Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CC45E1C8DA6D11EFB3E36A9C762E951A.roa
File: CC45E1C8DA6D11EFB3E36A9C762E951A.roa (raw, json)
Hash identifier: bsRecsX/3u6ByVzmA1J4sPeYEAdBtlBrqO4Wd08DrU0=
Subject key identifier: A9:F1:3A:A2:59:00:90:83:5B:09:34:22:60:F2:06:25:25:20:9F:24
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0148DE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CC45E1C8DA6D11EFB3E36A9C762E951A.roa
Signing time: Fri 24 Jan 2025 16:10:58 +0000
ROA not before: Fri 24 Jan 2025 16:10:55 +0000
ROA not after: Mon 03 Mar 2025 16:10:55 +0000
asID: 203020
IP address blocks: 154.223.139.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84190 (0x148de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 16:10:55 2025 GMT
Not After : Mar 3 16:10:55 2025 GMT
Subject: CN=6793bb92-839a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:00:e9:79:49:af:27:9c:31:60:ec:e8:b5:40:
28:d9:94:18:6e:86:4c:14:d0:76:02:51:ce:31:d1:
05:6e:e0:68:82:38:36:b0:1e:81:d4:19:32:d8:e3:
01:87:51:f7:2e:8e:c4:b7:90:bd:09:9e:31:61:00:
1e:91:12:b3:0b:a1:2d:1c:a6:54:8b:be:c1:8b:ee:
6d:3c:44:29:80:1a:5b:9e:c9:65:56:b2:c1:63:2c:
dc:79:77:5a:36:16:07:e8:fa:6d:38:97:76:68:46:
06:05:fb:ca:40:e1:4d:2e:90:f5:db:dc:a0:65:c3:
a8:f7:4e:96:c7:f2:c2:85:fe:cf:1e:80:d1:c8:57:
9c:2f:06:4b:bd:40:36:19:80:16:7b:86:73:e0:e9:
a9:2d:66:5a:38:0d:4b:b3:50:57:ed:e8:2b:e6:72:
d3:d7:9d:ee:e5:1f:5f:e3:e5:0a:4a:1d:66:fe:37:
a4:e4:31:20:62:16:a6:ac:15:b2:7e:e6:04:fd:dc:
7d:40:20:9b:30:74:22:a2:75:14:32:d8:71:21:e6:
a2:8b:8c:2c:2a:32:c1:5d:ac:49:a0:8b:25:2c:46:
00:20:52:7b:f5:fd:17:aa:d4:ce:bf:67:39:2d:10:
5f:19:5c:40:50:fc:4a:00:b3:c1:c9:f8:de:07:16:
f3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:F1:3A:A2:59:00:90:83:5B:09:34:22:60:F2:06:25:25:20:9F:24
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CC45E1C8DA6D11EFB3E36A9C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.139.0/24
Signature Algorithm: sha256WithRSAEncryption
47:91:7e:ce:36:dc:5e:7a:24:2b:ce:b6:aa:5d:6c:63:be:db:
22:e9:e0:d8:18:e6:c8:64:eb:66:07:f9:87:20:01:96:7c:d3:
6a:57:bc:88:e3:57:61:51:3e:7b:f3:88:76:c2:91:76:66:63:
75:d6:82:de:50:49:44:65:2f:4f:2c:fb:4b:e2:a7:7a:72:3c:
00:5a:25:07:a8:e6:a6:e6:a2:ab:c0:c0:c4:99:bc:8b:08:c7:
a2:16:98:55:5f:a4:46:cd:10:bc:2a:3a:e9:6d:06:e6:ff:07:
43:82:e0:49:93:6e:7b:b8:15:76:2e:e1:ae:f1:ee:8d:7f:af:
c9:2b:32:d5:a2:e3:30:72:06:0b:2f:17:88:c5:cd:2b:d8:c3:
80:75:bf:f5:15:ae:3d:76:47:64:7e:09:78:2b:bc:d7:e1:2c:
67:8b:6c:8e:e5:01:56:71:27:84:2d:10:76:ed:7e:e5:28:0a:
91:79:85:b6:0b:ab:20:fe:97:84:17:0b:1c:55:f5:0a:8d:c5:
14:c9:d2:aa:3f:d3:20:3c:df:ab:d5:e5:fc:a8:ff:b3:6a:84:
70:cc:d4:b4:90:ac:49:b5:6b:93:1e:7a:db:c4:e6:7a:2d:93:
6a:5c:7f:34:21:d4:b3:47:b6:41:07:c8:8a:b1:40:ab:39:33:
2b:42:a3:af
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUjeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTYxMDU1WhcNMjUwMzAzMTYxMDU1WjAYMRYw
FAYDVQQDEw02NzkzYmI5Mi04MzlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuADpeUmvJ5wxYOzotUAo2ZQYboZMFNB2AlHOMdEFbuBogjg2sB6B1Bky
2OMBh1H3Lo7Et5C9CZ4xYQAekRKzC6EtHKZUi77Bi+5tPEQpgBpbnsllVrLBYyzc
eXdaNhYH6PptOJd2aEYGBfvKQOFNLpD129ygZcOo906Wx/LChf7PHoDRyFecLwZL
vUA2GYAWe4Zz4OmpLWZaOA1Ls1BX7egr5nLT153u5R9f4+UKSh1m/jek5DEgYham
rBWyfuYE/dx9QCCbMHQionUUMthxIeaii4wsKjLBXaxJoIslLEYAIFJ79f0XqtTO
v2c5LRBfGVxAUPxKALPByfjeBxbzjQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKnx
OqJZAJCDWwk0ImDyBiUlIJ8kMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQzQ1RTFDOERBNkQxMUVGQjNFMzZBOUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt+LMA0GCSqGSIb3DQEB
CwUAA4IBAQBHkX7ONtxeeiQrzraqXWxjvtsi6eDYGObIZOtmB/mHIAGWfNNqV7yI
41dhUT5784h2wpF2ZmN11oLeUElEZS9PLPtL4qd6cjwAWiUHqOam5qKrwMDEmbyL
CMeiFphVX6RGzRC8KjrpbQbm/wdDguBJk257uBV2LuGu8e6Nf6/JKzLVouMwcgYL
LxeIxc0r2MOAdb/1Fa49dkdkfgl4K7zX4Sxni2yO5QFWcSeELRB27X7lKAqReYW2
C6sg/peEFwscVfUKjcUUydKqP9MgPN+r1eX8qP+zaoRwzNS0kKxJtWuTHnrbxOZ6
LZNqXH80IdSzR7ZBB8iKsUCrOTMrQqOv
-----END CERTIFICATE-----
Generated at Sat Apr 26 01:09:06 2025 by rpki-client