Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6DE78DB2DA2111EFA357AC98762E951A.roa
File: 6DE78DB2DA2111EFA357AC98762E951A.roa (raw, json)
Hash identifier: fzVJeszOmc1fzZ3MbTvgmOVBa6usTIjLyBeqXLonCF0=
Subject key identifier: B3:B8:C6:3A:C0:FA:60:89:19:30:41:AD:0E:B1:AA:FE:93:22:45:5F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01440E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6DE78DB2DA2111EFA357AC98762E951A.roa
Signing time: Fri 24 Jan 2025 07:04:18 +0000
ROA not before: Fri 24 Jan 2025 07:04:15 +0000
ROA not after: Sat 01 Mar 2025 07:04:15 +0000
asID: 44559
IP address blocks: 154.203.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82958 (0x1440e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 07:04:15 2025 GMT
Not After : Mar 1 07:04:15 2025 GMT
Subject: CN=67933b72-7104
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:36:94:a6:7b:f6:a3:c5:29:e5:e2:97:b1:51:
d6:99:2d:26:77:b5:8e:a5:3d:8e:ce:35:12:51:8e:
23:ca:ad:01:2f:6e:f9:ca:d5:a2:11:0e:6d:88:5f:
16:8e:c3:f9:0e:06:b8:2b:0b:f2:1c:63:e8:d8:af:
13:58:1e:2e:09:e5:e4:55:86:0b:2d:7e:66:a4:3b:
58:19:15:7b:63:82:e8:25:57:c4:7f:ae:ed:62:53:
00:da:ca:55:4f:63:0c:ac:b6:02:9d:de:6f:d7:4c:
5f:77:aa:ab:a1:22:15:3c:0a:33:cc:08:be:68:0f:
be:c0:08:17:53:29:76:a3:15:13:29:d9:7a:45:54:
ee:37:51:56:72:e1:5f:1b:6d:be:88:a8:e0:f9:02:
c5:d2:c0:f5:77:e4:6d:59:50:2e:cd:4a:d5:e1:e2:
fd:a7:17:ec:80:35:67:8b:ef:db:1e:c3:a6:79:3d:
fd:d0:ab:be:60:a0:56:6d:15:e3:26:17:c6:74:eb:
d9:14:67:7f:3d:43:40:49:41:8e:e2:82:9e:73:10:
ca:d4:79:24:b7:6b:01:4b:09:d8:30:e2:6e:dd:b2:
33:5e:59:f4:9d:0c:04:81:ba:9b:62:b1:68:01:33:
1e:5c:03:65:d5:16:71:81:68:8d:e0:2f:54:42:57:
4f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:B8:C6:3A:C0:FA:60:89:19:30:41:AD:0E:B1:AA:FE:93:22:45:5F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6DE78DB2DA2111EFA357AC98762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.223.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:ed:9b:45:42:2b:9b:3d:10:d7:be:b3:49:78:f5:15:e7:02:
9d:0f:3d:10:40:68:89:b3:2d:8d:de:f2:03:5d:ee:ca:80:75:
e9:fa:71:3c:64:cd:d0:88:b4:13:ce:7f:fd:b1:70:7e:59:0c:
a1:40:57:ff:73:51:c7:ca:b5:26:20:bf:f5:32:dd:54:23:94:
57:de:23:7a:9e:ac:06:4e:c8:4d:5e:cf:6c:b0:49:9b:f2:12:
04:97:03:ad:e9:34:f5:a1:30:e5:cc:b9:6c:5c:cb:8a:f2:b4:
45:bd:11:8d:59:00:db:09:84:0c:77:11:e6:60:d1:21:0e:22:
43:df:8b:90:0e:02:9f:c6:11:1b:f0:27:69:a3:88:4d:10:7b:
0a:17:3a:59:cd:aa:68:1c:f0:85:21:5f:fe:75:ed:fc:93:f7:
a9:54:16:cc:76:d8:87:5d:90:69:d7:55:ed:1d:4d:79:72:d7:
1f:d7:f3:07:12:52:a3:e4:fc:38:c7:d4:82:ed:a0:96:39:3e:
c7:b5:27:d1:74:f5:83:16:b1:ce:ec:83:1e:74:47:bd:d7:ff:
9f:43:ec:79:c7:48:21:29:3b:f5:98:7e:6e:f7:67:3c:6e:2c:
b8:59:e6:01:bc:2a:1f:fc:3f:6c:74:85:b8:49:5e:47:e1:e8:
2b:ae:85:d7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUQOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDcwNDE1WhcNMjUwMzAxMDcwNDE1WjAYMRYw
FAYDVQQDEw02NzkzM2I3Mi03MTA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmTaUpnv2o8Up5eKXsVHWmS0md7WOpT2OzjUSUY4jyq0BL275ytWiEQ5t
iF8WjsP5Dga4KwvyHGPo2K8TWB4uCeXkVYYLLX5mpDtYGRV7Y4LoJVfEf67tYlMA
2spVT2MMrLYCnd5v10xfd6qroSIVPAozzAi+aA++wAgXUyl2oxUTKdl6RVTuN1FW
cuFfG22+iKjg+QLF0sD1d+RtWVAuzUrV4eL9pxfsgDVni+/bHsOmeT390Ku+YKBW
bRXjJhfGdOvZFGd/PUNASUGO4oKecxDK1Hkkt2sBSwnYMOJu3bIzXln0nQwEgbqb
YrFoATMeXANl1RZxgWiN4C9UQldP2wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLO4
xjrA+mCJGTBBrQ6xqv6TIkVfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82REU3OERCMkRBMjExMUVGQTM1N0FDOTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsvfMA0GCSqGSIb3DQEB
CwUAA4IBAQAK7ZtFQiubPRDXvrNJePUV5wKdDz0QQGiJsy2N3vIDXe7KgHXp+nE8
ZM3QiLQTzn/9sXB+WQyhQFf/c1HHyrUmIL/1Mt1UI5RX3iN6nqwGTshNXs9ssEmb
8hIElwOt6TT1oTDlzLlsXMuK8rRFvRGNWQDbCYQMdxHmYNEhDiJD34uQDgKfxhEb
8Cdpo4hNEHsKFzpZzapoHPCFIV/+de38k/epVBbMdtiHXZBp11XtHU15ctcf1/MH
ElKj5Pw4x9SC7aCWOT7HtSfRdPWDFrHO7IMedEe91/+fQ+x5x0ghKTv1mH5u92c8
biy4WeYBvCof/D9sdIW4SV5H4egrroXX
-----END CERTIFICATE-----
Generated at Sat Apr 26 10:07:48 2025 by rpki-client