Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3627F834D8DD11EF8F37AD8C762E951A.roa
File: 3627F834D8DD11EF8F37AD8C762E951A.roa (raw, json)
Hash identifier: F4iPQePV9CE8ZGr/62xLf7aab6Ny75zNyHAaZPE5V/Y=
Subject key identifier: 28:69:D4:94:6E:F7:ED:57:6D:F7:D7:C0:6F:FF:4F:62:27:2D:FB:F7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013FE0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3627F834D8DD11EF8F37AD8C762E951A.roa
Signing time: Wed 22 Jan 2025 16:23:28 +0000
ROA not before: Wed 22 Jan 2025 16:23:24 +0000
ROA not after: Sat 15 Mar 2025 16:23:24 +0000
asID: 138915
IP address blocks: 154.206.118.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81888 (0x13fe0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 22 16:23:24 2025 GMT
Not After : Mar 15 16:23:24 2025 GMT
Subject: CN=67911b80-2dca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:cf:ab:d4:03:f5:2f:59:5e:29:5b:db:72:11:
2d:59:09:f5:4b:53:dc:f8:dd:7e:ba:46:43:27:b5:
55:47:cf:f6:a5:5f:9b:d9:00:af:b8:02:fd:ac:1f:
73:e1:b4:38:f8:71:a0:b7:51:51:d5:19:31:98:29:
2a:bf:1e:34:c4:a3:ad:bb:06:21:94:1c:8f:a8:ab:
4a:a8:0d:13:a1:b7:f6:65:1a:60:73:be:81:97:8b:
71:5f:8a:49:35:f8:ec:40:72:a1:3f:d7:2f:6f:18:
23:7a:be:0c:dd:db:48:4b:ae:aa:b0:a0:c9:8a:c5:
47:60:f8:f7:85:7f:35:c3:45:f7:85:e9:30:aa:27:
e8:fb:12:88:a8:06:87:ae:09:ef:9d:ef:c2:3b:4f:
e3:7b:48:94:d8:cb:b3:5d:e6:af:45:4a:1f:0f:3d:
d2:da:e2:23:f1:8f:6d:35:8e:39:74:2e:27:25:80:
9c:ae:f4:35:9c:8a:ae:6a:41:58:b4:0d:e8:cb:fc:
2e:94:86:9c:82:d8:94:3a:64:74:70:68:27:13:8a:
d0:ee:92:8c:f5:93:de:8e:2d:fe:8b:ec:88:d4:ac:
01:21:cd:91:68:8d:c3:30:6e:1e:4d:0f:1c:59:63:
98:ad:aa:2f:03:ac:04:fb:7c:7d:48:44:7c:62:e8:
0e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:69:D4:94:6E:F7:ED:57:6D:F7:D7:C0:6F:FF:4F:62:27:2D:FB:F7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3627F834D8DD11EF8F37AD8C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.118.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:fa:26:07:b6:f4:f4:7c:f8:51:fc:dd:7c:99:b5:82:e5:dd:
b0:27:77:2e:2a:8b:9f:00:57:9a:a7:d2:b7:2b:10:98:b5:e7:
94:57:67:87:82:38:8b:11:59:81:ae:cf:68:25:8d:99:50:b9:
4c:44:0c:31:87:ce:17:cf:96:1d:4b:80:3c:28:1b:88:90:40:
aa:e9:a9:6f:06:a9:9f:bd:35:4a:92:bf:17:5f:3b:2a:4a:00:
74:ee:57:97:6b:20:6b:26:af:62:b1:fe:49:e8:a5:f1:10:a8:
8a:6d:42:8c:dc:c3:85:00:ec:a5:a3:38:5a:d8:9c:e8:9d:28:
36:11:ce:fa:cb:d0:01:41:35:a2:cd:08:b2:f5:1f:31:ad:56:
23:08:28:f9:2c:24:cb:d1:f0:de:7f:2b:fb:82:15:02:e1:95:
b7:81:2b:ae:f0:32:c3:20:33:be:0e:f9:e4:00:fb:da:bf:ad:
8f:52:f6:38:3a:3e:7c:ff:b0:cf:57:34:12:ee:d4:b7:52:41:
dd:82:2e:49:a9:8b:dc:55:5a:f2:f1:9c:2c:52:85:f4:13:cf:
af:6d:e4:f1:08:37:ed:77:d5:82:3e:6b:57:34:ae:be:b3:0b:
61:b0:6e:bb:b1:93:9d:e5:1d:40:9f:58:d2:81:dd:43:98:79:
aa:c5:08:62
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT/gMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIyMTYyMzI0WhcNMjUwMzE1MTYyMzI0WjAYMRYw
FAYDVQQDEw02NzkxMWI4MC0yZGNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA08+r1AP1L1leKVvbchEtWQn1S1Pc+N1+ukZDJ7VVR8/2pV+b2QCvuAL9
rB9z4bQ4+HGgt1FR1RkxmCkqvx40xKOtuwYhlByPqKtKqA0Tobf2ZRpgc76Bl4tx
X4pJNfjsQHKhP9cvbxgjer4M3dtIS66qsKDJisVHYPj3hX81w0X3hekwqifo+xKI
qAaHrgnvne/CO0/je0iU2MuzXeavRUofDz3S2uIj8Y9tNY45dC4nJYCcrvQ1nIqu
akFYtA3oy/wulIacgtiUOmR0cGgnE4rQ7pKM9ZPeji3+i+yI1KwBIc2RaI3DMG4e
TQ8cWWOYraovA6wE+3x9SER8YugOYQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFChp
1JRu9+1XbffXwG//T2InLfv3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNjI3RjgzNEQ4REQxMUVGOEYzN0FEOEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms52MA0GCSqGSIb3DQEB
CwUAA4IBAQCt+iYHtvT0fPhR/N18mbWC5d2wJ3cuKoufAFeap9K3KxCYteeUV2eH
gjiLEVmBrs9oJY2ZULlMRAwxh84Xz5YdS4A8KBuIkECq6alvBqmfvTVKkr8XXzsq
SgB07leXayBrJq9isf5J6KXxEKiKbUKM3MOFAOylozha2JzonSg2Ec76y9ABQTWi
zQiy9R8xrVYjCCj5LCTL0fDefyv7ghUC4ZW3gSuu8DLDIDO+DvnkAPvav62PUvY4
Oj58/7DPVzQS7tS3UkHdgi5JqYvcVVry8ZwsUoX0E8+vbeTxCDftd9WCPmtXNK6+
swthsG67sZOd5R1An1jSgd1DmHmqxQhi
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:52:08 2025 by rpki-client