Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E0A9474DA5111EF89A2585C762E951A.roa
File: 3E0A9474DA5111EF89A2585C762E951A.roa (raw, json)
Hash identifier: NnttmzPIPjRDXXE1rRp870lXG2MoYgcmpf2Rfe+JJjE=
Subject key identifier: 89:0E:67:E9:2F:2E:0A:23:DA:FF:AE:4D:03:E0:17:95:13:B2:E9:F7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014701
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E0A9474DA5111EF89A2585C762E951A.roa
Signing time: Fri 24 Jan 2025 12:46:34 +0000
ROA not before: Fri 24 Jan 2025 12:46:30 +0000
ROA not after: Wed 05 Mar 2025 12:46:30 +0000
asID: 44559
IP address blocks: 154.209.155.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83713 (0x14701)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 12:46:30 2025 GMT
Not After : Mar 5 12:46:30 2025 GMT
Subject: CN=67938baa-8810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ca:b9:6a:67:d6:20:6b:c9:8b:f6:8b:0a:89:
7c:d6:96:60:65:8d:73:4d:7c:1f:db:3a:51:c9:7c:
fc:e9:85:37:7d:95:11:80:0f:fc:be:96:1d:22:70:
b4:6b:8c:4d:7e:85:bc:00:3e:6a:b0:e2:ee:de:6e:
c6:7f:1c:c8:17:38:fd:2b:40:8e:21:4a:dc:5a:2c:
c9:a1:07:87:b2:12:ba:4d:25:d6:b5:06:fe:86:84:
23:fe:15:ce:0d:6a:09:af:a7:d8:aa:b7:62:b4:70:
8d:f9:63:88:dc:b7:b2:24:13:70:41:e5:3c:7a:4f:
d8:5d:6c:18:8f:54:d5:ba:1d:89:38:d0:bd:60:b2:
9e:14:e1:01:9d:c0:d5:0c:5e:3b:07:0a:3c:75:49:
e2:cc:e4:78:a6:2a:5c:d8:da:46:be:2e:17:02:a3:
d2:9e:76:c2:c5:3f:6a:50:79:67:f4:6b:f4:d8:c7:
5f:d6:3f:55:33:f0:19:10:35:d7:96:f5:3b:78:9e:
d4:f5:0c:1a:20:2f:c3:e8:6d:01:27:61:1e:67:69:
95:92:ee:85:86:d6:aa:22:42:22:70:a0:20:3e:ca:
11:5a:ad:8a:5a:83:0e:9e:5a:6a:fa:d1:da:b9:af:
fc:a2:1a:75:0c:36:a0:59:71:bb:a4:20:af:a6:1b:
b7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:0E:67:E9:2F:2E:0A:23:DA:FF:AE:4D:03:E0:17:95:13:B2:E9:F7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E0A9474DA5111EF89A2585C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.155.0/24
Signature Algorithm: sha256WithRSAEncryption
58:bd:56:72:ff:cb:80:0d:2e:00:55:fc:a5:8e:e4:d4:53:4d:
aa:32:60:b5:20:9c:33:32:73:54:3b:4b:0d:af:1f:9e:14:3a:
58:42:61:ca:54:8b:4a:23:c3:04:5e:3f:66:33:95:db:d1:13:
a1:8e:b5:cf:c1:75:28:42:83:28:69:9e:97:3e:e0:ce:89:a5:
0f:1c:d9:ee:0c:fe:76:33:ab:ca:8f:b4:78:34:f0:cc:83:ef:
3e:af:58:75:a0:71:4a:67:e2:cf:03:5d:d7:0c:6d:a6:63:4e:
e0:13:62:ef:21:cc:28:c0:93:41:d1:66:b2:d2:9a:9d:1a:b8:
c9:84:bc:17:cc:9c:59:0c:7d:b7:ab:93:0e:c1:6a:6a:36:f6:
1c:51:57:44:fa:46:0c:6f:ab:d9:a2:07:5b:06:ba:cb:a1:f4:
f3:05:4c:04:e0:26:01:f6:56:0f:68:d8:87:8e:d3:3b:0c:48:
8b:4c:b6:f6:16:f5:76:f4:3a:a5:b7:e9:93:a3:82:f5:71:a2:
02:78:97:21:79:08:ca:de:b5:c6:a0:d7:9f:ce:c7:51:e0:c0:
1c:6a:b7:94:5f:e0:72:21:d2:27:c6:8f:f4:f5:80:ef:a7:3d:
ad:a1:47:4a:2d:f6:b2:c5:3e:13:0d:26:b5:34:09:b4:e1:f2:
9a:2d:d1:4b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUcBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTI0NjMwWhcNMjUwMzA1MTI0NjMwWjAYMRYw
FAYDVQQDEw02NzkzOGJhYS04ODEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlcq5amfWIGvJi/aLCol81pZgZY1zTXwf2zpRyXz86YU3fZURgA/8vpYd
InC0a4xNfoW8AD5qsOLu3m7GfxzIFzj9K0COIUrcWizJoQeHshK6TSXWtQb+hoQj
/hXODWoJr6fYqrditHCN+WOI3LeyJBNwQeU8ek/YXWwYj1TVuh2JONC9YLKeFOEB
ncDVDF47Bwo8dUnizOR4pipc2NpGvi4XAqPSnnbCxT9qUHln9Gv02Mdf1j9VM/AZ
EDXXlvU7eJ7U9QwaIC/D6G0BJ2EeZ2mVku6FhtaqIkIicKAgPsoRWq2KWoMOnlpq
+tHaua/8ohp1DDagWXG7pCCvphu33QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIkO
Z+kvLgoj2v+uTQPgF5UTsun3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRTBBOTQ3NERBNTExMUVGODlBMjU4NUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtGbMA0GCSqGSIb3DQEB
CwUAA4IBAQBYvVZy/8uADS4AVfyljuTUU02qMmC1IJwzMnNUO0sNrx+eFDpYQmHK
VItKI8MEXj9mM5Xb0ROhjrXPwXUoQoMoaZ6XPuDOiaUPHNnuDP52M6vKj7R4NPDM
g+8+r1h1oHFKZ+LPA13XDG2mY07gE2LvIcwowJNB0Way0pqdGrjJhLwXzJxZDH23
q5MOwWpqNvYcUVdE+kYMb6vZogdbBrrLofTzBUwE4CYB9lYPaNiHjtM7DEiLTLb2
FvV29Dqlt+mTo4L1caICeJcheQjK3rXGoNefzsdR4MAcareUX+ByIdInxo/09YDv
pz2toUdKLfayxT4TDSa1NAm04fKaLdFL
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:48:34 2025 by rpki-client