Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F3955982DA5B11EFBEE56CA5762E951A.roa
File: F3955982DA5B11EFBEE56CA5762E951A.roa (raw, json)
Hash identifier: 6xWPHSyEnIR8j0RBwdVxasVT+dU4TGj92f0jJ9LORqw=
Subject key identifier: B4:7F:3E:6E:0F:79:F8:A8:25:D2:9E:71:E2:D0:E7:4C:CC:97:AE:FF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0147DD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F3955982DA5B11EFBEE56CA5762E951A.roa
Signing time: Fri 24 Jan 2025 14:03:14 +0000
ROA not before: Fri 24 Jan 2025 14:03:10 +0000
ROA not after: Sat 01 Mar 2025 14:03:10 +0000
asID: 44559
IP address blocks: 154.81.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83933 (0x147dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 14:03:10 2025 GMT
Not After : Mar 1 14:03:10 2025 GMT
Subject: CN=67939da1-612b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:ce:bd:5c:3a:96:18:fa:9f:7a:e1:1f:04:1b:
57:56:c5:c7:50:91:aa:78:01:ff:34:75:00:07:e3:
34:5b:0b:ef:dd:8e:e8:c1:09:d9:b0:db:98:6b:2e:
0d:12:1c:8b:5a:8c:33:b5:c4:36:70:3e:ac:50:a5:
b4:2b:56:0b:f2:07:19:53:f4:28:99:05:d0:de:86:
31:c6:d9:b5:24:92:0f:f5:0b:13:ca:13:83:de:0b:
bc:62:66:fb:f5:81:4e:92:21:89:95:eb:c2:3b:5c:
68:45:c2:6e:0b:b3:53:51:f7:f3:7b:92:97:a0:b5:
a7:c6:54:59:16:39:45:73:4d:4f:a6:6d:aa:41:06:
25:c6:ed:47:3c:cc:13:41:79:87:79:47:27:26:f1:
26:a3:8a:4e:e8:05:eb:3c:26:ec:29:1f:6f:a8:42:
6b:f3:fd:d7:28:c4:ba:54:04:10:48:a6:c9:48:55:
e8:42:31:46:6a:98:c5:cc:5c:3d:a1:e9:16:6b:bd:
a6:8d:f0:17:f8:87:80:42:0a:16:96:99:61:7f:94:
a2:04:3b:98:7f:36:ff:1c:32:8c:7d:07:c1:22:bc:
c3:14:d3:ed:77:c8:9c:99:37:6f:d3:37:e3:a2:d6:
d9:1e:8c:a9:e4:54:96:cc:7f:35:ef:e7:3d:f0:55:
26:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:7F:3E:6E:0F:79:F8:A8:25:D2:9E:71:E2:D0:E7:4C:CC:97:AE:FF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F3955982DA5B11EFBEE56CA5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.199.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:c0:1f:da:c8:c5:fd:c4:b3:47:4b:85:73:ab:ac:02:36:f1:
6d:25:6c:e8:56:a8:87:f5:31:c8:ed:fe:84:ac:53:c9:d0:df:
07:11:e7:95:c6:9f:fb:88:14:7b:08:d8:21:f6:0f:99:01:43:
9c:fd:4c:13:5f:2d:08:e0:1c:8e:fe:b4:4e:12:67:84:df:f8:
bd:a8:25:b2:1e:b9:44:52:2c:19:eb:9a:1e:df:6d:b0:99:e9:
eb:c2:4b:0a:f0:8f:dc:bc:c5:c9:42:fe:08:de:f0:a8:24:23:
79:57:13:23:0d:5c:ac:97:2c:8d:39:bf:e5:bc:8c:72:57:23:
00:81:f2:ac:67:eb:1a:6b:e8:d5:3d:48:e5:34:4f:65:2a:e9:
55:fe:7a:fa:27:28:e3:bb:7e:0c:e8:71:8b:09:98:32:03:0f:
31:6f:eb:72:d0:ad:90:5f:f1:d8:8e:ed:dc:48:ab:bd:b9:92:
12:ac:bd:69:0d:00:c8:a4:08:ae:aa:79:89:b6:82:44:c5:35:
b4:9e:34:cb:54:b2:22:4b:81:ff:3b:d6:c6:3c:63:e7:aa:80:
9a:f5:54:03:75:c9:90:b7:b1:c8:01:ab:65:33:5e:da:e5:06:
a7:9a:9b:84:d4:5c:f8:6d:85:82:2d:a4:dc:a8:b2:ca:cf:22:
66:8f:23:64
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUfdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTQwMzEwWhcNMjUwMzAxMTQwMzEwWjAYMRYw
FAYDVQQDEw02NzkzOWRhMS02MTJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9M69XDqWGPqfeuEfBBtXVsXHUJGqeAH/NHUAB+M0Wwvv3Y7owQnZsNuY
ay4NEhyLWowztcQ2cD6sUKW0K1YL8gcZU/QomQXQ3oYxxtm1JJIP9QsTyhOD3gu8
Ymb79YFOkiGJlevCO1xoRcJuC7NTUffze5KXoLWnxlRZFjlFc01Ppm2qQQYlxu1H
PMwTQXmHeUcnJvEmo4pO6AXrPCbsKR9vqEJr8/3XKMS6VAQQSKbJSFXoQjFGapjF
zFw9oekWa72mjfAX+IeAQgoWlplhf5SiBDuYfzb/HDKMfQfBIrzDFNPtd8icmTdv
0zfjotbZHoyp5FSWzH817+c98FUmDQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLR/
Pm4PefioJdKeceLQ50zMl67/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMzk1NTk4MkRBNUIxMUVGQkVFNTZDQTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlHHMA0GCSqGSIb3DQEB
CwUAA4IBAQBawB/ayMX9xLNHS4Vzq6wCNvFtJWzoVqiH9THI7f6ErFPJ0N8HEeeV
xp/7iBR7CNgh9g+ZAUOc/UwTXy0I4ByO/rROEmeE3/i9qCWyHrlEUiwZ65oe322w
menrwksK8I/cvMXJQv4I3vCoJCN5VxMjDVyslyyNOb/lvIxyVyMAgfKsZ+saa+jV
PUjlNE9lKulV/nr6Jyjju34M6HGLCZgyAw8xb+ty0K2QX/HYju3cSKu9uZISrL1p
DQDIpAiuqnmJtoJExTW0njTLVLIiS4H/O9bGPGPnqoCa9VQDdcmQt7HIAatlM17a
5QanmpuE1Fz4bYWCLaTcqLLKzyJmjyNk
-----END CERTIFICATE-----
Generated at Sat Apr 26 23:02:25 2025 by rpki-client