Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA3B7B1CC29C11EFA3B227A7762E951A.roa
File: AA3B7B1CC29C11EFA3B227A7762E951A.roa (raw, json)
Hash identifier: HuZ1WRNFEMLH2c4EIB/N+mK/Jdqzs0tfEHLJA8cGL4Y=
Subject key identifier: CD:F0:AD:6D:72:20:AF:F9:57:F6:89:F6:35:25:15:64:B1:39:56:6B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01250C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA3B7B1CC29C11EFA3B227A7762E951A.roa
Signing time: Wed 25 Dec 2024 08:46:00 +0000
ROA not before: Wed 25 Dec 2024 08:45:56 +0000
ROA not after: Sun 09 Feb 2025 08:45:56 +0000
asID: 138915
IP address blocks: 154.223.37.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75020 (0x1250c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Dec 25 08:45:56 2024 GMT
Not After : Feb 9 08:45:56 2025 GMT
Subject: CN=676bc648-bc8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:40:9a:a4:39:79:b3:6b:c2:ba:9c:42:c3:2e:
55:ec:4b:c0:70:b6:e2:e2:73:f3:72:b3:71:b3:13:
29:ab:36:37:13:4f:de:3a:6a:10:74:75:e4:b5:fb:
19:24:c2:85:4e:2d:11:f6:0a:02:83:91:24:8c:b8:
eb:82:91:e9:50:94:8a:87:c0:27:f5:ba:41:dd:54:
3f:c3:30:aa:af:fa:de:4e:ed:cf:f7:6a:fb:90:a7:
4e:93:af:c3:19:a2:33:68:27:c8:a8:73:c0:db:66:
18:ae:8a:f7:ad:75:c3:89:44:44:64:84:e3:65:d3:
12:d5:02:d5:f0:63:fe:f6:8b:14:cf:b0:cc:a0:3a:
e1:5a:9f:6b:08:02:17:97:c6:06:be:bc:45:d4:21:
60:a2:46:90:28:ec:a6:37:ab:34:94:6e:27:ae:8f:
eb:67:2e:fd:b9:62:01:a8:61:ed:70:32:ed:ae:d9:
22:c9:95:51:bd:b8:82:7b:24:8f:40:90:35:e8:34:
a3:19:76:07:cf:3f:bf:d7:99:56:34:9b:84:c9:e7:
e5:10:c3:bb:1c:8a:32:6f:a3:c0:a3:49:85:f0:a8:
44:a8:d1:21:37:3c:34:24:59:1a:aa:9b:33:55:eb:
c5:90:6a:b9:3f:af:1c:1d:04:e1:09:1b:53:68:bd:
30:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F0:AD:6D:72:20:AF:F9:57:F6:89:F6:35:25:15:64:B1:39:56:6B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA3B7B1CC29C11EFA3B227A7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.37.0/24
Signature Algorithm: sha256WithRSAEncryption
89:ea:b1:1c:a4:d5:8a:88:3e:83:42:24:11:9c:8b:e8:f1:77:
2a:eb:00:f5:1e:ea:5c:df:3e:ff:86:85:5a:4e:40:6f:09:4a:
06:74:24:fe:73:06:d5:ee:2a:9b:99:f8:fe:73:b9:9f:71:e8:
20:b6:d5:03:39:cf:77:ad:70:d4:b0:39:67:5d:2f:72:29:64:
61:10:d7:f8:7b:4d:df:49:95:c8:49:ce:6b:54:94:77:3e:35:
61:15:53:c5:9c:7b:59:f3:b6:39:83:91:1b:17:bf:98:45:a3:
5e:1a:4d:bf:f1:64:bf:39:6c:7c:f6:9c:bc:72:be:16:68:60:
de:30:ce:fb:e6:da:cb:5f:04:71:1e:3d:b6:e8:1e:f4:10:0f:
3c:c3:d5:7c:4b:4d:e8:ae:b4:21:57:1f:24:5b:90:2d:fd:03:
3c:64:2d:20:d6:11:1f:1d:b7:04:20:8c:e4:a4:61:ec:60:a9:
57:df:aa:c4:f7:fa:ef:7a:71:17:8c:ff:91:54:8a:24:45:f1:
54:da:74:08:b7:60:3f:05:13:dc:e1:f4:31:16:a8:09:dd:29:
67:a3:60:66:a5:87:b2:47:2f:8b:e7:32:b8:90:d2:0e:67:4a:
83:f4:c3:73:01:83:19:07:89:fe:c2:f4:55:e0:80:7c:c8:bf:
2f:26:56:66
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASUMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDg0NTU2WhcNMjUwMjA5MDg0NTU2WjAYMRYw
FAYDVQQDEw02NzZiYzY0OC1iYzhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqECapDl5s2vCupxCwy5V7EvAcLbi4nPzcrNxsxMpqzY3E0/eOmoQdHXk
tfsZJMKFTi0R9goCg5EkjLjrgpHpUJSKh8An9bpB3VQ/wzCqr/reTu3P92r7kKdO
k6/DGaIzaCfIqHPA22YYror3rXXDiUREZITjZdMS1QLV8GP+9osUz7DMoDrhWp9r
CAIXl8YGvrxF1CFgokaQKOymN6s0lG4nro/rZy79uWIBqGHtcDLtrtkiyZVRvbiC
eySPQJA16DSjGXYHzz+/15lWNJuEyeflEMO7HIoyb6PAo0mF8KhEqNEhNzw0JFka
qpszVevFkGq5P68cHQThCRtTaL0wawIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM3w
rW1yIK/5V/aJ9jUlFWSxOVZrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQTNCN0IxQ0MyOUMxMUVGQTNCMjI3QTc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt8lMA0GCSqGSIb3DQEB
CwUAA4IBAQCJ6rEcpNWKiD6DQiQRnIvo8Xcq6wD1Hupc3z7/hoVaTkBvCUoGdCT+
cwbV7iqbmfj+c7mfceggttUDOc93rXDUsDlnXS9yKWRhENf4e03fSZXISc5rVJR3
PjVhFVPFnHtZ87Y5g5EbF7+YRaNeGk2/8WS/OWx89py8cr4WaGDeMM775trLXwRx
Hj226B70EA88w9V8S03orrQhVx8kW5At/QM8ZC0g1hEfHbcEIIzkpGHsYKlX36rE
9/rvenEXjP+RVIokRfFU2nQIt2A/BRPc4fQxFqgJ3Slno2BmpYeyRy+L5zK4kNIO
Z0qD9MNzAYMZB4n+wvRV4IB8yL8vJlZm
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:56:33 2025 by rpki-client