5:39:10:86:8f:15:f7:ca:00:ae:
c2:62:7d:1d:f2:c7:53:2a:bd:37:97:2e:a1:a0:8c:d6:99:9b:
68:44:e7:40:17:a4:b2:a3:04:58:94:be:10:87:e7:25:98:64:
b6:a7:e3:92:21:66:87:1b:b0:08:6c:0e:89:95:13:53:42:f9:
51:c1:7d:a0:d6:a0:e4:32:f3:a2:3b:0e:08:d6:19:a9:a9:35:
c2:8c:c4:5d:06:0d:3e:22:02:be:e5:d6:8d:5e:9c:8c:b2:9c:
e2:41:19:8b:74:dc:a3:16:2a:b4:d5:73:75:64:f6:2b:43:03:
c7:58:e2:fa:0c:0d:91:9d:dc:c0:69:e1:c5:14:d0:17:e8:05:
e2:91:af:e1:23:d1:7b:49:f3:44:3e:ad:10:c9:8d:ff:9c:70:
0f:48:56:c6:57:ce:10:2e:25:43:e8:e8:6b:ae:8e:f4:38:a1:
0d:e8:16:ed:55:fc:0d:19:71:c2:67:1f:59:66:94:c3:f7:ff:
06:eb:17:98
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAdgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
Q0EzNTFBRjExMC8GA1UEBRMoNThEQTNCRTMzMUE2MTJBQUFFNEY2QTMwNjM3NzA0
MDYzQUMzREQ0MjAeFw0yNTAzMDkwMzQ3MzBaFw0yNjAzMDkwMzQ3MzBaMBgxFjAU
BgNVBAMTDTY3Y2QwZjU2LWMzMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDZPeK0EEWci7/wYpN1x/SpceGj3dd8wbZHsZ1cTDW5GObLSRb0jLzLksAv
Qa/9SDQ8jHZ5j+TFZ4b8Q7By0yW5bgfvD7T2+NO2I9oOTil52uCGg6jFnOpW7K7a
Ls17KK9Wmgwxvv2RhFfYMbidXJaYS0OKBzQ9Gvmai6Vw8+8uM9MG4dl7DkeMENGX
o5uTA5zNBAQ1DJ3dCuH52cqCPEj/Wx3/7q/GqHMhjRLCX60o3m2DkqvpccMxMpph
vQkvzg64kziTVsQz+xJ8YmbsyV/ke8/oID8Q0xYviG7VGFhlivt/p23VJFKYvVPy
TtI2IqiMraY42EpPX8piDF///5wNAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU0mUC
bowHQU2hqurZXYk/gR6aKMUwHwYDVR0jBBgwFoAUWNo74zGmEqquT2owY3cEBjrD
3UIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkNBMzUxL0Q4RTZDNUVBQzJFNjExRUU4QjkwNjk3Qjc3NTQxMkU2L1dObzc0
ekdtRXFxdVQyb3dZM2NFQmpyRDNVSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1dObzc0ekdtRXFxdVQyb3dZM2NFQmpyRDNVSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkNBMzUxL0Q4RTZDNUVBQzJFNjExRUU4QjkwNjk3Qjc3
NTQxMkU2LzNCRjJGRTE0RkM5OTExRUZCREM2NzY5NDc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm1UQwDQYJKoZIhvcNAQEL
BQADggEBALen/sHQ8Y2BqlBJEOi2KBlSdJWZ8CorKO5ZkwyvvFAnXaP87kvl8sgV
3lFMXudWHPGL0sJVCrmKO8bTDFnQpTkQho8V98oArsJifR3yx1MqvTeXLqGgjNaZ
m2hE50AXpLKjBFiUvhCH5yWYZLan45IhZocbsAhsDomVE1NC+VHBfaDWoOQy86I7
DgjWGampNcKMxF0GDT4iAr7l1o1enIyynOJBGYt03KMWKrTVc3Vk9itDA8dY4voM
DZGd3MBp4cUU0BfoBeKRr+Ej0XtJ80Q+rRDJjf+ccA9IVsZXzhAuJUPo6GuujvQ4
oQ3oFu1V/A0ZccJnH1lmlMP3/wbrF5g=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:48:11 2025 by rpki-client