Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B37DC592DBEF11EF80D8294C762E951A.roa
File: B37DC592DBEF11EF80D8294C762E951A.roa (raw, json)
Hash identifier: Kj5aMjfeIFJr7TlJ9963J0wgKfbVUuLLd4ofWQ2hhnw=
Subject key identifier: B6:B1:65:9A:67:C6:D9:AF:9D:16:70:A8:C2:64:9D:B0:52:05:B7:5B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014ABC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B37DC592DBEF11EF80D8294C762E951A.roa
Signing time: Sun 26 Jan 2025 14:13:23 +0000
ROA not before: Sun 26 Jan 2025 14:13:12 +0000
ROA not after: Fri 21 Mar 2025 14:13:12 +0000
asID: 138915
IP address blocks: 154.93.40.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84668 (0x14abc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 26 14:13:12 2025 GMT
Not After : Mar 21 14:13:12 2025 GMT
Subject: CN=67964303-4f3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4f:bf:d6:37:5b:ec:73:94:c1:d0:1b:68:2d:
f5:4e:7d:f3:76:9d:a3:ed:1f:ba:74:8e:4c:c5:4f:
0d:da:60:8c:2b:01:92:20:00:f0:54:c0:e5:d8:f0:
af:f4:5c:0d:ab:0f:48:16:8b:49:ac:30:02:c9:cc:
20:88:77:db:cf:3a:65:68:9f:d4:ac:3e:34:c0:e6:
ce:50:99:49:1a:17:20:31:ac:2f:fd:e3:59:13:f9:
69:65:77:68:1c:c1:93:88:f2:9f:00:29:bf:eb:5e:
6f:bf:ca:2c:29:0e:64:5e:29:12:a7:0e:ed:07:60:
86:7b:f2:fc:40:8a:ea:78:8d:07:6a:38:d0:21:49:
55:fb:50:14:8c:d4:f9:2b:df:9a:02:90:51:fa:3a:
9f:b1:9f:35:3a:84:c4:d7:5b:2e:2c:cb:8a:69:70:
63:be:0b:dc:a5:fe:da:31:85:b4:fd:fd:ca:f3:67:
99:3e:ac:74:6c:ca:27:cf:20:ef:59:58:3a:22:27:
2f:e8:3c:94:93:86:c5:bf:e8:3e:db:54:6e:65:6d:
e4:ae:60:4c:b7:5e:81:bb:c8:03:7a:ae:4d:cc:dc:
59:f1:df:db:f7:df:67:42:fd:c8:3c:f9:9e:9d:c8:
4f:d4:c9:b5:29:68:33:41:dd:12:ef:aa:9d:bf:53:
23:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:B1:65:9A:67:C6:D9:AF:9D:16:70:A8:C2:64:9D:B0:52:05:B7:5B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B37DC592DBEF11EF80D8294C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.40.0/23
Signature Algorithm: sha256WithRSAEncryption
90:f3:af:58:55:64:2f:94:13:6c:71:2d:5a:09:15:8b:cf:01:
82:19:1c:18:30:ea:4f:7c:0c:5b:bf:5e:bd:62:af:df:39:a2:
eb:47:1a:38:f4:f8:07:27:be:fa:08:b1:a5:68:1c:df:3b:df:
e9:84:bb:58:b9:03:23:b6:dc:26:a8:8b:ab:23:72:35:5a:06:
ef:9d:0a:ee:30:30:63:0c:d6:8b:6f:2e:1d:86:82:08:76:2a:
01:55:71:b6:bf:c8:ed:49:a4:6c:23:00:59:5b:b4:52:4e:a9:
72:e8:5b:30:a8:ca:c8:01:5d:8e:54:b5:7a:56:fb:1a:ed:7c:
87:73:0c:26:df:7c:6e:8e:4e:39:ab:f3:04:ea:f8:fa:1b:79:
9c:ed:f8:97:14:63:75:6a:28:f6:b5:2f:66:d5:07:5e:79:24:
c1:06:3a:79:36:17:fe:ff:3e:17:fd:19:fe:5d:cd:1d:2e:8f:
a2:b2:c2:f8:fd:0c:d2:78:18:24:e7:c5:41:fb:86:92:f5:0c:
8d:b3:0d:e9:9c:5d:13:c4:79:4d:4a:05:46:fb:82:3e:7c:b6:
a6:e4:e4:19:84:53:47:a5:24:1d:34:7e:81:e8:32:64:4d:06:
4a:28:a9:e6:e1:bc:e8:0f:02:5d:d4:60:45:83:5f:79:f8:ff:
fa:f4:98:f6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUq8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI2MTQxMzEyWhcNMjUwMzIxMTQxMzEyWjAYMRYw
FAYDVQQDEw02Nzk2NDMwMy00ZjNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx0+/1jdb7HOUwdAbaC31Tn3zdp2j7R+6dI5MxU8N2mCMKwGSIADwVMDl
2PCv9FwNqw9IFotJrDACycwgiHfbzzplaJ/UrD40wObOUJlJGhcgMawv/eNZE/lp
ZXdoHMGTiPKfACm/615vv8osKQ5kXikSpw7tB2CGe/L8QIrqeI0HajjQIUlV+1AU
jNT5K9+aApBR+jqfsZ81OoTE11suLMuKaXBjvgvcpf7aMYW0/f3K82eZPqx0bMon
zyDvWVg6Iicv6DyUk4bFv+g+21RuZW3krmBMt16Bu8gDeq5NzNxZ8d/b999nQv3I
PPmenchP1Mm1KWgzQd0S76qdv1MjcwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLax
ZZpnxtmvnRZwqMJknbBSBbdbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMzdEQzU5MkRCRUYxMUVGODBEODI5NEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBml0oMA0GCSqGSIb3DQEB
CwUAA4IBAQCQ869YVWQvlBNscS1aCRWLzwGCGRwYMOpPfAxbv169Yq/fOaLrRxo4
9PgHJ776CLGlaBzfO9/phLtYuQMjttwmqIurI3I1WgbvnQruMDBjDNaLby4dhoII
dioBVXG2v8jtSaRsIwBZW7RSTqly6FswqMrIAV2OVLV6Vvsa7XyHcwwm33xujk45
q/ME6vj6G3mc7fiXFGN1aij2tS9m1QdeeSTBBjp5Nhf+/z4X/Rn+Xc0dLo+issL4
/QzSeBgk58VB+4aS9QyNsw3pnF0TxHlNSgVG+4I+fLam5OQZhFNHpSQdNH6B6DJk
TQZKKKnm4bzoDwJd1GBFg195+P/69Jj2
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:05:53 2025 by rpki-client