Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3224E64ADA4D11EFB639D441762E951A.roa
File: 3224E64ADA4D11EFB639D441762E951A.roa (raw, json)
Hash identifier: H1JhbMSD4gXMgKTXHJMxSYmHuGYvjTAZEq3df1CHmbU=
Subject key identifier: FB:06:FB:CD:A4:C3:DC:09:27:4F:5A:B3:F6:73:17:7F:ED:24:21:20
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0146A2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3224E64ADA4D11EFB639D441762E951A.roa
Signing time: Fri 24 Jan 2025 12:17:36 +0000
ROA not before: Fri 24 Jan 2025 12:17:32 +0000
ROA not after: Tue 11 Mar 2025 12:17:32 +0000
asID: 138915
IP address blocks: 154.95.66.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83618 (0x146a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 12:17:32 2025 GMT
Not After : Mar 11 12:17:32 2025 GMT
Subject: CN=679384e0-0d49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:34:ff:3f:ea:b0:d2:b7:41:8c:0a:ac:d7:b4:
a1:a4:22:71:9e:e8:65:b1:7c:d6:54:92:17:60:ee:
e4:80:ea:0c:e8:c2:6f:fa:c4:d9:2b:c2:33:2b:18:
6a:5a:91:d2:6c:8c:14:f4:88:8a:23:82:89:80:f6:
c4:b0:13:02:94:92:69:9f:b2:ed:7f:80:48:b0:61:
4a:44:74:7d:59:44:96:cb:dc:9f:b5:7b:f3:c1:73:
0d:c5:b0:fb:8e:e9:f9:9f:d5:d5:0c:e8:5b:e0:5c:
5d:38:4a:1b:13:72:12:c9:af:af:b3:06:2b:cf:88:
ed:9c:18:5c:30:86:2b:31:60:2e:41:fd:44:1d:68:
ad:29:2e:6a:ff:a7:23:f3:e5:ca:e8:fe:14:86:dc:
4c:3c:d2:f8:00:9a:4a:ab:20:1b:8a:71:09:7c:34:
0a:55:55:c9:1d:15:f2:93:45:80:c3:e9:8b:cd:46:
6b:7b:0c:30:7b:ef:6c:4e:75:1d:a2:c4:a6:c7:fc:
41:c8:5d:cf:54:85:e4:ec:d6:32:40:78:90:16:bb:
c8:30:65:3d:3b:5d:c7:b6:52:d6:97:97:30:b6:48:
1c:cd:56:59:0c:d0:ce:14:dd:22:46:d8:db:ca:9a:
ad:45:e9:e5:72:f0:ca:88:ee:31:d9:30:88:18:2b:
07:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:06:FB:CD:A4:C3:DC:09:27:4F:5A:B3:F6:73:17:7F:ED:24:21:20
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3224E64ADA4D11EFB639D441762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.66.0/23
Signature Algorithm: sha256WithRSAEncryption
b7:f9:87:27:92:01:75:c7:27:c4:fb:42:32:bd:5b:d5:22:48:
0d:39:53:d8:26:ad:da:11:d8:13:93:2f:fc:4e:9f:58:ac:0c:
fc:0e:39:6e:80:f0:a7:76:52:f2:4d:18:f6:78:8c:d0:d4:64:
73:16:c6:64:e6:2b:55:48:90:01:37:54:24:42:f1:4b:43:77:
de:c6:36:c4:0e:2f:f3:01:b0:ab:fc:71:b7:e4:da:c8:b1:f1:
62:dd:65:4c:fd:fc:24:d7:fc:ff:51:1d:55:64:56:28:f3:32:
82:7f:00:a4:33:d8:f8:04:07:c4:e5:e2:61:19:f2:8b:67:ea:
30:57:23:d7:b2:8f:4e:52:ab:f5:05:1b:ee:db:e0:44:c2:e6:
3a:58:73:a8:1e:1a:7a:87:dd:79:99:c4:6f:1e:b8:a0:c5:28:
c4:bc:8b:16:fb:81:56:bc:d7:3f:3b:bf:24:d9:02:c1:1a:93:
61:1b:2f:ac:44:e1:e5:43:2e:6c:b2:21:e5:64:cc:90:b9:e1:
35:99:e8:de:c4:51:b8:3e:36:c3:1a:56:ec:90:32:1a:55:a8:
de:bc:b3:01:cd:92:9e:36:af:95:9b:a4:6c:de:ba:a0:99:04:
14:34:33:3c:99:86:33:9f:5b:25:5a:8f:68:fe:fd:c5:12:8b:
04:ce:91:63
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUaiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTIxNzMyWhcNMjUwMzExMTIxNzMyWjAYMRYw
FAYDVQQDEw02NzkzODRlMC0wZDQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtzT/P+qw0rdBjAqs17ShpCJxnuhlsXzWVJIXYO7kgOoM6MJv+sTZK8Iz
KxhqWpHSbIwU9IiKI4KJgPbEsBMClJJpn7Ltf4BIsGFKRHR9WUSWy9yftXvzwXMN
xbD7jun5n9XVDOhb4FxdOEobE3ISya+vswYrz4jtnBhcMIYrMWAuQf1EHWitKS5q
/6cj8+XK6P4UhtxMPNL4AJpKqyAbinEJfDQKVVXJHRXyk0WAw+mLzUZrewwwe+9s
TnUdosSmx/xByF3PVIXk7NYyQHiQFrvIMGU9O13HtlLWl5cwtkgczVZZDNDOFN0i
RtjbypqtRenlcvDKiO4x2TCIGCsH3QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPsG
+82kw9wJJ09as/ZzF3/tJCEgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMjI0RTY0QURBNEQxMUVGQjYzOUQ0NDE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBml9CMA0GCSqGSIb3DQEB
CwUAA4IBAQC3+YcnkgF1xyfE+0IyvVvVIkgNOVPYJq3aEdgTky/8Tp9YrAz8Djlu
gPCndlLyTRj2eIzQ1GRzFsZk5itVSJABN1QkQvFLQ3fexjbEDi/zAbCr/HG35NrI
sfFi3WVM/fwk1/z/UR1VZFYo8zKCfwCkM9j4BAfE5eJhGfKLZ+owVyPXso9OUqv1
BRvu2+BEwuY6WHOoHhp6h915mcRvHrigxSjEvIsW+4FWvNc/O78k2QLBGpNhGy+s
ROHlQy5ssiHlZMyQueE1mejexFG4PjbDGlbskDIaVajevLMBzZKeNq+Vm6Rs3rqg
mQQUNDM8mYYzn1slWo9o/v3FEosEzpFj
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:59:11 2025 by rpki-client