Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF3AE392DB2011EF869BDA5A762E951A.roa
File: DF3AE392DB2011EF869BDA5A762E951A.roa (raw, json)
Hash identifier: /c0GsqgHKcI9WESmRn3DoH/QuDd71W8Pf1mwWdeN+9k=
Subject key identifier: 4F:8F:1D:C5:E2:45:66:41:1A:08:6E:72:6A:9B:14:23:64:BD:B1:BB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01498C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF3AE392DB2011EF869BDA5A762E951A.roa
Signing time: Sat 25 Jan 2025 13:32:50 +0000
ROA not before: Sat 25 Jan 2025 13:32:47 +0000
ROA not after: Tue 04 Feb 2025 13:32:47 +0000
asID: 395793
IP address blocks: 154.193.106.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84364 (0x1498c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 25 13:32:47 2025 GMT
Not After : Feb 4 13:32:47 2025 GMT
Subject: CN=6794e802-ac89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ac:0a:b3:58:83:13:b8:35:e1:ea:51:b2:7e:
69:c0:06:e9:20:c8:8a:18:34:22:dc:ce:53:03:c9:
7f:5f:3d:54:63:e7:e9:d3:f5:aa:f5:50:4e:29:27:
0a:06:88:6b:a3:64:2d:0f:91:e5:80:7d:59:26:eb:
14:c3:b0:c1:11:51:72:5e:c0:84:d0:c0:07:98:50:
f7:f7:4b:d1:fb:97:3b:d0:75:f4:fd:fe:39:fe:fc:
8c:76:f3:95:1e:8b:e5:b8:9c:16:24:3e:9f:7c:d2:
0f:d0:44:7a:61:02:20:cc:b0:d6:e5:d0:a2:72:8e:
da:67:6d:97:7b:ae:84:77:e6:26:8a:58:0f:da:4a:
0a:d9:87:21:75:cb:80:e2:06:b8:39:dd:4d:61:91:
bb:16:06:67:3d:20:4d:54:01:f3:fc:a1:78:13:83:
73:60:64:28:c6:89:46:3a:58:0d:32:86:3a:db:d6:
e3:57:f6:88:93:bc:ce:2f:e7:8e:44:c1:8c:66:ca:
f8:58:7c:81:29:8f:64:f2:06:24:3b:0a:38:b0:b9:
a3:55:52:e8:c1:20:71:ba:bf:bf:39:3b:ed:23:58:
42:b7:19:a4:7f:a2:cd:5d:a2:2a:08:a6:19:ea:65:
ec:37:d9:ab:5a:52:d3:ef:65:c9:d6:37:1e:60:90:
ff:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:8F:1D:C5:E2:45:66:41:1A:08:6E:72:6A:9B:14:23:64:BD:B1:BB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DF3AE392DB2011EF869BDA5A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.106.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:81:c0:72:af:b5:d3:d1:78:a7:91:48:b8:6a:4e:36:df:fa:
a1:b5:60:e8:d7:5f:ca:aa:40:37:13:d3:ea:c9:43:53:2a:7e:
fe:ce:df:02:57:ed:c2:c5:22:b2:ec:63:d2:7b:85:0f:7a:89:
75:fe:13:d1:b5:4d:91:b6:ed:80:a6:f4:90:06:ce:14:ac:c0:
00:e8:29:81:eb:d9:ab:27:ee:ce:ea:29:ff:9f:9c:f5:38:4e:
27:15:3f:a5:1f:9e:1d:03:e1:33:01:38:5f:af:37:60:73:37:
99:cc:2a:47:87:26:f7:ed:73:f1:bc:51:64:6b:f1:23:46:fd:
3a:1b:7c:8b:c4:06:83:88:70:ca:15:14:f3:3e:36:9c:ce:aa:
69:90:f9:00:4b:09:39:a1:90:0a:8b:58:4c:a1:de:d5:ac:65:
8d:3e:93:5f:48:af:10:f2:8a:47:b3:e8:72:46:53:e4:b0:9c:
53:9a:5d:ae:f5:bf:7f:d2:09:97:11:ec:de:1c:14:be:00:db:
ea:df:6e:22:6c:80:0f:a8:76:3a:e3:0f:8e:4c:21:67:97:8d:
18:cd:d2:b3:be:1f:b0:17:6c:55:36:fd:71:cb:96:0b:41:54:
84:5a:cd:6b:bf:36:0b:8c:f8:53:f2:f7:31:4c:8b:7b:87:6d:
c7:4a:5a:cc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUmMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI1MTMzMjQ3WhcNMjUwMjA0MTMzMjQ3WjAYMRYw
FAYDVQQDEw02Nzk0ZTgwMi1hYzg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtqwKs1iDE7g14epRsn5pwAbpIMiKGDQi3M5TA8l/Xz1UY+fp0/Wq9VBO
KScKBohro2QtD5HlgH1ZJusUw7DBEVFyXsCE0MAHmFD390vR+5c70HX0/f45/vyM
dvOVHovluJwWJD6ffNIP0ER6YQIgzLDW5dCico7aZ22Xe66Ed+YmilgP2koK2Ych
dcuA4ga4Od1NYZG7FgZnPSBNVAHz/KF4E4NzYGQoxolGOlgNMoY629bjV/aIk7zO
L+eORMGMZsr4WHyBKY9k8gYkOwo4sLmjVVLowSBxur+/OTvtI1hCtxmkf6LNXaIq
CKYZ6mXsN9mrWlLT72XJ1jceYJD/wQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE+P
HcXiRWZBGghucmqbFCNkvbG7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERjNBRTM5MkRCMjAxMUVGODY5QkRBNUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsFqMA0GCSqGSIb3DQEB
CwUAA4IBAQAegcByr7XT0XinkUi4ak423/qhtWDo11/KqkA3E9PqyUNTKn7+zt8C
V+3CxSKy7GPSe4UPeol1/hPRtU2Rtu2ApvSQBs4UrMAA6CmB69mrJ+7O6in/n5z1
OE4nFT+lH54dA+EzAThfrzdgczeZzCpHhyb37XPxvFFka/EjRv06G3yLxAaDiHDK
FRTzPjaczqppkPkASwk5oZAKi1hMod7VrGWNPpNfSK8Q8opHs+hyRlPksJxTml2u
9b9/0gmXEezeHBS+ANvq324ibIAPqHY64w+OTCFnl40YzdKzvh+wF2xVNv1xy5YL
QVSEWs1rvzYLjPhT8vcxTIt7h23HSlrM
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:12:09 2025 by rpki-client