Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3DE8924EDA4111EFB9A30C70762E951A.roa
File: 3DE8924EDA4111EFB9A30C70762E951A.roa (raw, json)
Hash identifier: JRYNY0ezQF0fkcaTK6DnZqQXvKncHzerbIQ65P0XDm8=
Subject key identifier: 64:5F:DA:DD:07:FD:B7:B2:D3:07:87:BA:D1:A5:D3:60:41:BD:4E:65
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0145C5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3DE8924EDA4111EFB9A30C70762E951A.roa
Signing time: Fri 24 Jan 2025 10:52:02 +0000
ROA not before: Fri 24 Jan 2025 10:51:58 +0000
ROA not after: Fri 28 Feb 2025 10:51:58 +0000
asID: 62240
IP address blocks: 154.196.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83397 (0x145c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 10:51:58 2025 GMT
Not After : Feb 28 10:51:58 2025 GMT
Subject: CN=679370d2-ce5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:60:c0:23:57:b7:e7:e7:02:b8:73:ee:e5:b7:
67:7f:e5:b2:89:8a:30:33:55:46:29:72:2d:f6:0f:
71:d6:e0:cc:9d:54:0f:fa:68:75:f5:b9:3f:c1:32:
1b:e4:f4:44:ed:f8:74:6f:e9:cc:cf:7d:0f:b0:35:
2f:9e:7d:b6:3f:d5:89:0f:8b:18:de:2f:09:7d:07:
6b:9e:28:de:24:82:d6:1e:43:61:d7:84:78:5e:b7:
a1:ac:c0:00:95:2c:3b:92:75:1a:99:21:b3:65:6f:
9e:ec:9b:3c:9c:eb:fd:f9:88:fc:2b:d8:30:15:4a:
b6:b3:8f:a0:78:1e:bc:6e:ce:ae:e4:06:d3:78:06:
01:35:9d:a9:4a:eb:3f:50:8f:7c:7e:37:b0:dd:40:
78:b2:49:19:fb:7c:63:e8:89:b4:c2:70:1a:9e:5c:
7e:69:a0:92:cf:6a:28:36:48:99:5b:aa:bf:38:74:
03:eb:ba:97:25:41:18:bb:32:bf:27:35:0c:6d:f3:
29:59:c0:8b:25:e0:09:79:55:9f:fa:16:ce:84:64:
cf:89:ed:05:df:49:13:b1:2e:06:98:d4:0f:71:bf:
92:07:46:52:32:20:6d:7e:22:33:c0:db:21:82:bc:
7f:07:96:96:e1:c2:bc:ba:4e:1a:e2:19:1b:f5:f7:
34:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:5F:DA:DD:07:FD:B7:B2:D3:07:87:BA:D1:A5:D3:60:41:BD:4E:65
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3DE8924EDA4111EFB9A30C70762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.67.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:e2:c6:b8:f4:78:b1:1f:2e:27:c5:5d:5d:14:10:86:f4:46:
cc:9e:c5:9b:66:31:9a:fa:24:08:09:4e:bf:e7:86:e3:50:34:
92:ad:19:07:dc:27:ca:23:cd:bc:4f:61:5c:48:d2:1e:08:9c:
a7:ca:ef:18:d6:d2:15:04:eb:68:14:00:2b:7e:2e:f4:32:54:
e9:35:63:46:7f:52:92:7f:8c:b5:34:d6:c9:81:54:e2:f1:17:
aa:c8:25:dc:95:34:f8:7a:5d:50:60:10:0c:aa:8d:a4:36:ae:
74:9a:1d:2a:7a:c8:f3:2a:8b:63:c0:b8:cf:4f:0e:40:0b:83:
8d:f6:d3:28:2d:a3:6a:a0:a6:a2:66:bd:d3:e2:ec:5e:50:4c:
57:b8:61:a2:51:52:20:29:93:b4:4a:3a:0f:03:81:d5:46:95:
0a:ab:8c:12:2a:37:40:34:95:00:b9:89:8d:91:01:26:f8:bf:
38:fa:46:5e:61:f2:c9:8a:8a:7d:e0:95:91:dc:7c:87:32:93:
da:e8:50:0b:0c:94:92:19:24:d2:77:bc:c8:e5:99:b0:73:b8:
44:dc:ac:b2:13:fa:f3:bc:f7:70:8d:6b:5b:34:e1:a4:a5:2c:
1f:e7:ed:37:69:e7:68:93:f7:96:a4:99:b4:58:65:f7:2a:e5:
4c:0c:be:b6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUXFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTA1MTU4WhcNMjUwMjI4MTA1MTU4WjAYMRYw
FAYDVQQDEw02NzkzNzBkMi1jZTVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAomDAI1e35+cCuHPu5bdnf+WyiYowM1VGKXIt9g9x1uDMnVQP+mh19bk/
wTIb5PRE7fh0b+nMz30PsDUvnn22P9WJD4sY3i8JfQdrnijeJILWHkNh14R4Xreh
rMAAlSw7knUamSGzZW+e7Js8nOv9+Yj8K9gwFUq2s4+geB68bs6u5AbTeAYBNZ2p
Sus/UI98fjew3UB4skkZ+3xj6Im0wnAanlx+aaCSz2ooNkiZW6q/OHQD67qXJUEY
uzK/JzUMbfMpWcCLJeAJeVWf+hbOhGTPie0F30kTsS4GmNQPcb+SB0ZSMiBtfiIz
wNshgrx/B5aW4cK8uk4a4hkb9fc0EwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGRf
2t0H/bey0weHutGl02BBvU5lMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zREU4OTI0RURBNDExMUVGQjlBMzBDNzA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsRDMA0GCSqGSIb3DQEB
CwUAA4IBAQBs4sa49HixHy4nxV1dFBCG9EbMnsWbZjGa+iQICU6/54bjUDSSrRkH
3CfKI828T2FcSNIeCJynyu8Y1tIVBOtoFAArfi70MlTpNWNGf1KSf4y1NNbJgVTi
8ReqyCXclTT4el1QYBAMqo2kNq50mh0qesjzKotjwLjPTw5AC4ON9tMoLaNqoKai
Zr3T4uxeUExXuGGiUVIgKZO0SjoPA4HVRpUKq4wSKjdANJUAuYmNkQEm+L84+kZe
YfLJiop94JWR3HyHMpPa6FALDJSSGSTSd7zI5Zmwc7hE3KyyE/rzvPdwjWtbNOGk
pSwf5+03aedok/eWpJm0WGX3KuVMDL62
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:49:58 2025 by rpki-client