Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3E0E24CDE1511EF94A34251762E951A.roa
File: D3E0E24CDE1511EF94A34251762E951A.roa (raw, json)
Hash identifier: w80UcTyDS64UeT8m3M+4qtWajyMAE2YaASfNN/ivTqI=
Subject key identifier: 95:F8:EE:C6:E4:CF:74:FC:9B:BA:6B:E8:44:50:B0:D9:08:9D:A8:C3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014D35
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3E0E24CDE1511EF94A34251762E951A.roa
Signing time: Wed 29 Jan 2025 07:51:20 +0000
ROA not before: Wed 29 Jan 2025 07:51:16 +0000
ROA not after: Wed 05 Mar 2025 07:51:16 +0000
asID: 203020
IP address blocks: 154.208.1.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85301 (0x14d35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 29 07:51:16 2025 GMT
Not After : Mar 5 07:51:16 2025 GMT
Subject: CN=6799ddf8-8c66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:63:0b:d7:2f:03:e7:8d:fa:79:bb:8e:b2:a3:
f5:6d:14:90:11:98:d4:33:38:86:3c:2e:ce:c1:43:
86:26:05:fa:02:49:87:02:fe:b6:4b:de:d9:5a:5a:
ff:04:12:5b:53:7f:de:0d:09:f7:c5:6d:a2:f9:a4:
6b:d7:8d:16:a1:fe:f8:8d:8b:f4:72:cf:6f:12:46:
5e:0e:35:98:40:8a:53:4e:ce:44:32:12:d2:66:28:
50:e7:fe:66:49:17:13:97:c4:5f:37:d6:7d:0b:b4:
3e:24:cf:b6:dd:d6:95:1c:9d:62:aa:cc:81:74:c8:
7c:36:7c:dd:4b:da:29:d6:d1:29:88:3e:67:f8:67:
69:c8:a6:1b:0c:4a:a6:17:96:af:57:bf:0e:8b:7a:
d7:22:58:16:ee:44:1a:7f:19:6c:b8:21:71:1b:9c:
8c:fa:af:95:7b:30:b7:da:32:30:06:11:75:28:c5:
a4:87:de:89:c4:7a:fe:59:9a:d1:35:91:fd:1f:2a:
3c:a1:2b:ce:9a:84:0d:f1:be:78:de:1c:0e:30:5e:
95:1b:96:b9:5a:72:ea:4f:cb:c2:6a:b6:76:99:e6:
46:5a:aa:1d:d2:9d:67:1e:3f:45:fe:56:d5:94:be:
bf:2c:f8:2b:6f:d8:aa:6f:57:c1:9e:ad:9a:86:7b:
95:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F8:EE:C6:E4:CF:74:FC:9B:BA:6B:E8:44:50:B0:D9:08:9D:A8:C3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3E0E24CDE1511EF94A34251762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.1.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:da:40:9d:e3:4a:45:8d:2d:ce:2f:23:f0:46:82:be:4f:58:
f4:11:df:7a:06:2c:e2:b8:b1:03:a8:85:67:c4:0a:54:09:fc:
c5:d5:fc:3f:db:58:0a:e5:c3:8e:ff:70:ed:cc:8e:2e:b9:d9:
8a:54:67:f7:97:95:de:cb:5d:fb:cd:8a:a6:37:ba:16:9c:77:
80:f6:eb:89:82:37:e9:45:15:d5:ef:d3:f9:6b:2d:98:c2:fb:
ad:fd:02:8f:e5:f4:6f:7b:0b:b1:4c:8c:af:ad:f8:40:86:0e:
e5:11:3f:5e:da:1d:8c:29:75:27:f1:8e:dd:96:ee:9c:fd:a6:
ac:b0:df:41:a0:3d:e4:20:aa:08:a2:75:03:1d:83:27:0a:07:
83:c7:a3:93:8c:ff:b0:94:16:97:7c:7a:e0:5f:95:bd:34:f5:
42:05:fc:ac:f9:20:45:8b:90:3f:c8:00:1c:96:53:f0:28:08:
b1:31:36:f9:1b:eb:fb:db:e0:20:f4:3e:82:3e:fc:8a:94:0b:
d5:a7:cb:a3:0b:60:e8:07:a3:d8:f3:16:9e:af:6e:45:07:c8:
52:8d:8d:16:f0:0b:4a:06:b9:93:bb:5f:3d:ce:59:d3:f4:56:
74:e6:57:d9:c1:e5:9e:12:9b:94:ee:3c:e4:f3:1e:f3:a5:37:
fc:56:bf:84
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAU01MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI5MDc1MTE2WhcNMjUwMzA1MDc1MTE2WjAYMRYw
FAYDVQQDEw02Nzk5ZGRmOC04YzY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArWML1y8D5436ebuOsqP1bRSQEZjUMziGPC7OwUOGJgX6AkmHAv62S97Z
Wlr/BBJbU3/eDQn3xW2i+aRr140Wof74jYv0cs9vEkZeDjWYQIpTTs5EMhLSZihQ
5/5mSRcTl8RfN9Z9C7Q+JM+23daVHJ1iqsyBdMh8NnzdS9op1tEpiD5n+GdpyKYb
DEqmF5avV78Oi3rXIlgW7kQafxlsuCFxG5yM+q+VezC32jIwBhF1KMWkh96JxHr+
WZrRNZH9Hyo8oSvOmoQN8b543hwOMF6VG5a5WnLqT8vCarZ2meZGWqod0p1nHj9F
/lbVlL6/LPgrb9iqb1fBnq2ahnuVWwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJX4
7sbkz3T8m7pr6ERQsNkInajDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EM0UwRTI0Q0RFMTUxMUVGOTRBMzQyNTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtABMA0GCSqGSIb3DQEB
CwUAA4IBAQAK2kCd40pFjS3OLyPwRoK+T1j0Ed96BiziuLEDqIVnxApUCfzF1fw/
21gK5cOO/3DtzI4uudmKVGf3l5Xey137zYqmN7oWnHeA9uuJgjfpRRXV79P5ay2Y
wvut/QKP5fRvewuxTIyvrfhAhg7lET9e2h2MKXUn8Y7dlu6c/aassN9BoD3kIKoI
onUDHYMnCgeDx6OTjP+wlBaXfHrgX5W9NPVCBfys+SBFi5A/yAAcllPwKAixMTb5
G+v72+Ag9D6CPvyKlAvVp8ujC2DoB6PY8xaer25FB8hSjY0W8AtKBrmTu189zlnT
9FZ05lfZweWeEpuU7jzk8x7zpTf8Vr+E
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:41:21 2025 by rpki-client