Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F38B8D4CBEB511EF87A67376762E951A.roa
File: F38B8D4CBEB511EF87A67376762E951A.roa (raw, json)
Hash identifier: Nw6CswjV4EEzgfaKZoZVT4Jf9WfdJZ9VD4FyJiZOka0=
Subject key identifier: E4:2E:A1:17:1D:E5:40:82:D3:A1:87:1B:2D:05:13:2E:99:19:16:AF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011CB8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F38B8D4CBEB511EF87A67376762E951A.roa
Signing time: Fri 20 Dec 2024 09:36:56 +0000
ROA not before: Fri 20 Dec 2024 09:36:52 +0000
ROA not after: Sun 02 Feb 2025 09:36:52 +0000
asID: 48031
IP address blocks: 154.222.216.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72888 (0x11cb8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Dec 20 09:36:52 2024 GMT
Not After : Feb 2 09:36:52 2025 GMT
Subject: CN=67653ab7-18a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6a:6c:b6:79:79:af:6c:4d:40:68:4c:59:09:
16:d7:e1:1e:e6:49:74:cb:8a:33:1a:2a:8f:b0:d7:
ba:2b:c5:1c:a1:7f:47:fc:dc:8f:b3:1e:ed:6a:cd:
58:ad:9d:79:1c:76:75:1e:9f:51:99:a0:3a:75:06:
c3:72:db:a3:ab:9a:89:a2:82:ab:97:2c:58:e2:29:
42:5d:cc:d7:b7:0f:36:1d:61:a0:9d:d9:e7:7a:79:
e6:f4:7b:23:c0:07:5b:32:aa:fa:81:c9:27:7d:ea:
1c:af:22:86:95:e8:6f:b9:02:98:ee:8b:65:41:d2:
10:39:88:b3:65:1a:55:e4:49:85:7c:d4:99:9f:86:
49:44:71:10:d6:2b:93:4e:f8:06:31:d4:4b:d2:90:
9e:67:32:76:e3:95:b0:11:c9:5f:c1:f6:8b:08:46:
ba:ac:9d:1a:a6:bc:09:f0:69:c3:2b:c5:6c:ec:1c:
36:99:ea:8e:35:31:61:75:90:6c:17:27:2c:a8:7c:
be:6d:cd:d9:9c:bf:89:54:44:f6:e3:4e:0f:67:99:
90:fe:97:cb:10:3d:c2:f3:17:b6:44:9a:c3:06:ed:
dd:d1:a7:47:1d:49:8d:3a:06:3f:18:cc:7a:01:0c:
05:3b:a0:61:cc:bc:4d:ad:4e:26:b5:55:dd:b5:8f:
24:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:2E:A1:17:1D:E5:40:82:D3:A1:87:1B:2D:05:13:2E:99:19:16:AF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F38B8D4CBEB511EF87A67376762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.216.0/22
Signature Algorithm: sha256WithRSAEncryption
52:24:bc:ea:90:a0:50:01:23:e2:c1:18:fa:5e:ca:ea:51:ce:
8f:8f:88:73:65:21:d4:b1:70:c3:fb:e1:c9:fc:9d:59:49:f5:
fc:72:3b:92:e4:d9:0a:b3:56:7a:53:82:07:24:b8:0c:29:af:
e7:44:8a:d8:4f:b9:3d:51:c0:91:df:72:83:72:94:66:3d:8f:
eb:5d:a5:23:d5:1b:9e:ec:6f:d7:a4:7c:63:e7:d3:97:3b:35:
a7:f4:fe:86:ec:b1:c0:bb:3c:b1:89:3f:aa:46:9a:71:81:fd:
0f:58:3f:49:f5:53:ec:24:99:dd:ec:af:97:27:49:18:20:8b:
c5:b8:53:55:36:2b:c2:c2:c1:5b:3d:88:f0:56:2c:bc:89:86:
3f:81:bd:e9:57:07:84:8f:b1:d2:67:a8:71:b4:da:91:b9:da:
3c:d1:b1:04:44:99:15:a3:98:78:88:7e:3e:28:76:0b:92:d2:
7b:a6:7d:9d:a9:7a:c2:7f:d5:3e:08:bf:c6:95:c7:32:0c:96:
a3:e1:fa:73:54:71:57:7e:25:19:7e:b8:08:e9:bd:eb:8e:16:
49:bc:66:7c:0a:29:d7:13:89:f8:68:8a:cc:2c:b4:65:f3:b7:
7e:27:e5:1c:e2:0b:35:fb:7e:54:a0:de:b5:c0:a4:7c:71:d1:
34:a4:af:f1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARy4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIwMDkzNjUyWhcNMjUwMjAyMDkzNjUyWjAYMRYw
FAYDVQQDEw02NzY1M2FiNy0xOGE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzWpstnl5r2xNQGhMWQkW1+Ee5kl0y4ozGiqPsNe6K8UcoX9H/NyPsx7t
as1YrZ15HHZ1Hp9RmaA6dQbDctujq5qJooKrlyxY4ilCXczXtw82HWGgndnnennm
9HsjwAdbMqr6gcknfeocryKGlehvuQKY7otlQdIQOYizZRpV5EmFfNSZn4ZJRHEQ
1iuTTvgGMdRL0pCeZzJ245WwEclfwfaLCEa6rJ0aprwJ8GnDK8Vs7Bw2meqONTFh
dZBsFycsqHy+bc3ZnL+JVET2404PZ5mQ/pfLED3C8xe2RJrDBu3d0adHHUmNOgY/
GMx6AQwFO6BhzLxNrU4mtVXdtY8k1QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOQu
oRcd5UCC06GHGy0FEy6ZGRavMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMzhCOEQ0Q0JFQjUxMUVGODdBNjczNzY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmt7YMA0GCSqGSIb3DQEB
CwUAA4IBAQBSJLzqkKBQASPiwRj6XsrqUc6Pj4hzZSHUsXDD++HJ/J1ZSfX8cjuS
5NkKs1Z6U4IHJLgMKa/nRIrYT7k9UcCR33KDcpRmPY/rXaUj1Rue7G/XpHxj59OX
OzWn9P6G7LHAuzyxiT+qRppxgf0PWD9J9VPsJJnd7K+XJ0kYIIvFuFNVNivCwsFb
PYjwViy8iYY/gb3pVweEj7HSZ6hxtNqRudo80bEERJkVo5h4iH4+KHYLktJ7pn2d
qXrCf9U+CL/GlccyDJaj4fpzVHFXfiUZfrgI6b3rjhZJvGZ8CinXE4n4aIrMLLRl
87d+J+Uc4gs1+35UoN61wKR8cdE0pK/x
-----END CERTIFICATE-----
Generated at Sat Apr 26 01:56:07 2025 by rpki-client