Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32ADF0B2D96611EF9AD869A9762E951A.roa
File: 32ADF0B2D96611EF9AD869A9762E951A.roa (raw, json)
Hash identifier: y2rQSAJs+0dCtIvTmajcRiBbcOZyYfI7RLxr2M+lxA4=
Subject key identifier: 43:CC:46:4C:CA:39:9A:F4:CD:6B:B8:DA:4E:18:8E:B9:46:53:43:0C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014099
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32ADF0B2D96611EF9AD869A9762E951A.roa
Signing time: Thu 23 Jan 2025 08:44:03 +0000
ROA not before: Thu 23 Jan 2025 08:44:00 +0000
ROA not after: Thu 27 Feb 2025 08:44:00 +0000
asID: 59187
IP address blocks: 154.221.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82073 (0x14099)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 23 08:44:00 2025 GMT
Not After : Feb 27 08:44:00 2025 GMT
Subject: CN=67920153-6c42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:04:81:3b:5e:ff:26:72:d0:e2:bc:d1:f1:95:
2f:d0:0c:86:84:15:84:c3:6a:fe:65:c6:c0:1d:75:
b9:76:36:ad:4c:3c:a9:85:91:0e:e6:0a:45:3e:e3:
8c:a2:99:07:50:02:52:25:83:07:ec:3f:4a:91:30:
a9:bd:dd:6d:60:0f:04:c5:75:8c:94:59:7f:38:cc:
f2:06:ef:ab:b5:3a:33:55:88:1c:7f:1b:72:2c:54:
0e:b4:7f:b3:ee:56:76:cc:0a:3d:c8:06:4a:11:6c:
2b:51:28:01:b8:77:83:00:59:10:d6:e9:1b:24:74:
61:e0:e0:4e:3f:18:a9:ae:0b:20:fd:eb:1d:92:90:
18:66:77:be:f4:aa:61:de:ee:dd:89:82:6f:98:56:
3e:f7:ca:83:0f:56:5b:aa:29:7c:a4:74:fb:dd:83:
bb:16:45:64:76:59:52:21:a3:50:b5:38:62:36:4a:
28:c1:b2:2d:8b:2c:79:77:ec:96:35:ac:c6:e5:e0:
d1:69:81:13:e9:da:e2:dc:67:6c:11:e0:33:11:38:
2d:8a:07:13:35:93:dc:be:ca:68:9b:1e:68:d5:06:
74:e6:14:21:3e:f0:2a:54:cd:c3:59:a2:2a:c0:3a:
43:67:3c:3e:b3:92:91:38:fb:64:8b:d9:01:f8:77:
ab:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:CC:46:4C:CA:39:9A:F4:CD:6B:B8:DA:4E:18:8E:B9:46:53:43:0C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32ADF0B2D96611EF9AD869A9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.32.0/24
Signature Algorithm: sha256WithRSAEncryption
66:97:a1:83:88:2f:fe:4b:ee:6c:70:7e:be:16:f9:cb:c5:79:
b4:94:04:02:d7:e7:60:b6:31:ae:62:9d:3f:f9:12:99:97:f0:
77:59:c4:66:76:a8:51:7b:98:6e:98:fc:52:ec:35:59:67:1d:
0c:ad:f0:a2:dc:24:02:d1:98:52:db:b8:9d:9f:30:75:29:4a:
8c:4a:09:4a:bf:6f:c2:a8:7f:ba:e8:b9:57:11:53:45:0a:4c:
72:83:08:57:50:1f:75:66:9f:3c:1e:20:64:04:2a:56:0a:b2:
dd:88:a4:95:51:b7:bb:4c:aa:ed:72:b4:90:da:a0:9c:0a:e6:
97:0b:1e:92:32:fc:35:a3:db:04:c7:ac:02:5b:d9:4d:3a:31:
54:f9:66:be:8a:38:b7:9b:2b:b3:60:69:34:37:83:1f:d0:c6:
76:21:7b:92:30:34:b2:21:20:ce:61:a4:75:33:78:e1:d0:81:
38:5c:06:cb:00:be:7c:49:77:80:54:29:43:f5:6b:de:98:ae:
17:d0:a0:90:48:ac:1a:2b:9a:96:fb:7a:7a:88:1d:90:bb:8b:
41:4c:fa:aa:f4:e2:b3:e5:53:c2:0b:ba:65:b5:eb:54:43:a5:
49:cf:31:62:3d:cc:35:27:32:a7:84:ec:18:87:70:f8:cb:7f:
8f:05:fc:7b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUCZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMDg0NDAwWhcNMjUwMjI3MDg0NDAwWjAYMRYw
FAYDVQQDEw02NzkyMDE1My02YzQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4QSBO17/JnLQ4rzR8ZUv0AyGhBWEw2r+ZcbAHXW5djatTDyphZEO5gpF
PuOMopkHUAJSJYMH7D9KkTCpvd1tYA8ExXWMlFl/OMzyBu+rtTozVYgcfxtyLFQO
tH+z7lZ2zAo9yAZKEWwrUSgBuHeDAFkQ1ukbJHRh4OBOPxiprgsg/esdkpAYZne+
9Kph3u7diYJvmFY+98qDD1Zbqil8pHT73YO7FkVkdllSIaNQtThiNkoowbItiyx5
d+yWNazG5eDRaYET6dri3GdsEeAzETgtigcTNZPcvspomx5o1QZ05hQhPvAqVM3D
WaIqwDpDZzw+s5KROPtki9kB+HerSwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEPM
RkzKOZr0zWu42k4YjrlGU0MMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMkFERjBCMkQ5NjYxMUVGOUFEODY5QTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt0gMA0GCSqGSIb3DQEB
CwUAA4IBAQBml6GDiC/+S+5scH6+FvnLxXm0lAQC1+dgtjGuYp0/+RKZl/B3WcRm
dqhRe5humPxS7DVZZx0MrfCi3CQC0ZhS27idnzB1KUqMSglKv2/CqH+66LlXEVNF
CkxygwhXUB91Zp88HiBkBCpWCrLdiKSVUbe7TKrtcrSQ2qCcCuaXCx6SMvw1o9sE
x6wCW9lNOjFU+Wa+iji3myuzYGk0N4Mf0MZ2IXuSMDSyISDOYaR1M3jh0IE4XAbL
AL58SXeAVClD9WvemK4X0KCQSKwaK5qW+3p6iB2Qu4tBTPqq9OKz5VPCC7pltetU
Q6VJzzFiPcw1JzKnhOwYh3D4y3+PBfx7
-----END CERTIFICATE-----
Generated at Tue Apr 29 00:59:06 2025 by rpki-client