Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3C2AB700DB3811EFA814E075762E951A.roa
File: 3C2AB700DB3811EFA814E075762E951A.roa (raw, json)
Hash identifier: twLtGKup2v9mnHbccNyT8RF7T01k3XhouqEvazIlVzs=
Subject key identifier: E9:98:8B:70:3E:33:74:5F:C3:A9:68:6B:86:1D:62:2B:D6:C7:38:1C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014A2C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3C2AB700DB3811EFA814E075762E951A.roa
Signing time: Sat 25 Jan 2025 16:20:05 +0000
ROA not before: Sat 25 Jan 2025 16:20:01 +0000
ROA not after: Fri 07 Mar 2025 16:20:01 +0000
asID: 138915
IP address blocks: 154.223.76.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84524 (0x14a2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 25 16:20:01 2025 GMT
Not After : Mar 7 16:20:01 2025 GMT
Subject: CN=67950f34-6e5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a7:40:8a:82:9b:d4:3b:be:62:7a:9e:c2:7e:
ef:29:64:1b:bf:6b:e4:33:db:c7:97:ff:06:f3:44:
c3:86:c7:b8:89:b0:3a:2c:a0:ca:fe:be:d6:e7:27:
96:3a:bc:33:5a:ee:3b:f3:3e:19:c4:e8:17:33:6d:
3d:e5:be:5b:a1:95:6a:0c:f0:9a:49:35:dd:7f:30:
e6:5c:1a:0d:49:03:0a:64:b4:5a:a5:da:95:6b:65:
09:bc:a6:2f:80:1d:75:55:c8:f0:22:e6:96:20:60:
d6:02:69:f6:bd:e8:bf:9d:06:94:4b:c2:69:62:e5:
e7:1a:2d:db:51:f9:d8:7c:83:db:9b:c3:0c:0c:6d:
d6:eb:95:7d:8c:ab:3d:ac:86:ab:21:7e:f5:b5:31:
9c:d3:63:41:c1:12:7e:16:68:4b:0a:6e:b9:71:f7:
55:63:8f:e0:27:32:d6:4a:f7:37:ca:ad:df:ae:0d:
fa:9d:5d:48:df:87:a9:1b:74:a5:d9:1b:c2:4e:7c:
1b:78:b7:4e:21:a5:86:20:c0:08:db:6c:16:0a:4f:
4c:90:26:90:3b:a7:41:1d:77:f2:8d:ef:82:64:db:
30:63:a6:53:da:c8:f8:7e:e3:c5:51:98:a9:93:66:
bf:86:ff:d0:a7:00:c3:12:6c:5c:9e:40:e0:97:cd:
b5:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:98:8B:70:3E:33:74:5F:C3:A9:68:6B:86:1D:62:2B:D6:C7:38:1C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3C2AB700DB3811EFA814E075762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.76.0/23
Signature Algorithm: sha256WithRSAEncryption
50:d1:b4:75:51:72:80:f4:cc:6c:5b:7f:c6:68:c5:e8:6b:39:
ff:90:33:48:09:ca:3f:6f:21:1d:39:55:12:f0:1c:01:e9:ad:
46:ee:d6:7b:fc:dd:69:84:e9:bf:24:7f:99:89:ed:6d:d0:b8:
4d:a5:0e:78:ec:e2:6f:64:9c:cb:a4:79:52:89:47:75:89:9c:
bb:e7:d6:78:c2:6e:5d:3e:61:87:8d:ea:d0:04:ca:bc:38:3a:
1a:e2:fc:5a:e3:69:69:c9:22:5b:2c:91:83:b1:63:a3:93:c7:
2a:dd:c8:90:8d:30:15:bc:0e:47:39:14:ab:ed:3c:a1:b2:bc:
ad:7e:bf:ae:67:4b:15:47:09:ac:32:f7:09:df:5a:0f:5c:9f:
86:d3:8b:82:72:41:49:0c:56:9f:7e:b8:30:51:3b:54:cd:58:
07:93:45:e4:62:26:2a:7a:fb:52:24:ee:47:0e:c7:de:8b:3f:
3c:da:76:dd:d4:6c:d6:f1:0c:f6:cb:04:a2:58:5e:a0:6f:78:
ac:66:1c:f6:52:cf:f7:20:cd:0f:a4:57:55:80:7f:c3:35:fd:
31:28:54:29:45:18:b1:b1:2a:21:54:dc:92:18:7d:58:52:3c:
63:61:61:69:1a:09:2d:36:d6:a1:65:ab:76:32:b6:fd:07:07:
f7:84:7e:fc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUosMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI1MTYyMDAxWhcNMjUwMzA3MTYyMDAxWjAYMRYw
FAYDVQQDEw02Nzk1MGYzNC02ZTVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0KdAioKb1Du+Ynqewn7vKWQbv2vkM9vHl/8G80TDhse4ibA6LKDK/r7W
5yeWOrwzWu478z4ZxOgXM2095b5boZVqDPCaSTXdfzDmXBoNSQMKZLRapdqVa2UJ
vKYvgB11VcjwIuaWIGDWAmn2vei/nQaUS8JpYuXnGi3bUfnYfIPbm8MMDG3W65V9
jKs9rIarIX71tTGc02NBwRJ+FmhLCm65cfdVY4/gJzLWSvc3yq3frg36nV1I34ep
G3Sl2RvCTnwbeLdOIaWGIMAI22wWCk9MkCaQO6dBHXfyje+CZNswY6ZT2sj4fuPF
UZipk2a/hv/QpwDDEmxcnkDgl8212QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOmY
i3A+M3Rfw6loa4YdYivWxzgcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQzJBQjcwMERCMzgxMUVGQTgxNEUwNzU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmt9MMA0GCSqGSIb3DQEB
CwUAA4IBAQBQ0bR1UXKA9MxsW3/GaMXoazn/kDNICco/byEdOVUS8BwB6a1G7tZ7
/N1phOm/JH+Zie1t0LhNpQ547OJvZJzLpHlSiUd1iZy759Z4wm5dPmGHjerQBMq8
ODoa4vxa42lpySJbLJGDsWOjk8cq3ciQjTAVvA5HORSr7Tyhsrytfr+uZ0sVRwms
MvcJ31oPXJ+G04uCckFJDFaffrgwUTtUzVgHk0XkYiYqevtSJO5HDsfeiz882nbd
1GzW8Qz2ywSiWF6gb3isZhz2Us/3IM0PpFdVgH/DNf0xKFQpRRixsSohVNySGH1Y
UjxjYWFpGgktNtahZat2Mrb9Bwf3hH78
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:42:41 2025 by rpki-client