Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA301CCADB2B11EF916132A1762E951A.roa
File: AA301CCADB2B11EF916132A1762E951A.roa (raw, json)
Hash identifier: dQj80uC8gysQRMwmZxqdpGoLHJ/2oD3lyLk4LAeirgc=
Subject key identifier: 6E:77:34:3D:20:92:F3:54:F5:3E:97:A0:BA:69:A7:09:4B:C9:6B:B5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0149EA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA301CCADB2B11EF916132A1762E951A.roa
Signing time: Sat 25 Jan 2025 14:50:06 +0000
ROA not before: Sat 25 Jan 2025 14:50:00 +0000
ROA not after: Thu 27 Feb 2025 14:50:00 +0000
asID: 395793
IP address blocks: 154.200.56.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84458 (0x149ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 25 14:50:00 2025 GMT
Not After : Feb 27 14:50:00 2025 GMT
Subject: CN=6794fa1e-a9e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f0:ed:14:cb:9c:c9:df:28:94:f1:05:0b:04:
ee:b1:67:aa:99:ba:88:ca:cb:32:bb:fe:e5:18:1a:
98:a5:93:b1:e9:a3:58:81:cf:df:77:8f:95:1b:55:
c6:0b:7c:65:cd:fb:79:42:a2:4f:60:f9:da:a4:5f:
6e:e7:c0:ef:fe:62:5f:8f:86:88:ff:1b:e3:db:b2:
05:8f:27:8e:70:92:30:ac:f0:82:75:a4:11:4e:47:
0e:be:8c:6c:30:5d:98:a8:79:10:c4:f8:93:2e:3e:
08:e3:dd:41:cc:65:5a:8f:ab:7b:30:9c:91:0b:15:
2c:a8:2f:d2:0c:88:86:4a:46:bf:83:0f:3a:17:c2:
ea:e2:8e:d6:b3:6d:e0:ef:b5:7d:22:f1:27:61:31:
f3:f3:77:a6:e1:26:a1:d8:9c:63:e9:58:be:da:73:
f9:36:08:ae:1a:55:01:ce:36:7e:20:97:ff:8e:92:
63:35:63:5d:97:1d:90:af:96:1e:5e:20:31:5b:82:
78:08:d5:10:a4:23:46:ef:42:da:41:2f:29:87:40:
17:6d:fe:45:92:e6:a2:cf:bf:cd:18:73:47:1f:7a:
39:31:69:2d:59:f5:30:73:8b:c4:2d:71:d5:c9:ac:
db:54:a0:e0:2e:a1:7f:39:3d:e9:50:db:a4:ae:ae:
e7:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:77:34:3D:20:92:F3:54:F5:3E:97:A0:BA:69:A7:09:4B:C9:6B:B5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA301CCADB2B11EF916132A1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.56.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:eb:32:e8:9e:dd:8c:2d:17:fb:d2:11:6f:06:9a:cc:53:74:
89:71:35:be:83:2c:7a:22:63:d9:3b:b1:f8:ba:55:9d:4e:5a:
87:31:da:09:a3:24:57:a4:fa:6f:76:e4:38:19:8e:4a:53:9b:
41:1d:49:7a:67:a6:74:e2:3c:3c:b6:77:1f:aa:e7:de:48:d8:
fa:2f:98:20:7c:1b:7a:6c:35:dc:2a:8d:42:0a:8e:a5:c7:a7:
4d:1f:e9:3f:cd:c7:d8:ba:de:3c:b1:8a:c1:68:79:48:0f:b1:
05:05:30:b4:3c:8b:30:90:79:cb:3a:0a:ad:bb:50:c3:ce:e6:
90:4c:c9:11:d9:a6:54:54:55:23:67:7f:d2:c4:f6:29:4d:4d:
19:35:8f:c8:63:7e:dd:9b:25:7e:d9:54:9e:0c:e0:66:3b:e6:
ff:d1:7a:5d:06:e3:c4:cf:38:1b:5e:e4:f6:84:cd:87:3d:33:
85:aa:d4:03:a9:23:c5:e0:1f:c0:db:cf:f2:6d:75:00:08:c6:
e4:42:b5:da:06:27:a4:e4:25:1f:87:2d:3c:fe:7e:8f:e6:3c:
0c:ed:ba:d6:04:5b:d0:65:94:25:74:99:57:c2:4c:61:bb:73:
29:0e:30:cf:42:dd:16:c2:9a:5c:56:1f:c2:cb:2f:73:08:82:
60:80:df:d7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUnqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI1MTQ1MDAwWhcNMjUwMjI3MTQ1MDAwWjAYMRYw
FAYDVQQDEw02Nzk0ZmExZS1hOWU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAufDtFMucyd8olPEFCwTusWeqmbqIyssyu/7lGBqYpZOx6aNYgc/fd4+V
G1XGC3xlzft5QqJPYPnapF9u58Dv/mJfj4aI/xvj27IFjyeOcJIwrPCCdaQRTkcO
voxsMF2YqHkQxPiTLj4I491BzGVaj6t7MJyRCxUsqC/SDIiGSka/gw86F8Lq4o7W
s23g77V9IvEnYTHz83em4Sah2Jxj6Vi+2nP5NgiuGlUBzjZ+IJf/jpJjNWNdlx2Q
r5YeXiAxW4J4CNUQpCNG70LaQS8ph0AXbf5Fkuaiz7/NGHNHH3o5MWktWfUwc4vE
LXHVyazbVKDgLqF/OT3pUNukrq7n7wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFG53
ND0gkvNU9T6XoLpppwlLyWu1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQTMwMUNDQURCMkIxMUVGOTE2MTMyQTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsg4MA0GCSqGSIb3DQEB
CwUAA4IBAQCu6zLont2MLRf70hFvBprMU3SJcTW+gyx6ImPZO7H4ulWdTlqHMdoJ
oyRXpPpvduQ4GY5KU5tBHUl6Z6Z04jw8tncfqufeSNj6L5ggfBt6bDXcKo1CCo6l
x6dNH+k/zcfYut48sYrBaHlID7EFBTC0PIswkHnLOgqtu1DDzuaQTMkR2aZUVFUj
Z3/SxPYpTU0ZNY/IY37dmyV+2VSeDOBmO+b/0XpdBuPEzzgbXuT2hM2HPTOFqtQD
qSPF4B/A28/ybXUACMbkQrXaBiek5CUfhy08/n6P5jwM7brWBFvQZZQldJlXwkxh
u3MpDjDPQt0WwppcVh/Cyy9zCIJggN/X
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:14:44 2025 by rpki-client