Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/38A2CAC0DE1511EF8BA5E54D762E951A.roa
File: 38A2CAC0DE1511EF8BA5E54D762E951A.roa (raw, json)
Hash identifier: CgAJNnPK1pERKGj3nNgxiBolf/BwuQ5Kq701uXgdS1U=
Subject key identifier: 04:2C:E1:87:72:EA:EE:9A:9E:4E:1F:60:89:0E:B5:F6:22:BF:D4:45
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014D2F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/38A2CAC0DE1511EF8BA5E54D762E951A.roa
Signing time: Wed 29 Jan 2025 07:47:00 +0000
ROA not before: Wed 29 Jan 2025 07:46:56 +0000
ROA not after: Wed 05 Mar 2025 07:46:56 +0000
asID: 203020
IP address blocks: 154.208.128.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85295 (0x14d2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 29 07:46:56 2025 GMT
Not After : Mar 5 07:46:56 2025 GMT
Subject: CN=6799dcf4-c7b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5b:f5:2c:7d:b7:ac:b9:25:a6:5a:88:25:f0:
40:65:6a:f3:0b:23:df:f0:c0:2b:21:ef:fb:70:bb:
78:6d:22:72:99:1f:dc:ef:4a:34:27:74:c4:4d:b0:
84:0b:9d:67:44:92:d3:30:3d:c2:ee:9e:29:5e:69:
a4:d6:16:84:9a:73:f1:8c:82:9e:73:51:06:25:5b:
bf:d3:2a:81:be:6d:c4:ce:05:5c:3e:bd:bb:9c:0b:
bb:8e:41:a9:88:2a:6d:36:50:27:4f:fc:a8:fc:ac:
e8:bc:46:0c:6c:73:49:cc:6c:c3:8f:d1:d9:b7:c0:
04:6b:78:cd:e5:c1:93:0f:d6:2e:6c:3b:1c:f2:a8:
8e:5c:ea:aa:85:52:20:13:11:86:f0:2d:47:46:89:
55:1c:7f:d0:ac:fa:89:6c:2c:bd:77:40:35:da:d9:
10:63:80:2f:55:4a:d1:14:cb:27:10:a3:be:a9:f4:
f7:9a:1b:86:67:9c:b4:c7:fd:60:4b:7c:d4:e4:d0:
9e:6f:a4:e2:65:ed:dc:34:23:6b:64:87:69:00:46:
99:ae:c8:67:28:5e:2d:d0:9b:8a:a6:b4:46:8e:fc:
0c:78:c9:e2:e9:c4:02:5b:18:72:e2:5f:bc:0b:69:
f3:2c:6b:7f:1f:00:4c:db:e7:c9:af:03:28:e7:41:
83:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:2C:E1:87:72:EA:EE:9A:9E:4E:1F:60:89:0E:B5:F6:22:BF:D4:45
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/38A2CAC0DE1511EF8BA5E54D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.128.0/23
Signature Algorithm: sha256WithRSAEncryption
d4:0f:72:80:31:63:e9:29:30:84:7c:cf:3d:e2:88:11:0a:21:
50:30:f5:0c:09:d4:8d:ed:c2:94:0d:d7:1e:ef:5d:14:c8:86:
fc:2e:b8:41:8e:ae:11:7a:11:24:b3:5f:4d:1e:ba:3e:99:bc:
f9:94:cb:63:51:7f:52:15:0e:df:a3:37:e8:0a:60:ce:22:5c:
ed:70:6a:1c:84:b1:00:cb:3d:d9:38:87:28:5b:6e:69:2f:17:
62:00:4a:af:fc:e2:0f:8f:63:39:a1:98:08:7a:04:57:df:85:
30:71:50:54:f3:72:a3:d5:e4:35:69:1c:db:4f:97:5e:fc:a3:
bb:1b:9d:f5:db:60:72:34:76:83:1a:d6:5d:4a:5a:da:55:c5:
c2:c8:e5:6d:71:84:89:1c:f7:fe:7d:15:82:39:c2:72:51:fa:
e1:31:cd:65:87:39:91:57:78:dc:87:ea:19:fd:e1:ea:d1:47:
58:0b:6c:6a:86:a3:42:ec:1a:ad:ea:a1:3c:90:af:de:06:b4:
fe:d8:8f:2d:4a:ba:4f:3a:c7:1e:2e:3a:8e:08:6f:98:e3:fd:
c9:21:fa:94:19:90:05:b3:23:8b:fa:8a:e2:19:9a:ac:49:cd:
0d:ae:e4:c2:c8:20:5f:0b:24:f5:79:07:5c:b5:85:13:8c:cc:
07:cd:7f:21
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAU0vMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI5MDc0NjU2WhcNMjUwMzA1MDc0NjU2WjAYMRYw
FAYDVQQDEw02Nzk5ZGNmNC1jN2I0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyVv1LH23rLklplqIJfBAZWrzCyPf8MArIe/7cLt4bSJymR/c70o0J3TE
TbCEC51nRJLTMD3C7p4pXmmk1haEmnPxjIKec1EGJVu/0yqBvm3EzgVcPr27nAu7
jkGpiCptNlAnT/yo/KzovEYMbHNJzGzDj9HZt8AEa3jN5cGTD9YubDsc8qiOXOqq
hVIgExGG8C1HRolVHH/QrPqJbCy9d0A12tkQY4AvVUrRFMsnEKO+qfT3mhuGZ5y0
x/1gS3zU5NCeb6TiZe3cNCNrZIdpAEaZrshnKF4t0JuKprRGjvwMeMni6cQCWxhy
4l+8C2nzLGt/HwBM2+fJrwMo50GDiQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAQs
4Ydy6u6ank4fYIkOtfYiv9RFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zOEEyQ0FDMERFMTUxMUVGOEJBNUU1NEQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtCAMA0GCSqGSIb3DQEB
CwUAA4IBAQDUD3KAMWPpKTCEfM894ogRCiFQMPUMCdSN7cKUDdce710UyIb8LrhB
jq4RehEks19NHro+mbz5lMtjUX9SFQ7fozfoCmDOIlztcGochLEAyz3ZOIcoW25p
LxdiAEqv/OIPj2M5oZgIegRX34UwcVBU83Kj1eQ1aRzbT5de/KO7G53122ByNHaD
GtZdSlraVcXCyOVtcYSJHPf+fRWCOcJyUfrhMc1lhzmRV3jch+oZ/eHq0UdYC2xq
hqNC7Bqt6qE8kK/eBrT+2I8tSrpPOsceLjqOCG+Y4/3JIfqUGZAFsyOL+oriGZqs
Sc0NruTCyCBfCyT1eQdctYUTjMwHzX8h
-----END CERTIFICATE-----
Generated at Fri Apr 25 16:40:40 2025 by rpki-client