Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3AD700A4DFE111EFBBB3D561762E951A.roa
File: 3AD700A4DFE111EFBBB3D561762E951A.roa (raw, json)
Hash identifier: wFF6OWUyqo7jPehNXfy8dCbbgfMz7MMysJgoAlCY71Y=
Subject key identifier: 65:BC:67:A5:2C:D4:D2:13:2F:05:E3:9D:52:ED:86:AE:72:5E:A6:79
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014DB9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3AD700A4DFE111EFBBB3D561762E951A.roa
Signing time: Fri 31 Jan 2025 14:39:52 +0000
ROA not before: Fri 31 Jan 2025 14:39:48 +0000
ROA not after: Fri 07 Feb 2025 14:39:48 +0000
asID: 63199
IP address blocks: 154.223.84.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85433 (0x14db9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 31 14:39:48 2025 GMT
Not After : Feb 7 14:39:48 2025 GMT
Subject: CN=679ce0b8-9bba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:14:d8:a4:82:4d:f8:8e:97:95:ce:03:5a:52:
d6:75:11:64:7e:ac:a5:70:0c:4d:02:c3:87:17:e0:
cc:4e:b3:3d:65:4f:a9:c7:31:a3:61:f0:89:38:a0:
67:58:3a:4f:9d:79:22:f2:16:53:a7:0e:87:24:73:
ca:61:86:95:5e:bf:8f:c1:f3:0d:5f:e0:76:7f:61:
47:50:fd:23:a7:1c:f6:65:4d:18:1b:c9:64:e2:8a:
05:18:f5:b5:9d:45:b5:dd:6a:44:2b:6a:d3:f7:9f:
8a:b3:cf:8b:1b:dc:90:f0:de:43:38:92:11:a3:44:
f4:27:99:80:9f:71:7a:6b:4b:40:d0:52:b0:97:1b:
5a:ee:d1:d1:26:04:59:15:37:5d:52:e2:f0:43:59:
bc:fd:7c:91:9f:02:58:ec:fc:99:50:3c:00:1b:bb:
06:9d:5c:23:7e:0d:cf:f8:8f:7f:ca:d0:15:28:33:
f5:37:d2:10:35:4d:6c:ff:62:b5:b0:11:3a:04:ed:
75:e2:e1:a4:63:15:0b:7a:ab:80:77:f0:12:40:08:
fc:48:df:d7:d7:e2:78:8a:0a:8a:74:60:ab:d2:4e:
ea:97:85:14:93:54:0e:8e:12:57:a0:ba:6b:f9:ef:
0a:ef:15:c3:b4:5c:e7:86:97:c7:eb:9b:69:63:ff:
e3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:BC:67:A5:2C:D4:D2:13:2F:05:E3:9D:52:ED:86:AE:72:5E:A6:79
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3AD700A4DFE111EFBBB3D561762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.84.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:2e:39:2c:c9:76:59:5c:74:9a:ef:4d:33:52:6c:84:d5:cf:
49:b0:64:72:c8:8c:17:4f:ee:4e:ea:57:a1:fe:b1:29:74:b0:
cf:e7:a0:17:6b:fd:50:ed:8e:2e:31:a6:d5:48:1b:49:6a:20:
1c:22:71:8a:b8:b9:4d:c9:d4:ba:56:45:bb:b0:68:66:62:08:
66:91:f8:e5:cf:60:49:4d:44:3d:55:f7:69:69:8b:9b:57:ae:
da:f7:61:c1:82:ed:95:04:29:38:9f:f4:39:ea:9d:72:96:d8:
ca:e1:b5:7b:06:7b:d1:91:f6:3f:86:f4:04:be:3a:71:92:08:
07:55:e1:c2:74:54:2f:52:36:d3:64:a2:73:51:d4:e7:38:48:
3d:2f:2f:37:e6:3d:e8:ed:45:ef:51:ab:07:1a:ce:f8:7e:31:
ea:5f:be:80:61:c9:84:da:64:5e:ea:d1:4e:91:7f:58:61:56:
64:91:bc:d2:1a:ba:bf:38:29:48:70:f8:8a:14:0c:8c:6a:c7:
51:f1:3d:2b:a3:e0:e4:3b:f8:93:27:51:fc:38:73:3d:8e:fc:
7e:67:2e:e4:d9:28:7f:0b:ce:d3:2d:98:13:cf:12:a6:60:75:
f6:9b:df:a4:bf:0c:8d:23:0e:50:ac:01:43:8f:da:d2:df:fd:
8c:3e:be:c3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAU25MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTMxMTQzOTQ4WhcNMjUwMjA3MTQzOTQ4WjAYMRYw
FAYDVQQDEw02NzljZTBiOC05YmJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6xTYpIJN+I6Xlc4DWlLWdRFkfqylcAxNAsOHF+DMTrM9ZU+pxzGjYfCJ
OKBnWDpPnXki8hZTpw6HJHPKYYaVXr+PwfMNX+B2f2FHUP0jpxz2ZU0YG8lk4ooF
GPW1nUW13WpEK2rT95+Ks8+LG9yQ8N5DOJIRo0T0J5mAn3F6a0tA0FKwlxta7tHR
JgRZFTddUuLwQ1m8/XyRnwJY7PyZUDwAG7sGnVwjfg3P+I9/ytAVKDP1N9IQNU1s
/2K1sBE6BO114uGkYxULequAd/ASQAj8SN/X1+J4igqKdGCr0k7ql4UUk1QOjhJX
oLpr+e8K7xXDtFznhpfH65tpY//jiQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGW8
Z6Us1NITLwXjnVLthq5yXqZ5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQUQ3MDBBNERGRTExMUVGQkJCM0Q1NjE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmt9UMA0GCSqGSIb3DQEB
CwUAA4IBAQAPLjksyXZZXHSa700zUmyE1c9JsGRyyIwXT+5O6leh/rEpdLDP56AX
a/1Q7Y4uMabVSBtJaiAcInGKuLlNydS6VkW7sGhmYghmkfjlz2BJTUQ9VfdpaYub
V67a92HBgu2VBCk4n/Q56p1yltjK4bV7BnvRkfY/hvQEvjpxkggHVeHCdFQvUjbT
ZKJzUdTnOEg9Ly835j3o7UXvUasHGs74fjHqX76AYcmE2mRe6tFOkX9YYVZkkbzS
Grq/OClIcPiKFAyMasdR8T0ro+DkO/iTJ1H8OHM9jvx+Zy7k2Sh/C87TLZgTzxKm
YHX2m9+kvwyNIw5QrAFDj9rS3/2MPr7D
-----END CERTIFICATE-----
Generated at Sun Apr 27 02:40:14 2025 by rpki-client