Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D4138ED2BEA711EFB160D69E762E951A.roa
File: D4138ED2BEA711EFB160D69E762E951A.roa (raw, json)
Hash identifier: CRBgTcpgHgV27fayK3UqNTbz9lLYlJUbo2FUQxcuPpU=
Subject key identifier: 7F:A5:53:CA:39:F4:02:32:92:92:16:0D:A0:AD:F3:D5:8B:D3:D8:8E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011C68
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D4138ED2BEA711EFB160D69E762E951A.roa
Signing time: Fri 20 Dec 2024 07:55:50 +0000
ROA not before: Fri 20 Dec 2024 07:55:46 +0000
ROA not after: Thu 20 Mar 2025 07:55:46 +0000
asID: 2914
IP address blocks: 154.214.220.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72808 (0x11c68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Dec 20 07:55:46 2024 GMT
Not After : Mar 20 07:55:46 2025 GMT
Subject: CN=67652306-2f53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d8:af:60:17:88:e7:c7:e3:74:cd:4d:cd:4c:
d8:8f:91:20:e1:8e:52:4c:23:72:ff:5d:25:89:43:
19:67:55:10:b8:ac:71:81:d4:3e:63:4e:0d:f4:d1:
9a:56:7e:06:d2:48:85:14:33:d9:b3:60:b6:7a:44:
13:4d:d8:49:e8:ca:c2:2e:07:16:23:9c:a3:f6:20:
b6:3d:3c:db:82:c9:bc:2e:5e:27:1e:e2:ac:3f:73:
b9:41:58:ac:88:d1:db:d6:b5:be:cd:5a:2d:37:e9:
1f:f9:f3:f0:d9:a4:06:64:99:ee:70:43:63:b7:f9:
58:6f:83:48:89:a0:89:1e:a4:db:3a:49:e3:a2:26:
9a:61:54:eb:d4:86:2d:54:e4:d3:d4:25:a1:5d:ad:
a9:8d:23:43:ec:4a:69:04:65:1b:de:a0:3f:61:e0:
28:1b:c9:a6:11:fe:61:55:42:b5:04:dc:b4:fd:68:
b8:1b:8b:54:86:63:49:64:ad:9d:41:1c:a7:21:cc:
e8:3a:d5:32:b8:0c:18:89:6d:55:fa:a1:e0:1a:c2:
3e:b2:9d:ff:65:c8:23:80:30:7e:7b:d6:ab:e8:76:
6f:77:0d:2d:4c:95:ac:83:85:d9:71:0b:28:03:3b:
5c:43:b1:2a:86:19:9b:1d:62:34:f9:5c:f8:55:33:
95:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:A5:53:CA:39:F4:02:32:92:92:16:0D:A0:AD:F3:D5:8B:D3:D8:8E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D4138ED2BEA711EFB160D69E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.220.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:d4:e7:7d:72:78:83:95:de:0c:b4:1c:f1:f3:ef:b0:14:65:
11:45:2f:5b:7f:e0:b4:ad:a5:66:32:82:1f:7b:9f:12:2f:38:
da:e9:d9:cd:eb:9b:52:52:a6:33:3e:d0:1c:70:2a:a5:2d:fc:
a5:b6:57:8d:a9:5c:41:9d:e7:92:52:56:56:a2:ed:d9:09:b7:
8c:22:8a:ac:af:28:14:e1:a4:25:f8:54:aa:bc:f0:e5:1f:84:
5a:8b:8e:dc:17:88:48:89:f3:1f:12:b8:fb:f8:e0:25:83:d9:
1f:8c:3e:45:37:13:2d:7c:36:24:c4:55:64:9a:63:c2:fa:0d:
fa:53:b9:9d:32:dc:36:3e:18:e6:03:de:1a:6a:32:91:58:1f:
f8:28:7d:4e:5e:ad:12:9b:ba:ef:fb:9e:86:a7:fc:a7:ee:c3:
e7:04:17:df:30:50:03:a6:71:b2:a7:53:c1:2e:87:df:69:f4:
5f:e1:54:c3:a1:ca:f0:b3:ab:28:ab:d3:ea:62:9b:4a:a8:b5:
4b:d9:2d:18:76:19:c0:53:1c:45:0e:08:af:f7:e2:d0:3f:ae:
cc:a0:58:73:4f:70:bb:1d:ac:89:6a:4a:85:59:5d:0e:0e:a8:
10:fb:7e:24:af:5c:f7:f4:f7:b5:42:cb:8b:0b:f3:76:7a:2e:
27:33:97:9f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARxoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIwMDc1NTQ2WhcNMjUwMzIwMDc1NTQ2WjAYMRYw
FAYDVQQDEw02NzY1MjMwNi0yZjUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0tivYBeI58fjdM1NzUzYj5Eg4Y5STCNy/10liUMZZ1UQuKxxgdQ+Y04N
9NGaVn4G0kiFFDPZs2C2ekQTTdhJ6MrCLgcWI5yj9iC2PTzbgsm8Ll4nHuKsP3O5
QVisiNHb1rW+zVotN+kf+fPw2aQGZJnucENjt/lYb4NIiaCJHqTbOknjoiaaYVTr
1IYtVOTT1CWhXa2pjSND7EppBGUb3qA/YeAoG8mmEf5hVUK1BNy0/Wi4G4tUhmNJ
ZK2dQRynIczoOtUyuAwYiW1V+qHgGsI+sp3/ZcgjgDB+e9ar6HZvdw0tTJWsg4XZ
cQsoAztcQ7EqhhmbHWI0+Vz4VTOVcwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH+l
U8o59AIykpIWDaCt89WL09iOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENDEzOEVEMkJFQTcxMUVGQjE2MEQ2OUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtbcMA0GCSqGSIb3DQEB
CwUAA4IBAQBr1Od9cniDld4MtBzx8++wFGURRS9bf+C0raVmMoIfe58SLzja6dnN
65tSUqYzPtAccCqlLfyltleNqVxBneeSUlZWou3ZCbeMIoqsrygU4aQl+FSqvPDl
H4Rai47cF4hIifMfErj7+OAlg9kfjD5FNxMtfDYkxFVkmmPC+g36U7mdMtw2Phjm
A94aajKRWB/4KH1OXq0Sm7rv+56Gp/yn7sPnBBffMFADpnGyp1PBLoffafRf4VTD
ocrws6soq9PqYptKqLVL2S0YdhnAUxxFDgiv9+LQP67MoFhzT3C7HayJakqFWV0O
DqgQ+34kr1z39Pe1QsuLC/N2ei4nM5ef
-----END CERTIFICATE-----
Generated at Fri Apr 25 16:45:54 2025 by rpki-client