Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A436380D68111EF8E3D8389762E951A.roa
File: 3A436380D68111EF8E3D8389762E951A.roa (raw, json)
Hash identifier: hkJZj1G0VbCXdbMP5yQxZEg58YYNCBw+qdHeE8cniIE=
Subject key identifier: E7:A6:58:F6:6D:C5:04:48:AE:78:0C:67:49:67:1C:8C:8C:41:DD:29
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013DFF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A436380D68111EF8E3D8389762E951A.roa
Signing time: Sun 19 Jan 2025 16:19:59 +0000
ROA not before: Sun 19 Jan 2025 16:19:55 +0000
ROA not after: Mon 24 Feb 2025 16:19:55 +0000
asID: 18779
IP address blocks: 154.203.60.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81407 (0x13dff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 19 16:19:55 2025 GMT
Not After : Feb 24 16:19:55 2025 GMT
Subject: CN=678d262f-64dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:71:f8:d2:7e:ed:e0:87:b1:b7:b5:f1:f4:34:
42:c4:4f:7e:5a:ce:59:d8:72:46:cc:3f:e9:05:79:
2d:cf:fd:fb:da:05:d0:9e:66:b3:4a:31:f8:28:47:
f5:24:4c:4d:87:58:a3:80:7c:65:41:ca:9e:5e:69:
1d:54:cb:b8:b0:98:48:98:55:e9:27:a8:63:88:20:
b6:92:fc:01:a1:00:d3:7b:8f:b6:30:22:a7:3f:c0:
fc:93:74:d9:65:13:09:a5:78:ff:17:b8:8e:51:14:
d0:b0:70:9c:19:f0:9d:bf:c8:90:f7:49:f5:66:f5:
ba:cd:87:eb:b7:20:5b:fb:ac:fd:37:73:1d:67:a2:
a3:ca:2b:b9:05:09:ff:f6:89:40:5f:ab:ee:6b:b5:
f5:6b:31:33:a8:fe:7b:ad:4e:b3:c5:03:ef:40:95:
77:35:84:35:5a:ca:2b:96:06:96:fc:a2:f3:42:9e:
3d:86:05:85:d2:b3:d3:07:ff:7b:9c:55:4d:99:c5:
96:54:a3:e9:18:43:29:55:7a:17:81:fd:b3:3f:94:
c8:d2:76:fd:d6:8a:be:a7:a4:5a:58:fb:1f:7f:91:
32:b9:cd:1c:c6:b9:ed:c0:ec:46:c3:2e:11:c0:b0:
89:a0:4b:d9:1a:91:7f:6f:44:7f:19:40:5d:6e:c4:
89:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:A6:58:F6:6D:C5:04:48:AE:78:0C:67:49:67:1C:8C:8C:41:DD:29
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3A436380D68111EF8E3D8389762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.60.0/23
Signature Algorithm: sha256WithRSAEncryption
94:91:32:cb:bd:09:4f:c4:bb:bf:79:e1:17:fc:b5:b0:0a:73:
38:e8:f2:92:0c:9a:ca:06:1e:ed:9b:96:6f:e5:a7:41:78:25:
78:45:00:0d:5a:2f:6c:50:f3:70:e5:01:b2:c1:c8:f3:29:95:
46:34:e3:ad:bc:a2:5e:89:5a:9d:1b:3e:5d:9f:26:6f:bf:3e:
ca:b8:ee:d4:57:eb:6c:53:fd:83:97:60:7b:fd:02:a9:b0:8e:
01:3b:9d:0e:94:aa:0c:38:88:af:b1:de:25:5a:5c:3a:be:f2:
f5:3c:47:08:88:72:7b:52:99:73:19:b1:6e:f5:8f:fd:11:af:
4c:63:83:c5:af:ff:c2:c0:97:67:1e:3c:3e:82:8e:e5:e2:53:
0a:a6:45:3d:c4:78:fe:e9:b0:55:00:4c:5e:1b:44:f0:c5:5f:
28:12:e9:01:0b:0e:84:dc:a1:f2:2d:e0:aa:1f:60:e7:3c:59:
98:ab:70:01:ad:f9:61:42:43:7e:6c:74:6f:90:63:4d:d5:68:
cf:5f:25:0f:de:2b:72:e1:cf:ba:c7:eb:5c:5e:5e:0c:c1:3d:
c7:ac:8d:de:66:2d:e8:a7:5f:c7:01:72:e2:e4:cb:66:55:1d:
48:bc:33:6a:e1:da:77:33:99:96:ec:5b:ab:b2:80:bb:b4:8e:
74:33:bb:e2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT3/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE5MTYxOTU1WhcNMjUwMjI0MTYxOTU1WjAYMRYw
FAYDVQQDEw02NzhkMjYyZi02NGRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvXH40n7t4Iext7Xx9DRCxE9+Ws5Z2HJGzD/pBXktz/372gXQnmazSjH4
KEf1JExNh1ijgHxlQcqeXmkdVMu4sJhImFXpJ6hjiCC2kvwBoQDTe4+2MCKnP8D8
k3TZZRMJpXj/F7iOURTQsHCcGfCdv8iQ90n1ZvW6zYfrtyBb+6z9N3MdZ6Kjyiu5
BQn/9olAX6vua7X1azEzqP57rU6zxQPvQJV3NYQ1WsorlgaW/KLzQp49hgWF0rPT
B/97nFVNmcWWVKPpGEMpVXoXgf2zP5TI0nb91oq+p6RaWPsff5Eyuc0cxrntwOxG
wy4RwLCJoEvZGpF/b0R/GUBdbsSJJQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOem
WPZtxQRIrngMZ0lnHIyMQd0pMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQTQzNjM4MEQ2ODExMUVGOEUzRDgzODk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmss8MA0GCSqGSIb3DQEB
CwUAA4IBAQCUkTLLvQlPxLu/eeEX/LWwCnM46PKSDJrKBh7tm5Zv5adBeCV4RQAN
Wi9sUPNw5QGywcjzKZVGNOOtvKJeiVqdGz5dnyZvvz7KuO7UV+tsU/2Dl2B7/QKp
sI4BO50OlKoMOIivsd4lWlw6vvL1PEcIiHJ7UplzGbFu9Y/9Ea9MY4PFr//CwJdn
Hjw+go7l4lMKpkU9xHj+6bBVAExeG0TwxV8oEukBCw6E3KHyLeCqH2DnPFmYq3AB
rflhQkN+bHRvkGNN1WjPXyUP3ity4c+6x+tcXl4MwT3HrI3eZi3op1/HAXLi5Mtm
VR1IvDNq4dp3M5mW7FursoC7tI50M7vi
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:48:08 2025 by rpki-client