Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6E4F3208D96511EFAF73CCA4762E951A.roa
File: 6E4F3208D96511EFAF73CCA4762E951A.roa (raw, json)
Hash identifier: m4TRQeKiw/yz/sy9+HaiLkm8LF+wjLQkPHBBWRPKheA=
Subject key identifier: 0F:FD:48:D0:F3:A5:DB:82:D2:A1:1F:4F:E2:A2:45:4B:95:6B:81:09
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01408F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6E4F3208D96511EFAF73CCA4762E951A.roa
Signing time: Thu 23 Jan 2025 08:38:34 +0000
ROA not before: Thu 23 Jan 2025 08:38:30 +0000
ROA not after: Thu 27 Feb 2025 08:38:30 +0000
asID: 59187
IP address blocks: 154.221.32.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82063 (0x1408f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 23 08:38:30 2025 GMT
Not After : Feb 27 08:38:30 2025 GMT
Subject: CN=6792000a-f0db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3f:2e:9f:bf:25:fd:d4:3d:bf:b5:73:81:1c:
fa:6c:17:4c:e7:ba:d0:18:65:6b:e6:34:5f:76:34:
fb:a0:0e:41:41:db:ca:ee:9e:77:4d:9d:ca:2f:1c:
c5:f9:58:a3:a2:0c:c3:b5:31:2c:7e:ec:4d:71:fd:
b9:15:2f:4a:f5:22:9a:de:4d:da:32:95:b4:e3:78:
b5:b2:23:f4:d5:28:6a:5a:5e:d8:6f:93:dd:df:7c:
3b:14:1c:35:13:2a:30:c4:c9:99:19:7f:a0:48:99:
97:31:c5:fc:42:a3:c6:14:71:be:4f:7e:64:27:f8:
29:8a:71:b2:90:ab:a1:91:e2:5a:87:39:f8:9f:ee:
9e:03:cd:c7:cf:5f:5f:3d:f5:a3:40:1b:99:f7:15:
d9:65:47:34:16:4d:c4:29:d5:c7:af:dc:09:f3:cb:
b5:c2:69:9b:89:b4:26:09:f2:7c:43:ce:a4:97:9e:
04:1e:2a:5e:52:a9:67:f9:e5:91:31:e8:38:9b:7b:
71:ec:c8:80:ee:3e:2e:5a:a2:07:da:98:18:b1:f1:
9f:b7:8e:16:81:10:bf:08:36:3e:05:24:4a:7e:12:
f6:ff:8a:74:b7:89:24:8f:a5:b0:b3:00:44:d6:92:
54:1a:e9:05:3f:da:e7:da:ad:fe:6f:58:c2:65:5f:
09:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:FD:48:D0:F3:A5:DB:82:D2:A1:1F:4F:E2:A2:45:4B:95:6B:81:09
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6E4F3208D96511EFAF73CCA4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.32.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:cf:92:36:b9:ce:35:0c:87:62:17:ef:0c:f6:c3:d5:82:18:
80:fa:6e:2c:f9:d6:7e:f0:6e:c2:64:7d:e8:0f:75:26:2d:9b:
57:53:37:c6:7d:08:1d:33:24:14:2b:8c:55:c5:05:ee:be:55:
c9:b4:ac:d9:0a:06:cc:1c:28:af:bc:d6:ff:f9:7f:03:d7:e3:
86:22:95:d4:ba:30:8f:d6:34:92:76:7f:93:05:07:48:8d:54:
8a:b0:2e:93:58:d9:86:2d:08:4b:3a:63:f5:94:2c:88:ad:b4:
88:69:9f:88:8e:a0:e2:8d:9c:8f:4f:18:ef:2d:76:01:7c:25:
b7:d9:96:83:e4:5e:2d:1b:55:99:8a:81:b4:1c:76:f1:b4:95:
16:1b:d0:24:61:b2:39:b6:95:4b:84:1c:56:7b:a5:68:ee:2f:
3f:62:b4:93:97:af:1c:fb:1e:49:70:17:6b:4a:7d:f9:84:7c:
fb:cb:f1:f1:3f:3d:f0:b7:06:1b:73:86:82:9c:5e:3f:38:48:
ac:05:3d:0d:bb:68:a0:4f:e4:47:8a:8b:cc:d0:32:cc:5e:87:
1e:47:0d:24:0b:3d:cd:a5:9e:de:2e:be:9a:d8:3e:8e:ac:d2:
a1:2f:a9:75:08:bc:4d:ca:22:b1:e1:10:19:fb:47:d2:5e:06:
da:c3:3b:33
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUCPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMDgzODMwWhcNMjUwMjI3MDgzODMwWjAYMRYw
FAYDVQQDEw02NzkyMDAwYS1mMGRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtT8un78l/dQ9v7VzgRz6bBdM57rQGGVr5jRfdjT7oA5BQdvK7p53TZ3K
LxzF+VijogzDtTEsfuxNcf25FS9K9SKa3k3aMpW043i1siP01ShqWl7Yb5Pd33w7
FBw1EyowxMmZGX+gSJmXMcX8QqPGFHG+T35kJ/gpinGykKuhkeJahzn4n+6eA83H
z19fPfWjQBuZ9xXZZUc0Fk3EKdXHr9wJ88u1wmmbibQmCfJ8Q86kl54EHipeUqln
+eWRMeg4m3tx7MiA7j4uWqIH2pgYsfGft44WgRC/CDY+BSRKfhL2/4p0t4kkj6Ww
swBE1pJUGukFP9rn2q3+b1jCZV8JMwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFA/9
SNDzpduC0qEfT+KiRUuVa4EJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82RTRGMzIwOEQ5NjUxMUVGQUY3M0NDQTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmt0gMA0GCSqGSIb3DQEB
CwUAA4IBAQCkz5I2uc41DIdiF+8M9sPVghiA+m4s+dZ+8G7CZH3oD3UmLZtXUzfG
fQgdMyQUK4xVxQXuvlXJtKzZCgbMHCivvNb/+X8D1+OGIpXUujCP1jSSdn+TBQdI
jVSKsC6TWNmGLQhLOmP1lCyIrbSIaZ+IjqDijZyPTxjvLXYBfCW32ZaD5F4tG1WZ
ioG0HHbxtJUWG9AkYbI5tpVLhBxWe6Vo7i8/YrSTl68c+x5JcBdrSn35hHz7y/Hx
Pz3wtwYbc4aCnF4/OEisBT0Nu2igT+RHiovM0DLMXoceRw0kCz3NpZ7eLr6a2D6O
rNKhL6l1CLxNyiKx4RAZ+0fSXgbawzsz
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:36:30 2025 by rpki-client