Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6D20DC92C29F11EF828F47B9762E951A.roa
File: 6D20DC92C29F11EF828F47B9762E951A.roa (raw, json)
Hash identifier: tuk3SEgfT2Nwrlsb0kebd7zHWKVR6VT1ybSjNrwFRQA=
Subject key identifier: 81:1F:F1:CF:FB:01:F5:94:65:F7:3A:6C:82:EC:73:E9:A2:23:8E:4A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01252A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6D20DC92C29F11EF828F47B9762E951A.roa
Signing time: Wed 25 Dec 2024 09:05:46 +0000
ROA not before: Wed 25 Dec 2024 09:05:42 +0000
ROA not after: Sun 09 Feb 2025 09:05:42 +0000
asID: 63139
IP address blocks: 154.223.22.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75050 (0x1252a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Dec 25 09:05:42 2024 GMT
Not After : Feb 9 09:05:42 2025 GMT
Subject: CN=676bcaea-c283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ad:34:ba:09:db:22:ed:d2:a0:ad:86:3b:24:
04:40:51:50:b2:15:a3:b1:08:7f:44:24:9e:03:a5:
70:ce:fe:07:62:fa:12:e0:a0:72:16:d1:48:f7:9f:
f4:f8:72:9c:6b:23:c6:f2:03:70:d3:c7:5e:01:a0:
3a:de:09:8d:0a:0b:57:98:d9:39:21:0e:7a:76:ca:
21:a4:54:0f:10:1f:c5:78:f1:b4:db:cd:3d:dc:aa:
92:f6:19:5a:b5:74:e9:5d:bf:33:25:bf:43:d4:df:
29:e4:9c:0e:f5:01:46:5b:3f:5f:dc:84:5c:a2:91:
6c:68:70:34:31:55:5d:ce:9e:93:52:12:b3:66:a1:
0c:f8:4b:dd:bc:75:ff:3b:94:da:4e:e8:f2:f9:0f:
b4:ae:c3:d7:6f:0f:76:7a:72:3e:ec:89:a8:88:5f:
e7:47:33:5e:36:8b:a2:5b:13:de:f4:03:29:82:c4:
77:9b:1b:ca:35:91:11:7a:20:12:f7:eb:16:2d:8e:
d7:a2:fa:dc:09:3a:12:c4:0e:81:fb:79:6c:79:62:
c5:7f:64:cb:01:7f:22:da:55:6c:23:c0:9c:dc:78:
c9:ee:d0:32:f6:e3:ed:ae:ae:4f:78:47:14:1f:0c:
e9:c0:f2:ef:84:ad:05:7e:bf:e6:bd:76:5e:a4:ff:
42:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:1F:F1:CF:FB:01:F5:94:65:F7:3A:6C:82:EC:73:E9:A2:23:8E:4A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6D20DC92C29F11EF828F47B9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.22.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:46:5a:a3:d3:a9:c8:af:a1:e5:cf:89:89:89:5f:2a:23:33:
5e:8a:0a:de:c3:df:eb:6c:8f:3d:f5:8a:9c:b6:ab:06:4a:42:
87:fe:e5:46:cf:aa:b4:6d:7a:bc:96:37:49:1e:ff:0b:72:ce:
5e:53:fc:16:24:29:4b:9c:89:cd:88:1d:7d:ed:44:6c:63:7a:
32:dc:8f:d7:57:3b:63:d4:de:5b:05:37:b7:c8:f4:8b:62:a2:
81:cd:79:5d:75:56:80:0f:d3:39:35:f4:6f:9d:10:48:b9:64:
6f:5e:cf:57:e3:2f:41:7c:cc:14:02:63:b9:c7:81:43:8a:c9:
5e:e9:5c:6a:4b:34:b8:33:1c:08:74:0a:93:c8:d3:0b:9f:46:
22:22:67:0d:b1:da:34:ae:fe:80:13:53:50:6b:9d:fb:c7:dd:
2d:d9:6c:66:48:26:8b:22:06:54:8f:11:da:32:dc:80:84:a1:
19:a8:fd:b6:c4:54:af:10:93:65:1c:7f:1e:58:99:87:39:d1:
ca:13:6a:7d:5c:48:ce:f7:3f:3f:89:f0:5a:c3:bd:76:8a:1b:
79:0b:db:a5:27:ea:dc:a1:2f:61:c2:bb:cd:54:24:83:03:26:
f9:1c:ce:88:29:19:8b:70:e7:aa:26:41:12:fc:f4:92:41:63:
d4:08:17:38
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASUqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDkwNTQyWhcNMjUwMjA5MDkwNTQyWjAYMRYw
FAYDVQQDEw02NzZiY2FlYS1jMjgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7K00ugnbIu3SoK2GOyQEQFFQshWjsQh/RCSeA6Vwzv4HYvoS4KByFtFI
95/0+HKcayPG8gNw08deAaA63gmNCgtXmNk5IQ56dsohpFQPEB/FePG028093KqS
9hlatXTpXb8zJb9D1N8p5JwO9QFGWz9f3IRcopFsaHA0MVVdzp6TUhKzZqEM+Evd
vHX/O5TaTujy+Q+0rsPXbw92enI+7ImoiF/nRzNeNouiWxPe9AMpgsR3mxvKNZER
eiAS9+sWLY7XovrcCToSxA6B+3lseWLFf2TLAX8i2lVsI8Cc3HjJ7tAy9uPtrq5P
eEcUHwzpwPLvhK0Ffr/mvXZepP9CswIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIEf
8c/7AfWUZfc6bILsc+miI45KMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82RDIwREM5MkMyOUYxMUVGODI4RjQ3Qjk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt8WMA0GCSqGSIb3DQEB
CwUAA4IBAQC8Rlqj06nIr6Hlz4mJiV8qIzNeigrew9/rbI899YqctqsGSkKH/uVG
z6q0bXq8ljdJHv8Lcs5eU/wWJClLnInNiB197URsY3oy3I/XVztj1N5bBTe3yPSL
YqKBzXlddVaAD9M5NfRvnRBIuWRvXs9X4y9BfMwUAmO5x4FDisle6VxqSzS4MxwI
dAqTyNMLn0YiImcNsdo0rv6AE1NQa537x90t2WxmSCaLIgZUjxHaMtyAhKEZqP22
xFSvEJNlHH8eWJmHOdHKE2p9XEjO9z8/ifBaw712iht5C9ulJ+rcoS9hwrvNVCSD
Ayb5HM6IKRmLcOeqJkES/PSSQWPUCBc4
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:54:28 2025 by rpki-client