Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43EC9F60D95A11EF89DA8A5A762E951A.roa
File: 43EC9F60D95A11EF89DA8A5A762E951A.roa (raw, json)
Hash identifier: RLf6vTP66kXXdI7D8+0dFNj5c3MUKCkgWHCO8a/M5U0=
Subject key identifier: 4C:06:82:D6:9E:01:F3:35:35:FB:27:5F:3D:8C:8A:72:F5:0C:3D:67
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014033
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43EC9F60D95A11EF89DA8A5A762E951A.roa
Signing time: Thu 23 Jan 2025 07:18:38 +0000
ROA not before: Thu 23 Jan 2025 07:18:34 +0000
ROA not after: Sat 08 Feb 2025 07:18:34 +0000
asID: 18229
IP address blocks: 154.210.155.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81971 (0x14033)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 23 07:18:34 2025 GMT
Not After : Feb 8 07:18:34 2025 GMT
Subject: CN=6791ed4e-a8b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:b2:c2:df:a3:91:ed:60:30:b3:22:b6:b3:b9:
29:0e:ec:ee:fd:0a:47:c3:ee:c7:78:0b:cc:c9:75:
ed:dc:49:0d:36:69:8d:54:6f:17:b2:33:dc:0b:1a:
71:93:14:3c:aa:ef:5b:52:1f:1d:3f:a9:d4:14:0f:
fa:45:1c:39:8f:44:55:b5:4a:69:2d:ca:ac:3c:9d:
1d:38:90:bb:cb:ab:b4:19:e0:54:d9:b7:d7:5a:23:
52:90:67:26:10:07:71:c9:7d:1f:24:f3:65:3a:cc:
4f:bb:b4:37:57:fd:d5:9a:6f:a4:e0:a7:98:3a:4d:
9c:63:69:00:91:54:15:c7:e5:04:ca:d2:15:a0:d3:
86:cd:11:7f:fb:26:82:67:1f:3b:06:a6:75:8b:3a:
4f:4f:91:f0:82:b3:58:b9:f3:b6:73:aa:c9:21:9f:
a7:38:8b:86:b9:a2:38:81:60:65:4b:ea:cd:6a:c4:
f6:82:6d:66:5e:4d:d7:80:f0:d7:aa:66:9e:1c:44:
96:79:e1:ad:61:95:a2:6e:f7:77:cd:15:e8:2d:bb:
84:97:0f:b5:8f:eb:e8:32:2c:e8:4b:8e:b3:35:05:
f2:22:33:ff:af:35:ad:d5:b6:c0:84:12:4e:ef:0c:
ae:a7:6d:d0:9c:f6:ec:14:d3:19:a9:43:08:ff:4f:
8c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:06:82:D6:9E:01:F3:35:35:FB:27:5F:3D:8C:8A:72:F5:0C:3D:67
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43EC9F60D95A11EF89DA8A5A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.155.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:16:7d:32:32:8c:d3:11:72:c4:0d:ec:d3:16:5b:c1:bb:f7:
0b:dd:1c:d7:64:88:f7:27:c3:f7:01:72:52:b7:19:76:ef:02:
94:fa:21:b9:7d:b6:9c:53:b8:e4:df:28:a3:43:da:ce:ad:03:
82:06:09:56:b0:34:7e:ee:ae:71:a4:91:b9:c0:83:4a:30:f9:
d1:84:fb:a5:9c:2a:f4:dd:04:53:ef:a6:2d:20:ea:cc:df:e8:
95:d9:7e:72:02:89:8d:a7:db:bf:58:e7:bb:80:69:c6:34:55:
58:9b:18:77:bc:9b:f1:00:67:18:b6:91:02:18:b7:e8:d7:29:
db:e5:7b:f3:da:8a:9f:9b:a5:5f:a6:57:e6:3b:5d:02:ec:f1:
34:8a:2e:14:50:eb:72:8f:32:40:ec:ad:99:d2:4c:24:7a:a5:
b4:c5:59:39:12:3a:c4:7b:91:26:b0:23:e4:42:37:c8:cd:9d:
76:47:07:b9:97:70:b8:62:c2:a9:4e:cf:29:c1:e6:49:9d:94:
db:1c:b6:7f:d9:14:c5:b6:60:aa:52:78:a6:4a:c6:c3:13:4b:
92:da:07:03:b8:60:fa:5d:4d:02:3a:05:f3:13:6e:31:37:55:
56:61:58:24:2a:cb:82:79:c3:6c:a9:f2:af:ab:7c:a3:62:6c:
b9:b7:85:a1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUAzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMDcxODM0WhcNMjUwMjA4MDcxODM0WjAYMRYw
FAYDVQQDEw02NzkxZWQ0ZS1hOGI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7bLC36OR7WAwsyK2s7kpDuzu/QpHw+7HeAvMyXXt3EkNNmmNVG8XsjPc
CxpxkxQ8qu9bUh8dP6nUFA/6RRw5j0RVtUppLcqsPJ0dOJC7y6u0GeBU2bfXWiNS
kGcmEAdxyX0fJPNlOsxPu7Q3V/3Vmm+k4KeYOk2cY2kAkVQVx+UEytIVoNOGzRF/
+yaCZx87BqZ1izpPT5HwgrNYufO2c6rJIZ+nOIuGuaI4gWBlS+rNasT2gm1mXk3X
gPDXqmaeHESWeeGtYZWibvd3zRXoLbuElw+1j+voMizoS46zNQXyIjP/rzWt1bbA
hBJO7wyup23QnPbsFNMZqUMI/0+MswIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEwG
gtaeAfM1NfsnXz2MinL1DD1nMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80M0VDOUY2MEQ5NUExMUVGODlEQThBNUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtKbMA0GCSqGSIb3DQEB
CwUAA4IBAQC9Fn0yMozTEXLEDezTFlvBu/cL3RzXZIj3J8P3AXJStxl27wKU+iG5
fbacU7jk3yijQ9rOrQOCBglWsDR+7q5xpJG5wINKMPnRhPulnCr03QRT76YtIOrM
3+iV2X5yAomNp9u/WOe7gGnGNFVYmxh3vJvxAGcYtpECGLfo1ynb5Xvz2oqfm6Vf
plfmO10C7PE0ii4UUOtyjzJA7K2Z0kwkeqW0xVk5EjrEe5EmsCPkQjfIzZ12Rwe5
l3C4YsKpTs8pweZJnZTbHLZ/2RTFtmCqUnimSsbDE0uS2gcDuGD6XU0COgXzE24x
N1VWYVgkKsuCecNsqfKvq3yjYmy5t4Wh
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:42:40 2025 by rpki-client