Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3A89B48D97D11EF8CE5A647762E951A.roa
File: A3A89B48D97D11EF8CE5A647762E951A.roa (raw, json)
Hash identifier: unLlMjZ87E4ntHubDo6tshGJm/0enYIfqk0NaF2FGkE=
Subject key identifier: 3B:FA:B9:35:D1:7F:3B:F3:44:6B:8B:53:3F:DC:39:5E:AD:65:33:0E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0141A0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3A89B48D97D11EF8CE5A647762E951A.roa
Signing time: Thu 23 Jan 2025 11:31:51 +0000
ROA not before: Thu 23 Jan 2025 11:31:47 +0000
ROA not after: Fri 28 Feb 2025 11:31:47 +0000
asID: 62240
IP address blocks: 154.195.160.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82336 (0x141a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 23 11:31:47 2025 GMT
Not After : Feb 28 11:31:47 2025 GMT
Subject: CN=679228a7-e3d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0a:3a:33:83:0c:13:00:aa:aa:ec:6e:49:0e:
d7:65:d9:3b:23:cd:8e:22:79:dc:30:68:4e:58:63:
75:91:0b:4e:52:f5:76:bb:5c:bb:1e:88:a1:17:3e:
1b:a3:53:5e:c4:3d:48:41:53:1e:c1:5e:fb:f6:ca:
84:42:26:36:9a:5b:f6:2a:6c:8d:17:c4:7a:2a:b4:
6c:e6:99:d0:5a:50:3e:80:90:27:b4:7e:1c:85:1c:
08:18:9c:c8:1c:a7:a7:57:87:c3:0b:38:53:d3:ec:
40:74:2f:f8:f3:06:46:54:14:c7:d9:23:29:8e:13:
09:2f:2b:25:2a:92:16:70:93:5a:f4:b2:02:a1:ba:
98:48:42:32:68:7b:fa:d0:7d:75:c4:e3:ad:3a:b1:
ff:3c:0f:a3:0c:5a:64:10:f0:9a:7a:4a:1b:09:70:
7c:51:6b:d9:51:96:f7:aa:d8:6c:0f:5c:16:6e:b3:
1a:25:d7:5e:8b:9d:7c:aa:cf:61:39:4c:88:b4:52:
1e:59:45:b3:0d:b9:cd:fd:7b:f4:53:c6:0c:73:50:
72:89:43:01:ca:21:a7:8b:47:df:fc:78:2e:1c:09:
0e:4e:74:5c:9f:1d:da:f6:ed:de:be:a5:9e:ac:2d:
40:10:38:37:3c:c0:1f:65:d6:7e:8a:6f:22:44:b7:
30:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:FA:B9:35:D1:7F:3B:F3:44:6B:8B:53:3F:DC:39:5E:AD:65:33:0E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3A89B48D97D11EF8CE5A647762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.160.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:2b:95:38:5f:2b:d5:f6:92:a2:8a:f8:63:cb:8d:7b:65:2d:
2f:d0:31:57:8c:04:43:29:68:c4:53:38:10:88:b6:35:81:76:
ce:3c:c7:df:82:ae:2a:62:71:e3:e0:43:9f:aa:c9:2c:22:d8:
d3:86:a6:e2:96:ec:e0:4c:cb:24:31:3e:eb:07:bd:3d:74:a0:
95:97:76:9a:1d:52:20:89:ce:7a:f0:75:86:ee:58:93:a7:77:
6b:bc:4f:4e:6c:45:3e:42:41:07:41:c1:06:6d:52:44:ae:2f:
8a:74:3b:22:77:23:24:a8:ba:b5:4f:52:57:34:1f:cc:3d:49:
ac:cd:9f:f4:ed:c4:b1:eb:4b:8c:06:1b:3b:67:49:61:44:9e:
3a:5a:9f:34:f3:f7:e0:dc:fa:63:35:cd:cf:d6:61:5e:a4:2b:
b0:69:d3:a2:cf:ee:34:b3:6d:39:1e:06:71:ae:cd:ee:3b:a2:
e0:46:f9:12:94:9a:95:5d:2e:62:96:33:3a:c7:46:f6:c8:5b:
9c:56:99:b1:9c:dd:4b:85:ce:50:c4:48:b9:63:09:7f:42:3a:
b7:69:95:cd:2f:81:0e:9b:fd:7b:f0:7a:76:a8:69:5b:00:37:
c2:29:29:a1:de:c2:86:56:da:db:00:c8:24:d9:5d:5e:cc:bd:
33:68:8d:25
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUGgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMTEzMTQ3WhcNMjUwMjI4MTEzMTQ3WjAYMRYw
FAYDVQQDEw02NzkyMjhhNy1lM2QyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsgo6M4MMEwCqquxuSQ7XZdk7I82OInncMGhOWGN1kQtOUvV2u1y7Hoih
Fz4bo1NexD1IQVMewV779sqEQiY2mlv2KmyNF8R6KrRs5pnQWlA+gJAntH4chRwI
GJzIHKenV4fDCzhT0+xAdC/48wZGVBTH2SMpjhMJLyslKpIWcJNa9LICobqYSEIy
aHv60H11xOOtOrH/PA+jDFpkEPCaekobCXB8UWvZUZb3qthsD1wWbrMaJddei518
qs9hOUyItFIeWUWzDbnN/Xv0U8YMc1ByiUMByiGni0ff/HguHAkOTnRcnx3a9u3e
vqWerC1AEDg3PMAfZdZ+im8iRLcwAQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDv6
uTXRfzvzRGuLUz/cOV6tZTMOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BM0E4OUI0OEQ5N0QxMUVGOENFNUE2NDc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsOgMA0GCSqGSIb3DQEB
CwUAA4IBAQCkK5U4XyvV9pKiivhjy417ZS0v0DFXjARDKWjEUzgQiLY1gXbOPMff
gq4qYnHj4EOfqsksItjThqbiluzgTMskMT7rB709dKCVl3aaHVIgic568HWG7liT
p3drvE9ObEU+QkEHQcEGbVJEri+KdDsidyMkqLq1T1JXNB/MPUmszZ/07cSx60uM
Bhs7Z0lhRJ46Wp808/fg3PpjNc3P1mFepCuwadOiz+40s205HgZxrs3uO6LgRvkS
lJqVXS5iljM6x0b2yFucVpmxnN1Lhc5QxEi5Ywl/Qjq3aZXNL4EOm/178Hp2qGlb
ADfCKSmh3sKGVtrbAMgk2V1ezL0zaI0l
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:27:26 2025 by rpki-client