Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/146CE6FCDBCE11EF9137C66B762E951A.roa
File: 146CE6FCDBCE11EF9137C66B762E951A.roa (raw, json)
Hash identifier: i9OuFyLy8ZtSZcwqrhollrFnkHvFOHrGrzgLSYweU/4=
Subject key identifier: CE:5F:01:4D:CD:58:00:AF:52:84:0E:AB:A4:3D:D0:1D:0E:C0:29:FC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014A6B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/146CE6FCDBCE11EF9137C66B762E951A.roa
Signing time: Sun 26 Jan 2025 10:12:42 +0000
ROA not before: Sun 26 Jan 2025 10:12:38 +0000
ROA not after: Sat 22 Feb 2025 10:12:38 +0000
asID: 202736
IP address blocks: 154.88.57.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84587 (0x14a6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 26 10:12:38 2025 GMT
Not After : Feb 22 10:12:38 2025 GMT
Subject: CN=67960a9a-2a4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:14:a7:5d:4f:a1:c7:60:c9:fd:f4:ad:8b:6e:
61:9f:ad:e3:0b:f4:1a:33:e7:ff:0a:3c:8d:bc:26:
d5:4e:9f:53:9f:e9:80:83:7f:36:f6:a7:81:f3:4c:
79:4d:8f:58:73:f8:44:62:8e:20:25:53:ef:13:3a:
68:e3:a8:ba:dc:73:ea:ec:92:6b:8f:72:96:e1:df:
1e:c4:1d:91:7a:0c:5f:78:58:3d:5d:a2:cb:4c:27:
c4:f7:f2:15:8c:93:e8:24:86:62:42:95:73:15:57:
6e:46:56:36:43:e6:9e:f4:7a:45:ec:64:dd:07:50:
f8:7a:8c:b2:42:de:af:fb:2c:8e:4f:48:b1:a3:ec:
57:18:4e:ff:53:09:19:4c:c0:7c:ce:35:08:8b:b4:
5e:81:a5:32:12:f0:ea:97:df:44:60:af:d2:5b:6d:
61:41:0c:5f:81:ee:de:94:13:2d:50:42:56:c2:18:
64:11:dc:51:41:b1:ca:47:cc:3c:44:b2:da:9f:27:
ba:f2:54:34:81:a3:2c:6e:f9:90:9a:26:2c:ad:0c:
3e:c1:d5:17:ba:f6:6c:ee:57:41:61:76:21:5f:16:
f3:67:fd:fc:6a:3c:2d:12:c9:08:10:d1:a4:8c:3c:
a0:53:ad:e7:3a:a5:89:f1:cc:dc:08:47:42:fe:e9:
90:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:5F:01:4D:CD:58:00:AF:52:84:0E:AB:A4:3D:D0:1D:0E:C0:29:FC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/146CE6FCDBCE11EF9137C66B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.57.0/24
Signature Algorithm: sha256WithRSAEncryption
79:13:d5:d3:7b:9f:d2:9a:56:cb:ce:3e:e6:19:0b:71:c9:50:
f4:92:aa:21:40:5b:14:3a:1f:80:61:31:26:45:45:d5:52:d2:
11:88:ba:af:e5:6c:5c:d2:43:7c:f6:5c:c8:2a:e7:b4:75:7b:
ef:07:42:6a:ef:60:c3:db:29:c3:79:8c:a8:b7:9f:6e:50:7b:
15:e8:9f:38:a7:80:4f:d7:23:55:80:49:16:c4:37:d8:6f:5d:
3c:88:10:9d:23:06:76:66:6e:bf:87:34:34:f2:29:91:41:51:
73:99:fc:74:e4:dd:68:26:56:cc:4a:c2:93:d8:c0:16:13:5b:
f4:74:3d:38:6b:d2:3c:9e:29:2a:31:38:bc:2a:43:6c:dd:ca:
f8:be:ea:0e:19:ba:89:e2:81:04:8a:3d:7e:55:f1:12:a8:b0:
6f:6a:04:8c:e6:be:08:88:f3:c0:70:4e:60:fb:8a:cf:58:1d:
1c:df:8d:31:28:a7:29:ac:c4:02:61:d1:12:35:dc:72:e2:b9:
d7:31:aa:ba:8d:e7:ad:be:88:b9:ee:5b:0a:58:45:56:3f:0f:
e7:fc:11:12:3e:14:e3:c7:89:cd:15:ee:c8:88:51:fe:a6:f4:
26:06:1c:c2:97:a1:af:7b:27:91:c7:76:ec:2e:21:de:89:42:
96:46:35:60
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUprMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI2MTAxMjM4WhcNMjUwMjIyMTAxMjM4WjAYMRYw
FAYDVQQDEw02Nzk2MGE5YS0yYTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzBSnXU+hx2DJ/fSti25hn63jC/QaM+f/CjyNvCbVTp9Tn+mAg3829qeB
80x5TY9Yc/hEYo4gJVPvEzpo46i63HPq7JJrj3KW4d8exB2RegxfeFg9XaLLTCfE
9/IVjJPoJIZiQpVzFVduRlY2Q+ae9HpF7GTdB1D4eoyyQt6v+yyOT0ixo+xXGE7/
UwkZTMB8zjUIi7RegaUyEvDql99EYK/SW21hQQxfge7elBMtUEJWwhhkEdxRQbHK
R8w8RLLanye68lQ0gaMsbvmQmiYsrQw+wdUXuvZs7ldBYXYhXxbzZ/38ajwtEskI
ENGkjDygU63nOqWJ8czcCEdC/umQOQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM5f
AU3NWACvUoQOq6Q90B0OwCn8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNDZDRTZGQ0RCQ0UxMUVGOTEzN0M2NkI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlg5MA0GCSqGSIb3DQEB
CwUAA4IBAQB5E9XTe5/SmlbLzj7mGQtxyVD0kqohQFsUOh+AYTEmRUXVUtIRiLqv
5Wxc0kN89lzIKue0dXvvB0Jq72DD2ynDeYyot59uUHsV6J84p4BP1yNVgEkWxDfY
b108iBCdIwZ2Zm6/hzQ08imRQVFzmfx05N1oJlbMSsKT2MAWE1v0dD04a9I8nikq
MTi8KkNs3cr4vuoOGbqJ4oEEij1+VfESqLBvagSM5r4IiPPAcE5g+4rPWB0c340x
KKcprMQCYdESNdxy4rnXMaq6jeetvoi57lsKWEVWPw/n/BESPhTjx4nNFe7IiFH+
pvQmBhzCl6GveyeRx3bsLiHeiUKWRjVg
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:45:21 2025 by rpki-client