Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3C87AA6CDA4A11EF8E16C8AB762E951A.roa
File: 3C87AA6CDA4A11EF8E16C8AB762E951A.roa (raw, json)
Hash identifier: 0/D6fqTRTyrbW55s5nupImabtaOCHEBPlJqt3kSUZCA=
Subject key identifier: 37:8E:43:C0:0A:9F:51:33:8B:B8:EF:C2:DD:EA:8C:35:F4:9B:76:BF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01465D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3C87AA6CDA4A11EF8E16C8AB762E951A.roa
Signing time: Fri 24 Jan 2025 11:56:25 +0000
ROA not before: Fri 24 Jan 2025 11:56:21 +0000
ROA not after: Wed 05 Mar 2025 11:56:21 +0000
asID: 202656
IP address blocks: 154.222.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83549 (0x1465d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 11:56:21 2025 GMT
Not After : Mar 5 11:56:21 2025 GMT
Subject: CN=67937fe9-0170
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:7c:fa:4f:3b:1b:f7:ac:53:f7:13:2b:98:44:
a2:2a:7c:91:50:03:7a:8b:c7:60:72:3a:3d:43:d8:
5c:46:b1:d5:6e:76:1c:e1:6f:55:17:56:0a:94:1c:
ee:55:49:56:64:c8:7e:2f:48:99:dd:25:44:8b:6f:
de:b8:52:62:33:87:42:4f:86:f6:ad:ad:21:72:93:
5c:02:7a:80:33:d7:19:88:b9:44:a2:ce:f3:5b:48:
b5:67:ba:87:0f:01:4d:44:f2:ff:8d:7b:87:64:96:
71:4d:3c:80:0b:a9:19:29:db:7e:26:1d:56:4c:fc:
cf:a1:bc:27:ae:7f:ca:f4:11:45:70:0d:98:99:1c:
3e:99:65:2f:2a:40:70:02:b0:b1:1b:c1:f6:81:5a:
5d:99:48:3f:04:06:c7:02:8e:f4:54:9c:b8:65:a2:
43:e2:a5:33:19:0d:2f:37:c6:1a:53:8f:31:d3:5d:
99:81:e1:e2:09:16:34:40:2f:91:12:d3:b2:1b:7b:
2c:4f:67:03:d0:95:69:d9:e2:40:7e:44:62:ed:fd:
eb:44:f0:63:9b:0f:1b:d1:24:b5:bb:be:a4:31:85:
14:6c:47:bd:92:0f:f6:f8:a7:1a:db:72:8b:fe:e3:
d9:3c:57:54:2a:8f:22:cf:83:5d:57:df:73:15:49:
6c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:8E:43:C0:0A:9F:51:33:8B:B8:EF:C2:DD:EA:8C:35:F4:9B:76:BF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3C87AA6CDA4A11EF8E16C8AB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.204.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:09:3a:a4:db:66:c7:6b:40:d2:9f:4e:0d:20:aa:78:62:cd:
5b:35:5c:4b:30:45:05:3f:e4:99:d1:f3:4f:d8:d1:37:18:da:
43:f0:8c:96:fe:16:89:ab:43:7f:1c:6b:a1:96:0b:e3:aa:ea:
52:88:45:fd:ef:4a:47:dc:ce:15:6e:4b:5e:8f:03:8e:37:f9:
ce:26:ed:18:3e:25:d4:4a:f4:71:c7:19:12:39:3e:da:3e:9b:
fb:8c:81:fe:ec:e0:e8:08:dd:cb:8a:1f:26:89:3f:13:76:a1:
34:9d:a5:33:e4:0d:2b:b8:fa:de:b2:50:f5:e4:99:ec:52:b8:
3f:8f:74:4a:c8:73:f4:e8:52:3e:44:ba:97:54:1a:03:ac:56:
36:47:97:43:ae:d5:a3:62:f7:37:ff:d1:63:da:07:fa:11:53:
24:7c:92:aa:fd:36:d4:87:7f:68:c1:20:79:2d:74:29:26:6b:
98:4a:fa:14:46:61:75:23:c4:35:8c:14:aa:82:17:16:27:3e:
64:be:0f:18:9d:8a:69:d3:a0:7b:42:24:22:0b:f0:f4:49:73:
7f:63:ca:38:df:9a:b7:d7:63:af:3d:49:39:78:82:f8:61:75:
57:b9:3a:e7:b5:21:da:1c:cd:8c:38:f1:43:6e:b5:5e:b9:52:
f7:23:08:e9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUZdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTE1NjIxWhcNMjUwMzA1MTE1NjIxWjAYMRYw
FAYDVQQDEw02NzkzN2ZlOS0wMTcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz3z6Tzsb96xT9xMrmESiKnyRUAN6i8dgcjo9Q9hcRrHVbnYc4W9VF1YK
lBzuVUlWZMh+L0iZ3SVEi2/euFJiM4dCT4b2ra0hcpNcAnqAM9cZiLlEos7zW0i1
Z7qHDwFNRPL/jXuHZJZxTTyAC6kZKdt+Jh1WTPzPobwnrn/K9BFFcA2YmRw+mWUv
KkBwArCxG8H2gVpdmUg/BAbHAo70VJy4ZaJD4qUzGQ0vN8YaU48x012ZgeHiCRY0
QC+REtOyG3ssT2cD0JVp2eJAfkRi7f3rRPBjmw8b0SS1u76kMYUUbEe9kg/2+Kca
23KL/uPZPFdUKo8iz4NdV99zFUlswwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDeO
Q8AKn1Ezi7jvwt3qjDX0m3a/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQzg3QUE2Q0RBNEExMUVGOEUxNkM4QUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt7MMA0GCSqGSIb3DQEB
CwUAA4IBAQCoCTqk22bHa0DSn04NIKp4Ys1bNVxLMEUFP+SZ0fNP2NE3GNpD8IyW
/haJq0N/HGuhlgvjqupSiEX970pH3M4VbktejwOON/nOJu0YPiXUSvRxxxkSOT7a
Ppv7jIH+7ODoCN3Lih8miT8TdqE0naUz5A0ruPreslD15JnsUrg/j3RKyHP06FI+
RLqXVBoDrFY2R5dDrtWjYvc3/9Fj2gf6EVMkfJKq/TbUh39owSB5LXQpJmuYSvoU
RmF1I8Q1jBSqghcWJz5kvg8YnYpp06B7QiQiC/D0SXN/Y8o435q312OvPUk5eIL4
YXVXuTrntSHaHM2MOPFDbrVeuVL3Iwjp
-----END CERTIFICATE-----
Generated at Sun Apr 27 09:50:44 2025 by rpki-client