Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29D7C576D56A11EF8461476F762E951A.roa
File: 29D7C576D56A11EF8461476F762E951A.roa (raw, json)
Hash identifier: 9N+ApwpggQHZjJ6J4sQ2SIfzq5BuRdAOkZuBOcZ6coY=
Subject key identifier: 6A:C8:BC:8E:CB:C9:24:11:9D:D2:B8:5A:90:DE:32:3E:C0:21:0B:D8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013D8E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29D7C576D56A11EF8461476F762E951A.roa
Signing time: Sat 18 Jan 2025 07:02:22 +0000
ROA not before: Sat 18 Jan 2025 07:02:18 +0000
ROA not after: Sat 22 Feb 2025 07:02:18 +0000
asID: 54600
IP address blocks: 154.217.236.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81294 (0x13d8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 18 07:02:18 2025 GMT
Not After : Feb 22 07:02:18 2025 GMT
Subject: CN=678b51fe-6a7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:af:73:3a:d3:d1:f6:e9:23:cc:46:91:fc:f7:
f6:c2:3f:43:a1:f5:c4:a8:c5:a0:5d:ed:d9:52:18:
4d:1b:27:96:0f:00:6a:14:39:2c:ef:35:29:f1:07:
de:49:7d:91:f6:67:a6:50:39:8d:13:63:9a:a3:8f:
7b:27:2b:00:1a:2a:7e:08:ff:b1:70:6d:50:06:bc:
f2:97:15:d0:b2:21:da:86:e6:b9:38:20:7b:bc:40:
19:61:e0:69:a7:d4:05:13:d8:f5:f1:29:03:c7:27:
5e:3d:6d:3e:a0:5c:d1:43:9e:f9:0b:e8:95:95:91:
81:45:1a:f2:a5:05:a5:8a:bc:9a:f0:16:20:15:99:
b1:5e:b9:fe:1a:7c:eb:2e:3b:4d:6e:25:93:c8:90:
e4:0a:6b:c1:a3:17:99:b6:16:c9:9c:6e:4d:e2:18:
4d:06:ea:36:d4:e5:34:ad:f9:dd:95:f7:1b:3a:eb:
07:99:18:6a:cc:41:2e:d8:67:52:55:79:6e:d0:26:
93:cb:af:0a:2f:34:b3:b1:6a:94:1c:89:c2:da:9d:
e8:bb:30:e5:3f:3d:32:0f:40:c8:82:e4:c9:90:ff:
2a:18:d3:90:44:6a:bf:46:db:d0:12:e2:eb:4b:b3:
18:4f:d8:5c:d7:b0:00:95:69:07:24:f0:ec:16:71:
18:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C8:BC:8E:CB:C9:24:11:9D:D2:B8:5A:90:DE:32:3E:C0:21:0B:D8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29D7C576D56A11EF8461476F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.236.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:a8:4b:29:8a:f9:0a:1d:ed:fb:d7:75:73:71:67:c1:7a:ea:
4a:df:a3:5d:25:c3:81:86:e2:40:76:54:09:f6:b6:41:ca:7a:
8f:e7:d3:59:26:2d:b2:7c:98:bd:57:66:fd:66:96:3f:4a:22:
9f:5b:1d:ad:39:ba:df:76:03:5e:a1:30:66:7e:0a:88:b7:dc:
ab:aa:78:be:dd:6a:16:04:31:45:18:b0:c4:a1:1a:84:b4:68:
fd:b9:66:24:3a:d3:47:4e:94:b2:ef:59:09:21:b4:12:18:37:
3c:d6:31:f0:9d:54:59:e5:a9:15:71:11:88:70:53:b0:9b:5f:
27:49:fb:30:c8:2e:ad:cd:06:0c:54:50:dc:59:4e:94:c5:88:
89:cc:e4:b7:66:5a:e4:ec:b3:c9:65:14:99:9e:66:b3:0f:81:
ee:a3:43:d3:85:33:e1:a4:f6:26:aa:56:28:09:7d:03:c3:58:
05:66:90:7c:2d:cc:12:6b:ad:c5:c6:68:4e:d4:73:9a:cd:1a:
5a:18:9f:44:7b:7b:e4:1a:35:e6:22:0e:84:9c:08:98:b1:79:
44:73:6e:ba:e9:4c:e5:72:38:d5:6a:5f:70:21:b2:48:d1:c9:
81:2a:e2:c7:40:79:64:31:0c:24:0d:fa:a6:63:04:51:34:ff:
28:3b:39:63
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT2OMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE4MDcwMjE4WhcNMjUwMjIyMDcwMjE4WjAYMRYw
FAYDVQQDEw02NzhiNTFmZS02YTdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAva9zOtPR9ukjzEaR/Pf2wj9DofXEqMWgXe3ZUhhNGyeWDwBqFDks7zUp
8QfeSX2R9memUDmNE2Oao497JysAGip+CP+xcG1QBrzylxXQsiHahua5OCB7vEAZ
YeBpp9QFE9j18SkDxydePW0+oFzRQ575C+iVlZGBRRrypQWlirya8BYgFZmxXrn+
GnzrLjtNbiWTyJDkCmvBoxeZthbJnG5N4hhNBuo21OU0rfndlfcbOusHmRhqzEEu
2GdSVXlu0CaTy68KLzSzsWqUHInC2p3ouzDlPz0yD0DIguTJkP8qGNOQRGq/RtvQ
EuLrS7MYT9hc17AAlWkHJPDsFnEY6QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGrI
vI7LySQRndK4WpDeMj7AIQvYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOUQ3QzU3NkQ1NkExMUVGODQ2MTQ3NkY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtnsMA0GCSqGSIb3DQEB
CwUAA4IBAQBLqEspivkKHe3713VzcWfBeupK36NdJcOBhuJAdlQJ9rZBynqP59NZ
Ji2yfJi9V2b9ZpY/SiKfWx2tObrfdgNeoTBmfgqIt9yrqni+3WoWBDFFGLDEoRqE
tGj9uWYkOtNHTpSy71kJIbQSGDc81jHwnVRZ5akVcRGIcFOwm18nSfswyC6tzQYM
VFDcWU6UxYiJzOS3Zlrk7LPJZRSZnmazD4Huo0PThTPhpPYmqlYoCX0Dw1gFZpB8
LcwSa63FxmhO1HOazRpaGJ9Ee3vkGjXmIg6EnAiYsXlEc2666UzlcjjVal9wIbJI
0cmBKuLHQHlkMQwkDfqmYwRRNP8oOzlj
-----END CERTIFICATE-----
Generated at Sun Apr 27 02:40:48 2025 by rpki-client