Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/34789C0CDA5C11EF8C19A0A5762E951A.roa
File: 34789C0CDA5C11EF8C19A0A5762E951A.roa (raw, json)
Hash identifier: 884xwiiLBNZfu1AqdyUoza2UKveQ69dT8Y2DVnBdRg4=
Subject key identifier: 2A:D3:AF:FB:DD:DC:E2:D2:30:2B:82:7C:0A:6B:BB:48:54:7E:42:FB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0147E2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/34789C0CDA5C11EF8C19A0A5762E951A.roa
Signing time: Fri 24 Jan 2025 14:05:02 +0000
ROA not before: Fri 24 Jan 2025 14:04:59 +0000
ROA not after: Wed 05 Mar 2025 14:04:59 +0000
asID: 48031
IP address blocks: 154.222.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83938 (0x147e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 14:04:59 2025 GMT
Not After : Mar 5 14:04:59 2025 GMT
Subject: CN=67939e0e-faa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:19:3e:2e:19:e5:4f:d5:59:7c:a6:97:bb:08:
b4:04:e1:d5:69:8a:4c:9d:52:25:8e:ac:e6:21:30:
4d:7d:a7:da:6c:42:45:89:c1:8c:f6:50:6c:0c:f4:
c5:82:1e:39:9c:cd:42:e1:57:0e:d9:a3:a5:ea:cb:
1d:ca:24:9e:bf:9f:16:cb:bc:73:f7:93:68:aa:7f:
d6:08:7b:ce:bd:8d:be:1c:59:07:bb:c8:bb:fb:33:
66:86:09:1f:da:0d:ec:40:b5:bf:a6:5c:4d:93:30:
f8:8e:7d:90:c4:ff:34:9f:2b:f2:cc:d0:df:7c:e0:
ee:d9:0e:69:db:a1:59:1c:98:93:ef:ae:2a:0a:05:
5b:cc:48:5c:49:94:f7:29:81:5b:d7:86:73:f1:c3:
d4:1c:21:85:4e:94:a0:bf:f4:f5:85:75:fb:e4:f4:
ba:d2:7b:2c:94:06:54:42:a1:c9:52:72:be:a1:ca:
39:e6:d4:25:b1:c1:45:60:9c:68:20:c6:ff:e0:9b:
d2:0d:e8:f6:1a:81:0d:a5:92:89:3d:01:a2:06:59:
85:9a:80:be:bc:e8:96:7a:a3:2c:35:38:a0:31:c9:
be:df:1f:6d:67:fe:54:ce:81:09:6c:e0:77:48:41:
09:4d:b2:a3:fa:24:6c:00:8e:ec:55:ec:6b:cb:b3:
1a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D3:AF:FB:DD:DC:E2:D2:30:2B:82:7C:0A:6B:BB:48:54:7E:42:FB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/34789C0CDA5C11EF8C19A0A5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.207.0/24
Signature Algorithm: sha256WithRSAEncryption
47:ec:e0:69:11:18:70:ec:6d:e9:a1:4d:63:0f:e1:6d:4b:1e:
b3:ce:d3:8a:6e:a3:a2:02:a0:79:f9:80:f6:f1:d7:74:2e:33:
58:88:d6:1c:a5:a1:04:ab:2f:f9:da:fd:77:7c:a0:51:56:98:
9d:97:f9:0c:9d:0f:52:a5:21:0e:27:90:d0:eb:b7:c3:70:da:
b0:2d:2f:1d:52:44:81:d5:48:cd:60:67:d3:a4:97:74:bc:52:
56:74:dc:ab:6a:db:44:c8:69:7f:2d:af:a5:01:f2:e0:fb:aa:
cd:0f:12:52:7c:ae:21:0d:ac:aa:81:95:25:34:1e:93:e1:b4:
48:cb:1d:14:07:c6:46:c9:dc:75:ed:51:41:e4:f6:7e:5e:95:
cc:02:d2:19:b2:f0:fe:51:e5:e6:fb:8b:83:fd:04:db:9b:13:
f7:66:8a:74:2d:99:b9:ac:5f:1f:b2:29:5b:9e:9c:b2:b1:9b:
aa:64:9e:52:fe:6b:1a:8e:65:bd:72:0e:c0:3f:9e:c0:c1:ae:
17:0c:bb:a7:4d:34:6c:f7:d6:46:26:bb:b2:a2:ea:0c:13:ff:
09:a7:43:5a:14:67:24:94:43:27:ba:f9:a0:ab:ba:c8:b0:9d:
e8:46:7b:fc:77:38:7d:1c:e0:bc:74:a9:0d:4c:3d:71:3d:28:
f2:54:83:7a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUfiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTQwNDU5WhcNMjUwMzA1MTQwNDU5WjAYMRYw
FAYDVQQDEw02NzkzOWUwZS1mYWE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6hk+LhnlT9VZfKaXuwi0BOHVaYpMnVIljqzmITBNfafabEJFicGM9lBs
DPTFgh45nM1C4VcO2aOl6ssdyiSev58Wy7xz95Noqn/WCHvOvY2+HFkHu8i7+zNm
hgkf2g3sQLW/plxNkzD4jn2QxP80nyvyzNDffODu2Q5p26FZHJiT764qCgVbzEhc
SZT3KYFb14Zz8cPUHCGFTpSgv/T1hXX75PS60nsslAZUQqHJUnK+oco55tQlscFF
YJxoIMb/4JvSDej2GoENpZKJPQGiBlmFmoC+vOiWeqMsNTigMcm+3x9tZ/5UzoEJ
bOB3SEEJTbKj+iRsAI7sVexry7Ma2wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCrT
r/vd3OLSMCuCfApru0hUfkL7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNDc4OUMwQ0RBNUMxMUVGOEMxOUEwQTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt7PMA0GCSqGSIb3DQEB
CwUAA4IBAQBH7OBpERhw7G3poU1jD+FtSx6zztOKbqOiAqB5+YD28dd0LjNYiNYc
paEEqy/52v13fKBRVpidl/kMnQ9SpSEOJ5DQ67fDcNqwLS8dUkSB1UjNYGfTpJd0
vFJWdNyrattEyGl/La+lAfLg+6rNDxJSfK4hDayqgZUlNB6T4bRIyx0UB8ZGydx1
7VFB5PZ+XpXMAtIZsvD+UeXm+4uD/QTbmxP3Zop0LZm5rF8fsilbnpyysZuqZJ5S
/msajmW9cg7AP57Awa4XDLunTTRs99ZGJruyouoME/8Jp0NaFGcklEMnuvmgq7rI
sJ3oRnv8dzh9HOC8dKkNTD1xPSjyVIN6
-----END CERTIFICATE-----
Generated at Sat Apr 26 01:56:05 2025 by rpki-client