Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B2E3B48EC9CA11EF80497551762E951A.roa
File: B2E3B48EC9CA11EF80497551762E951A.roa (raw, json)
Hash identifier: 6HrKjTwJWgjJNuxLqy/HyLHHV61oJQkLrp5lZj7DEFE=
Subject key identifier: 93:B8:8F:43:97:AA:E8:7B:0B:C3:C1:8E:87:FF:9B:B2:08:86:8B:30
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0134C8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B2E3B48EC9CA11EF80497551762E951A.roa
Signing time: Fri 03 Jan 2025 12:03:09 +0000
ROA not before: Fri 03 Jan 2025 12:03:06 +0000
ROA not after: Tue 04 Feb 2025 12:03:06 +0000
asID: 203020
IP address blocks: 154.206.0.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79048 (0x134c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 3 12:03:06 2025 GMT
Not After : Feb 4 12:03:06 2025 GMT
Subject: CN=6777d1fd-9685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e4:f4:21:bc:7d:5d:b1:9d:d8:cd:8b:75:98:
33:ec:df:25:78:f6:42:01:d0:31:05:16:b3:ad:2a:
e0:de:2e:92:96:aa:5d:23:56:99:22:1b:55:fa:eb:
4e:94:5f:1b:80:13:fb:56:71:cd:58:b4:e6:ec:af:
ac:42:69:b5:82:5a:e1:c0:81:77:06:d3:ac:a2:4a:
d9:5a:3a:35:c1:a1:22:09:2d:7b:9e:ab:b9:6c:d9:
2d:35:fb:5e:30:7c:6d:a5:a1:87:62:5c:c7:46:aa:
4d:84:5e:cb:5e:63:9e:d8:77:9c:41:cc:77:19:f0:
48:bc:7f:bb:d8:51:8c:91:ba:fe:7c:1c:df:e4:10:
56:46:86:91:7f:b4:03:71:94:a8:e4:92:0c:e8:d5:
3b:7e:94:a4:88:87:ca:27:22:52:0a:ec:11:11:1d:
97:44:ed:56:72:7f:c2:88:36:51:43:ef:20:11:5e:
8b:ca:db:4e:57:df:1c:dd:1b:00:4a:5c:4e:62:44:
ab:a7:9e:be:72:54:bf:bf:f2:f5:41:6c:c8:05:b5:
2a:b0:99:ec:22:cb:8b:6e:34:45:ca:cc:3a:6e:21:
19:af:1b:29:63:70:e5:3e:07:8f:34:64:1b:30:06:
78:9e:46:a0:cd:12:f4:c9:f2:15:80:d9:ef:e1:37:
94:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:B8:8F:43:97:AA:E8:7B:0B:C3:C1:8E:87:FF:9B:B2:08:86:8B:30
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B2E3B48EC9CA11EF80497551762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.0.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:a5:3d:11:e9:f1:eb:7d:f7:8d:a7:c3:55:dc:dc:1b:97:1e:
20:cc:31:db:b5:cf:c0:84:c6:81:82:23:25:aa:12:2b:f9:98:
c5:e6:85:05:b4:17:28:a1:72:39:9d:e4:26:a9:76:1e:c5:04:
f1:b0:05:ee:68:d8:35:96:b6:99:61:c6:ba:16:28:62:65:13:
24:ff:26:c0:fa:bb:46:dd:25:c4:6d:30:98:3c:9d:d1:8d:53:
61:d8:2a:de:09:5d:86:b7:b4:5b:01:d0:8c:12:67:46:a9:7b:
57:89:64:d0:f5:57:14:7a:03:48:9b:aa:3b:f7:2a:c8:0f:a6:
ac:cf:23:e1:84:88:51:6d:76:55:61:f3:6a:d2:69:8f:fa:f4:
7b:80:e2:13:0e:f1:d4:41:15:64:25:91:17:46:fc:2e:6e:e9:
f4:30:55:bb:fb:a1:9f:ac:0e:76:ee:73:92:34:f0:6e:3c:1a:
ee:b0:ed:72:75:10:0c:97:d5:3b:09:07:88:a9:63:f7:9b:1a:
4e:e6:c4:7e:bb:21:94:49:c0:87:31:08:d6:3c:7a:2a:2e:33:
0f:5b:79:72:9d:80:0e:dc:37:3a:ea:8f:a9:26:08:86:45:a3:
60:d2:f8:c2:0d:d9:ea:51:af:ee:14:52:7e:93:5c:51:a5:be:
f8:27:41:32
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATTIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAzMTIwMzA2WhcNMjUwMjA0MTIwMzA2WjAYMRYw
FAYDVQQDEw02Nzc3ZDFmZC05Njg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs+T0Ibx9XbGd2M2LdZgz7N8lePZCAdAxBRazrSrg3i6SlqpdI1aZIhtV
+utOlF8bgBP7VnHNWLTm7K+sQmm1glrhwIF3BtOsokrZWjo1waEiCS17nqu5bNkt
NfteMHxtpaGHYlzHRqpNhF7LXmOe2HecQcx3GfBIvH+72FGMkbr+fBzf5BBWRoaR
f7QDcZSo5JIM6NU7fpSkiIfKJyJSCuwRER2XRO1Wcn/CiDZRQ+8gEV6LyttOV98c
3RsASlxOYkSrp56+clS/v/L1QWzIBbUqsJnsIsuLbjRFysw6biEZrxspY3DlPgeP
NGQbMAZ4nkagzRL0yfIVgNnv4TeUTwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJO4
j0OXquh7C8PBjof/m7IIhoswMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMkUzQjQ4RUM5Q0ExMUVGODA0OTc1NTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCms4AMA0GCSqGSIb3DQEB
CwUAA4IBAQCopT0R6fHrffeNp8NV3Nwblx4gzDHbtc/AhMaBgiMlqhIr+ZjF5oUF
tBcooXI5neQmqXYexQTxsAXuaNg1lraZYca6FihiZRMk/ybA+rtG3SXEbTCYPJ3R
jVNh2CreCV2Gt7RbAdCMEmdGqXtXiWTQ9VcUegNIm6o79yrID6aszyPhhIhRbXZV
YfNq0mmP+vR7gOITDvHUQRVkJZEXRvwubun0MFW7+6GfrA527nOSNPBuPBrusO1y
dRAMl9U7CQeIqWP3mxpO5sR+uyGUScCHMQjWPHoqLjMPW3lynYAO3Dc66o+pJgiG
RaNg0vjCDdnqUa/uFFJ+k1xRpb74J0Ey
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:55:12 2025 by rpki-client