Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DA44EC56C8E311EFA100BE8E762E951A.roa
File: DA44EC56C8E311EFA100BE8E762E951A.roa (raw, json)
Hash identifier: YeVM4jCzj+HHchdBdZ4+fSX+720e9JMN7rI9hqdMJJo=
Subject key identifier: C3:BA:38:95:C4:A9:4D:1E:92:DA:17:FD:16:F8:A8:FB:4D:FE:08:F7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01323F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DA44EC56C8E311EFA100BE8E762E951A.roa
Signing time: Thu 02 Jan 2025 08:30:42 +0000
ROA not before: Thu 02 Jan 2025 08:30:38 +0000
ROA not after: Sat 01 Mar 2025 08:30:38 +0000
asID: 328608
IP address blocks: 154.198.168.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78399 (0x1323f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 2 08:30:38 2025 GMT
Not After : Mar 1 08:30:38 2025 GMT
Subject: CN=67764eb2-2018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:04:11:45:63:f8:d1:ee:f0:c9:2e:aa:0a:69:
6b:84:82:9a:69:8e:4f:f2:ef:ee:cc:07:77:87:80:
76:29:83:db:23:c9:12:10:ea:18:e9:cf:54:83:64:
23:54:a4:24:23:f5:9e:67:d6:8e:1c:eb:61:54:dd:
e5:98:a6:c3:0a:af:44:a8:e2:2d:b4:14:a6:dc:f2:
82:9f:a4:63:83:f8:f1:fd:11:33:cc:06:87:cc:f6:
a9:c4:1c:65:c4:33:25:d5:ea:31:e2:c8:28:1a:d0:
45:b8:2e:9a:49:2f:e3:73:ce:a9:b7:1b:f1:56:05:
0b:7f:44:9b:8c:ee:ca:7a:1e:5b:68:5c:48:20:25:
51:4c:53:a1:5c:55:02:36:b7:7c:a9:21:ba:45:91:
76:50:6f:93:69:08:9b:66:c0:28:de:2f:5f:ba:6b:
61:88:26:07:a1:d3:0a:25:aa:1c:e0:f6:10:53:48:
7b:a2:75:e7:7f:10:8c:73:68:95:6e:d1:ac:3c:af:
c4:01:5a:71:15:3a:e4:63:db:3f:78:48:ee:d1:b2:
55:67:2f:cc:ba:9a:45:ef:ea:50:d1:29:d3:03:f5:
d3:33:f9:ca:db:10:0d:eb:87:07:10:c0:db:94:52:
fa:c9:98:ef:a9:85:53:d2:20:b6:6a:5f:af:5a:bc:
91:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:BA:38:95:C4:A9:4D:1E:92:DA:17:FD:16:F8:A8:FB:4D:FE:08:F7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DA44EC56C8E311EFA100BE8E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.168.0/22
Signature Algorithm: sha256WithRSAEncryption
cc:6b:c8:cc:84:0f:1a:0c:87:9b:4b:08:42:89:65:5e:0f:3e:
87:a3:08:9f:d1:8a:10:03:3b:e2:ff:4a:4c:30:dc:3e:d2:47:
00:67:a1:6b:09:e3:ef:86:17:1f:89:9e:ec:06:dd:fc:35:5a:
4d:62:57:bc:5a:27:e8:21:35:2c:1a:a9:e1:3c:91:f7:01:7d:
1a:e0:8f:8a:2b:c6:fe:06:25:27:44:16:1f:3f:6e:91:07:c2:
a3:1d:2c:c9:eb:6d:70:0e:7a:37:2f:55:32:e5:c4:35:23:c8:
78:de:d6:5f:07:6f:5e:13:d8:1b:f4:34:aa:02:e2:8e:4f:3f:
21:80:67:3e:74:bd:64:f7:6e:34:57:e9:d4:bd:ba:e9:8b:4d:
3f:a5:6b:76:45:f2:84:18:67:ba:10:28:73:34:58:67:64:96:
5c:05:14:e7:2b:d9:4f:ee:9b:ae:fd:50:c6:e7:6e:88:6e:1c:
96:2d:ff:cb:aa:4a:e0:24:86:07:89:79:e6:43:e8:64:eb:a3:
ce:e9:fa:c8:49:e4:83:6d:70:43:de:e6:f3:6e:48:44:85:ea:
c6:e9:94:f2:51:60:54:2a:7f:9f:33:75:26:ed:05:7f:c1:37:
b9:d0:0e:bb:e2:b5:ab:96:23:d2:75:2c:f9:b5:c7:3b:38:02:
a5:38:8f:76
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATI/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMDgzMDM4WhcNMjUwMzAxMDgzMDM4WjAYMRYw
FAYDVQQDEw02Nzc2NGViMi0yMDE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxQQRRWP40e7wyS6qCmlrhIKaaY5P8u/uzAd3h4B2KYPbI8kSEOoY6c9U
g2QjVKQkI/WeZ9aOHOthVN3lmKbDCq9EqOIttBSm3PKCn6Rjg/jx/REzzAaHzPap
xBxlxDMl1eox4sgoGtBFuC6aSS/jc86ptxvxVgULf0SbjO7Keh5baFxIICVRTFOh
XFUCNrd8qSG6RZF2UG+TaQibZsAo3i9fumthiCYHodMKJaoc4PYQU0h7onXnfxCM
c2iVbtGsPK/EAVpxFTrkY9s/eEju0bJVZy/MuppF7+pQ0SnTA/XTM/nK2xAN64cH
EMDblFL6yZjvqYVT0iC2al+vWryRdwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMO6
OJXEqU0ektoX/Rb4qPtN/gj3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQTQ0RUM1NkM4RTMxMUVGQTEwMEJFOEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsaoMA0GCSqGSIb3DQEB
CwUAA4IBAQDMa8jMhA8aDIebSwhCiWVeDz6Howif0YoQAzvi/0pMMNw+0kcAZ6Fr
CePvhhcfiZ7sBt38NVpNYle8WifoITUsGqnhPJH3AX0a4I+KK8b+BiUnRBYfP26R
B8KjHSzJ621wDno3L1Uy5cQ1I8h43tZfB29eE9gb9DSqAuKOTz8hgGc+dL1k9240
V+nUvbrpi00/pWt2RfKEGGe6EChzNFhnZJZcBRTnK9lP7puu/VDG526IbhyWLf/L
qkrgJIYHiXnmQ+hk66PO6frISeSDbXBD3ubzbkhEherG6ZTyUWBUKn+fM3Um7QV/
wTe50A674rWrliPSdSz5tcc7OAKlOI92
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:38:35 2025 by rpki-client