Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36E3B5B4B3D111EFAC838C6D762E951A.roa
File: 36E3B5B4B3D111EFAC838C6D762E951A.roa (raw, json)
Hash identifier: MG2bsbr70ScAiAE2A7f3aJm/2gLElekVj2dsA6CR9QI=
Subject key identifier: 7F:DF:69:EF:44:BF:EB:E9:18:BA:73:24:69:7B:62:8D:B4:84:50:64
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0118DE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36E3B5B4B3D111EFAC838C6D762E951A.roa
Signing time: Fri 06 Dec 2024 12:54:22 +0000
ROA not before: Fri 06 Dec 2024 12:54:19 +0000
ROA not after: Mon 10 Mar 2025 12:54:19 +0000
asID: 54600
IP address blocks: 154.199.208.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71902 (0x118de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Dec 6 12:54:19 2024 GMT
Not After : Mar 10 12:54:19 2025 GMT
Subject: CN=6752f3fe-a176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:82:e5:4f:5f:12:e3:99:c6:78:9f:ce:a0:a6:
c3:27:a9:fb:65:4e:77:95:36:08:73:3e:6e:df:06:
79:30:c3:8a:91:ee:af:f1:1d:e2:f0:07:1e:35:b7:
57:43:76:61:c4:17:41:04:f4:e7:3f:3a:47:20:e5:
2b:40:a3:d2:b2:c0:32:53:d5:9a:e8:74:81:24:02:
92:dd:88:75:cd:da:46:bd:82:e6:9e:22:ec:53:e7:
10:ad:40:77:f3:49:14:4e:97:5e:50:de:c1:8c:11:
91:7c:6a:fb:6a:0e:0e:2d:71:fa:c7:63:48:df:ab:
1e:ce:fc:98:56:24:a6:48:84:e5:de:a8:3d:33:45:
fa:bd:5d:8e:33:62:9a:f0:2f:f4:41:01:13:d4:33:
15:40:87:46:1f:87:86:47:03:bd:e2:86:09:05:02:
81:34:32:ad:5b:d4:90:20:45:f0:2b:5b:9e:5c:31:
c6:2e:12:51:4c:16:8c:96:ef:77:0b:eb:29:d8:55:
5f:a9:14:84:10:6a:a2:03:f8:40:ca:44:4e:3e:5b:
50:cc:c8:3b:6f:a8:d9:93:73:7b:f3:20:3c:43:8e:
7b:5b:3f:46:2f:06:48:68:00:66:b0:2f:e2:44:06:
e5:1f:9a:b6:d0:8b:27:2b:00:b3:4a:1f:68:77:3b:
b4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:DF:69:EF:44:BF:EB:E9:18:BA:73:24:69:7B:62:8D:B4:84:50:64
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/36E3B5B4B3D111EFAC838C6D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.208.0/20
Signature Algorithm: sha256WithRSAEncryption
a5:a8:f6:db:58:75:24:29:65:24:62:8d:3b:bd:1c:7b:1d:69:
9e:48:81:1f:fa:e0:2f:73:dc:27:9f:2a:5f:cf:b8:37:12:49:
57:a8:ae:03:c8:3c:9a:4c:fa:45:af:ac:07:b9:2b:55:83:a8:
9b:f8:a4:f6:a2:3f:0c:d4:01:00:2c:cd:09:de:99:81:a6:12:
c1:6f:50:1d:05:c4:19:63:16:ed:96:a7:b5:6b:7f:3d:b7:6e:
da:03:c3:39:b8:f3:cf:7a:57:cb:b9:5c:5c:ac:d5:f5:be:93:
34:8a:b1:da:e1:47:01:cd:e1:02:9b:eb:f7:62:91:73:fb:54:
bf:80:29:a7:46:d4:ea:67:9e:2c:52:28:9c:12:b1:30:82:7f:
b7:ce:47:0e:39:0b:1e:18:cc:78:7c:11:68:b3:4c:99:7d:a1:
67:2a:71:d2:c2:f8:15:67:43:3a:4b:dc:9d:8c:a6:92:ab:bc:
e0:fe:6e:04:73:ee:2c:fe:48:51:6c:4e:a5:ea:12:f9:46:ca:
1d:ad:74:80:19:76:cb:4a:b0:fb:2c:d9:d6:bc:9d:02:af:44:
2a:cf:f9:33:d8:dd:09:14:f2:ef:5b:e5:02:dc:16:2b:99:eb:
d7:32:1c:50:6d:20:5d:66:56:75:1c:c9:f2:f5:2a:e9:7e:3c:
40:24:5a:80
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARjeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjA2MTI1NDE5WhcNMjUwMzEwMTI1NDE5WjAYMRYw
FAYDVQQDEw02NzUyZjNmZS1hMTc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1ILlT18S45nGeJ/OoKbDJ6n7ZU53lTYIcz5u3wZ5MMOKke6v8R3i8Ace
NbdXQ3ZhxBdBBPTnPzpHIOUrQKPSssAyU9Wa6HSBJAKS3Yh1zdpGvYLmniLsU+cQ
rUB380kUTpdeUN7BjBGRfGr7ag4OLXH6x2NI36sezvyYViSmSITl3qg9M0X6vV2O
M2Ka8C/0QQET1DMVQIdGH4eGRwO94oYJBQKBNDKtW9SQIEXwK1ueXDHGLhJRTBaM
lu93C+sp2FVfqRSEEGqiA/hAykROPltQzMg7b6jZk3N78yA8Q457Wz9GLwZIaABm
sC/iRAblH5q20IsnKwCzSh9odzu0JQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH/f
ae9Ev+vpGLpzJGl7Yo20hFBkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNkUzQjVCNEIzRDExMUVGQUM4MzhDNkQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmsfQMA0GCSqGSIb3DQEB
CwUAA4IBAQClqPbbWHUkKWUkYo07vRx7HWmeSIEf+uAvc9wnnypfz7g3EklXqK4D
yDyaTPpFr6wHuStVg6ib+KT2oj8M1AEALM0J3pmBphLBb1AdBcQZYxbtlqe1a389
t27aA8M5uPPPelfLuVxcrNX1vpM0irHa4UcBzeECm+v3YpFz+1S/gCmnRtTqZ54s
UiicErEwgn+3zkcOOQseGMx4fBFos0yZfaFnKnHSwvgVZ0M6S9ydjKaSq7zg/m4E
c+4s/khRbE6l6hL5RsodrXSAGXbLSrD7LNnWvJ0Cr0Qqz/kz2N0JFPLvW+UC3BYr
mevXMhxQbSBdZlZ1HMny9SrpfjxAJFqA
-----END CERTIFICATE-----
Generated at Sun Apr 27 02:37:09 2025 by rpki-client