Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/536A68E8D3FE11EF88531399762E951A.roa
File: 536A68E8D3FE11EF88531399762E951A.roa (raw, json)
Hash identifier: f12MWxl+XkLZsnBc2EeRD9otvtPLs9z0qqWMiVbcBqk=
Subject key identifier: F5:EF:59:3D:1E:D3:C5:A7:75:CA:F3:2F:67:C7:89:1F:F8:B1:EB:E1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013BFE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/536A68E8D3FE11EF88531399762E951A.roa
Signing time: Thu 16 Jan 2025 11:37:55 +0000
ROA not before: Thu 16 Jan 2025 11:37:51 +0000
ROA not after: Sun 16 Mar 2025 11:37:51 +0000
asID: 17561
IP address blocks: 154.206.193.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80894 (0x13bfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 16 11:37:51 2025 GMT
Not After : Mar 16 11:37:51 2025 GMT
Subject: CN=6788ef93-c193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:01:0a:41:23:6c:bc:b1:1c:c0:b4:f8:16:ba:
3b:46:50:e6:26:05:f8:1d:13:f1:78:9d:2d:f5:ae:
14:ec:2c:3b:51:ed:db:f3:f2:43:19:da:45:c9:22:
9c:3e:c0:d8:fb:b6:c8:b3:be:66:bb:06:da:3f:c3:
5b:90:d9:8d:fa:bb:fd:bd:62:4e:d5:48:83:f2:21:
51:97:9b:bd:2c:f8:82:46:1f:35:b2:f8:0d:fc:73:
bf:9a:f2:ee:1c:45:17:51:88:dc:04:c1:c1:8e:0c:
13:4e:27:92:03:e0:90:72:4d:00:62:ab:fd:08:76:
b0:fa:03:dc:03:cc:8a:4b:37:ba:a0:06:2b:7a:22:
bc:bf:44:ab:04:95:f3:e2:23:2f:d6:8d:0f:51:08:
3d:18:2f:b9:b5:0c:85:0d:94:2b:62:c3:37:99:e7:
59:9b:ca:5a:9a:e7:82:54:86:d9:d7:5a:70:b2:6f:
a0:f8:8e:c8:f1:8a:29:f8:9d:01:fe:d2:9f:66:ac:
84:06:f4:4d:8b:37:c5:ee:b3:48:ea:63:65:6a:cf:
b8:3c:d5:a4:9e:b2:95:07:bd:fe:21:79:56:84:b9:
24:26:d8:a4:e7:bd:33:67:ee:32:63:4d:20:fa:ef:
53:9d:b5:74:e4:a7:b5:58:f9:4c:54:07:8d:d9:90:
14:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:EF:59:3D:1E:D3:C5:A7:75:CA:F3:2F:67:C7:89:1F:F8:B1:EB:E1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/536A68E8D3FE11EF88531399762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.193.0/24
Signature Algorithm: sha256WithRSAEncryption
87:4e:4d:82:11:af:bc:26:66:60:91:d6:33:d4:8f:37:9b:5e:
74:a0:f8:8e:f4:9a:12:7c:82:02:df:f3:13:9c:55:27:58:93:
36:bd:1f:9f:ea:dc:ea:70:b4:cc:36:0a:ce:7a:5a:e7:2b:19:
cd:5e:d4:70:fa:f3:d2:23:3a:7f:a5:5d:53:c3:46:7c:dd:4d:
8e:37:e2:dc:5a:e1:d5:1a:33:93:a6:9e:99:8f:3c:7e:e5:6f:
f4:ea:91:38:63:b7:42:0a:6b:16:20:a4:2e:af:fa:ff:9a:07:
d2:e3:86:ed:3d:84:d5:54:2f:25:f0:32:a9:07:b6:b4:51:ae:
9b:3d:d5:bc:a8:30:5b:83:ea:40:c7:61:a4:19:bf:b6:e9:38:
d6:0a:6f:05:54:13:b1:db:ff:0e:a7:62:ce:30:a8:eb:64:b4:
dc:2d:86:53:9a:55:50:50:31:c1:61:e7:58:d8:ab:bf:5f:3f:
51:d6:c1:07:93:1b:36:a7:d7:6f:63:8c:66:41:6a:14:40:f3:
69:be:1e:0b:d5:14:1f:af:b8:be:33:f7:2d:0a:89:22:73:71:
db:b7:3c:83:1c:02:05:5d:eb:6e:b1:28:8d:5a:29:15:a3:02:
79:0a:27:9d:c3:70:fa:28:a1:fa:be:0d:55:d2:39:04:38:4f:
15:69:97:3e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATv+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE2MTEzNzUxWhcNMjUwMzE2MTEzNzUxWjAYMRYw
FAYDVQQDEw02Nzg4ZWY5My1jMTkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqQEKQSNsvLEcwLT4Fro7RlDmJgX4HRPxeJ0t9a4U7Cw7Ue3b8/JDGdpF
ySKcPsDY+7bIs75muwbaP8NbkNmN+rv9vWJO1UiD8iFRl5u9LPiCRh81svgN/HO/
mvLuHEUXUYjcBMHBjgwTTieSA+CQck0AYqv9CHaw+gPcA8yKSze6oAYreiK8v0Sr
BJXz4iMv1o0PUQg9GC+5tQyFDZQrYsM3medZm8pamueCVIbZ11pwsm+g+I7I8Yop
+J0B/tKfZqyEBvRNizfF7rNI6mNlas+4PNWknrKVB73+IXlWhLkkJtik570zZ+4y
Y00g+u9TnbV05Ke1WPlMVAeN2ZAUewIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPXv
WT0e08WndcrzL2fHiR/4sevhMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MzZBNjhFOEQzRkUxMUVGODg1MzEzOTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7BMA0GCSqGSIb3DQEB
CwUAA4IBAQCHTk2CEa+8JmZgkdYz1I83m150oPiO9JoSfIIC3/MTnFUnWJM2vR+f
6tzqcLTMNgrOelrnKxnNXtRw+vPSIzp/pV1Tw0Z83U2ON+LcWuHVGjOTpp6Zjzx+
5W/06pE4Y7dCCmsWIKQur/r/mgfS44btPYTVVC8l8DKpB7a0Ua6bPdW8qDBbg+pA
x2GkGb+26TjWCm8FVBOx2/8Op2LOMKjrZLTcLYZTmlVQUDHBYedY2Ku/Xz9R1sEH
kxs2p9dvY4xmQWoUQPNpvh4L1RQfr7i+M/ctCokic3HbtzyDHAIFXetusSiNWikV
owJ5Ciedw3D6KKH6vg1V0jkEOE8VaZc+
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:50:50 2025 by rpki-client