Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23F10EAEDFF811EFBE28397C762E951A.roa
File: 23F10EAEDFF811EFBE28397C762E951A.roa (raw, json)
Hash identifier: NRWs4UBLGR1Td9Ig0QURTwzsq0e/F73+2EPDWtUpgyQ=
Subject key identifier: 07:05:6E:50:41:2A:A1:02:AC:ED:D9:CC:1B:A2:35:5E:91:49:3C:C1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014E2B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23F10EAEDFF811EFBE28397C762E951A.roa
Signing time: Fri 31 Jan 2025 17:23:52 +0000
ROA not before: Fri 31 Jan 2025 17:23:48 +0000
ROA not after: Tue 11 Feb 2025 17:23:48 +0000
asID: 200373
IP address blocks: 154.94.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85547 (0x14e2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 31 17:23:48 2025 GMT
Not After : Feb 11 17:23:48 2025 GMT
Subject: CN=679d0728-d523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:94:10:58:c3:eb:f2:38:2e:83:dc:86:85:89:
a8:b9:8c:da:e5:33:23:dd:c5:46:ab:76:d8:02:14:
eb:00:69:65:9d:82:8c:19:2d:11:b6:f3:92:2c:e2:
54:84:d5:7e:6a:4d:d3:d2:81:c2:df:e0:07:f5:da:
bb:35:69:ff:00:2f:2b:c8:8b:07:63:29:90:09:7b:
b5:a5:b0:95:0d:2e:2d:3f:cf:ea:45:a8:9e:d4:44:
69:49:c5:7c:4d:75:00:09:62:31:e4:01:44:cc:92:
40:fa:21:c6:33:37:e4:cd:13:6e:a0:a3:85:78:98:
8a:6a:22:b1:2c:7d:c0:84:08:43:8f:2b:0e:ca:40:
3c:0c:c1:03:28:72:e1:26:90:88:69:9b:f3:1f:68:
20:f1:fb:f4:db:8c:95:fd:88:29:d0:1a:6a:5f:16:
c8:c0:0e:ac:13:a9:d3:0b:c0:dc:6e:10:a8:6c:d7:
a0:44:28:3e:01:b9:a2:c3:60:21:f6:5c:37:8b:ad:
d1:0b:c6:68:15:6c:c0:5a:e0:4c:71:be:04:72:52:
ce:e5:f6:81:ac:c1:91:ce:bb:6e:4f:87:ba:fc:dd:
a3:68:c5:67:df:c2:fd:00:26:a5:9a:11:93:03:d2:
bd:52:92:55:1c:e9:a7:14:9b:76:f5:ce:13:89:59:
2a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:05:6E:50:41:2A:A1:02:AC:ED:D9:CC:1B:A2:35:5E:91:49:3C:C1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/23F10EAEDFF811EFBE28397C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.13.0/24
Signature Algorithm: sha256WithRSAEncryption
95:85:5a:e2:62:56:1f:aa:24:60:5a:94:7a:e1:4c:54:3d:dd:
c8:23:c2:53:ff:73:48:4b:91:d2:a0:b8:48:d9:6b:ec:be:7a:
02:22:68:85:d6:fc:f5:c0:71:0f:4d:ed:f4:b5:c3:18:3f:b4:
3d:44:ad:26:34:16:76:51:fb:72:eb:c0:05:11:3b:d0:b5:8b:
25:44:f3:d3:ac:67:b1:67:ae:1e:3b:3d:b1:ca:ef:e1:f3:76:
ca:80:0b:6e:15:d3:17:6c:b7:b1:48:8e:1f:ab:5d:4a:76:b0:
ba:84:5f:d2:50:fe:82:40:b4:c1:d6:c1:99:93:6a:ac:6e:e0:
ee:0a:fa:81:96:74:7b:0f:94:11:4d:27:5a:db:26:6e:42:ea:
d8:dd:cf:5f:ce:cd:e2:6d:b1:b1:d4:3c:44:43:0f:69:e3:8b:
e3:e9:83:3c:8e:d2:02:6c:05:f7:2f:df:f7:6e:99:ee:2e:cc:
02:58:bd:0b:62:d9:d2:76:50:fd:de:5a:1c:ab:cf:bf:78:5f:
f9:40:f8:98:be:79:6a:65:50:82:e2:c1:9d:fa:a3:3b:0a:7f:
f2:a8:9b:82:ad:00:17:30:06:b2:f6:14:75:02:b1:9c:2d:b6:
c5:19:a2:05:3c:5d:ad:df:f3:b0:70:af:76:c1:bc:c5:48:2d:
d2:ad:db:6d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAU4rMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTMxMTcyMzQ4WhcNMjUwMjExMTcyMzQ4WjAYMRYw
FAYDVQQDEw02NzlkMDcyOC1kNTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwZQQWMPr8jgug9yGhYmouYza5TMj3cVGq3bYAhTrAGllnYKMGS0RtvOS
LOJUhNV+ak3T0oHC3+AH9dq7NWn/AC8ryIsHYymQCXu1pbCVDS4tP8/qRaie1ERp
ScV8TXUACWIx5AFEzJJA+iHGMzfkzRNuoKOFeJiKaiKxLH3AhAhDjysOykA8DMED
KHLhJpCIaZvzH2gg8fv024yV/Ygp0BpqXxbIwA6sE6nTC8DcbhCobNegRCg+Abmi
w2Ah9lw3i63RC8ZoFWzAWuBMcb4EclLO5faBrMGRzrtuT4e6/N2jaMVn38L9ACal
mhGTA9K9UpJVHOmnFJt29c4TiVkqxQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAcF
blBBKqECrO3ZzBuiNV6RSTzBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yM0YxMEVBRURGRjgxMUVGQkUyODM5N0M3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4NMA0GCSqGSIb3DQEB
CwUAA4IBAQCVhVriYlYfqiRgWpR64UxUPd3II8JT/3NIS5HSoLhI2WvsvnoCImiF
1vz1wHEPTe30tcMYP7Q9RK0mNBZ2Ufty68AFETvQtYslRPPTrGexZ64eOz2xyu/h
83bKgAtuFdMXbLexSI4fq11KdrC6hF/SUP6CQLTB1sGZk2qsbuDuCvqBlnR7D5QR
TSda2yZuQurY3c9fzs3ibbGx1DxEQw9p44vj6YM8jtICbAX3L9/3bpnuLswCWL0L
YtnSdlD93locq8+/eF/5QPiYvnlqZVCC4sGd+qM7Cn/yqJuCrQAXMAay9hR1ArGc
LbbFGaIFPF2t3/OwcK92wbzFSC3Srdtt
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:46:08 2025 by rpki-client