Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD65027EDA5811EFA47BB58E762E951A.roa
File: CD65027EDA5811EFA47BB58E762E951A.roa (raw, json)
Hash identifier: 0QaqgvGOMCTDGBMlccy+Aie5cCRKj24q/adzStGLfD4=
Subject key identifier: BD:27:07:FB:10:82:84:53:83:B2:19:C5:F3:8E:19:A1:AF:83:F0:44
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01479B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD65027EDA5811EFA47BB58E762E951A.roa
Signing time: Fri 24 Jan 2025 13:40:41 +0000
ROA not before: Fri 24 Jan 2025 13:40:37 +0000
ROA not after: Wed 05 Mar 2025 13:40:37 +0000
asID: 48031
IP address blocks: 154.218.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83867 (0x1479b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 13:40:37 2025 GMT
Not After : Mar 5 13:40:37 2025 GMT
Subject: CN=67939859-f75e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b0:c4:e4:16:b9:15:ef:ef:4e:74:9d:2b:0e:
92:13:00:95:80:7d:a0:da:f7:63:af:d7:d9:de:f7:
ca:56:81:71:64:54:79:39:9e:6f:b4:eb:17:16:4c:
ed:a5:2d:be:84:79:1f:44:56:10:e8:f8:fd:7d:2f:
ab:9d:db:d7:30:4d:2e:f3:3b:d9:fa:da:e5:a4:06:
c9:43:e8:d3:99:66:6c:8b:8e:ad:c4:2d:ef:e7:21:
cc:9f:6a:da:58:9e:d4:1b:eb:79:dc:a8:36:3b:ea:
18:c7:e4:83:83:fa:62:1c:22:76:61:38:6e:9e:93:
e9:77:bb:b5:0f:61:d5:e6:ef:21:e1:02:d1:6e:27:
b6:d6:98:eb:f6:77:06:a2:a5:2d:ed:3c:d6:64:4f:
1c:b2:c5:9d:88:6e:73:1e:53:cc:50:61:74:e7:de:
79:ff:77:b2:6a:5b:e5:f1:5d:21:ea:e1:b9:98:2e:
59:d2:a4:d1:28:20:f7:53:32:51:e5:14:02:82:e4:
6a:71:bb:9c:93:60:47:ec:95:fa:06:1d:2d:3e:34:
90:13:da:aa:55:99:d4:ed:d7:d5:66:a0:ec:78:56:
79:9f:c6:77:30:ab:56:0d:30:10:0a:a9:8d:c6:44:
c5:eb:c1:00:52:e6:a8:52:b2:a3:a3:04:63:c2:c3:
21:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:27:07:FB:10:82:84:53:83:B2:19:C5:F3:8E:19:A1:AF:83:F0:44
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD65027EDA5811EFA47BB58E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.20.0/24
Signature Algorithm: sha256WithRSAEncryption
83:19:ff:13:01:af:93:43:1f:37:a2:45:e7:af:39:56:5c:e2:
78:9b:20:ed:a5:59:e9:df:a8:9e:9e:d7:88:d9:77:aa:20:81:
49:87:19:84:72:cc:c6:7e:5e:ee:6c:97:15:7f:51:11:24:ee:
41:bb:32:69:fa:05:c7:34:f3:af:d6:20:48:de:eb:be:94:7b:
71:c4:68:eb:4d:88:cc:52:a1:f1:51:7c:28:8b:0d:79:1f:f2:
78:69:16:e5:59:bd:c6:7d:96:c2:d7:2f:76:f1:5a:90:c7:ac:
cb:13:0a:e8:79:20:bd:70:2c:55:1c:3c:3e:7e:1f:41:fb:61:
c0:50:ab:ac:f9:6e:5e:54:ef:41:3e:0b:60:a1:70:a8:3c:f7:
55:a5:81:2c:49:f9:a6:d8:3f:f2:db:4d:fc:fd:91:6c:9a:5b:
e5:02:85:a6:fa:1a:e9:d3:53:77:f0:70:57:f4:cf:45:02:11:
84:d2:60:4a:78:29:80:72:0f:38:be:5e:56:58:66:4b:b1:73:
5a:86:aa:16:b6:61:39:57:77:59:37:7a:c3:2c:fb:ed:02:85:
6c:68:7c:3d:d8:75:ca:3e:5b:dd:1b:a0:84:60:9d:a0:cf:56:
f9:4d:61:8b:cd:b3:5e:8d:dc:be:f7:7c:4a:74:55:b7:5d:1a:
48:c4:af:0f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUebMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MTM0MDM3WhcNMjUwMzA1MTM0MDM3WjAYMRYw
FAYDVQQDEw02NzkzOTg1OS1mNzVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArrDE5Ba5Fe/vTnSdKw6SEwCVgH2g2vdjr9fZ3vfKVoFxZFR5OZ5vtOsX
FkztpS2+hHkfRFYQ6Pj9fS+rndvXME0u8zvZ+trlpAbJQ+jTmWZsi46txC3v5yHM
n2raWJ7UG+t53Kg2O+oYx+SDg/piHCJ2YThunpPpd7u1D2HV5u8h4QLRbie21pjr
9ncGoqUt7TzWZE8cssWdiG5zHlPMUGF05955/3eyalvl8V0h6uG5mC5Z0qTRKCD3
UzJR5RQCguRqcbuck2BH7JX6Bh0tPjSQE9qqVZnU7dfVZqDseFZ5n8Z3MKtWDTAQ
CqmNxkTF68EAUuaoUrKjowRjwsMhwwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL0n
B/sQgoRTg7IZxfOOGaGvg/BEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRDY1MDI3RURBNTgxMUVGQTQ3QkI1OEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtoUMA0GCSqGSIb3DQEB
CwUAA4IBAQCDGf8TAa+TQx83okXnrzlWXOJ4myDtpVnp36ienteI2XeqIIFJhxmE
cszGfl7ubJcVf1ERJO5BuzJp+gXHNPOv1iBI3uu+lHtxxGjrTYjMUqHxUXwoiw15
H/J4aRblWb3GfZbC1y928VqQx6zLEwroeSC9cCxVHDw+fh9B+2HAUKus+W5eVO9B
PgtgoXCoPPdVpYEsSfmm2D/y2038/ZFsmlvlAoWm+hrp01N38HBX9M9FAhGE0mBK
eCmAcg84vl5WWGZLsXNahqoWtmE5V3dZN3rDLPvtAoVsaHw92HXKPlvdG6CEYJ2g
z1b5TWGLzbNejdy+93xKdFW3XRpIxK8P
-----END CERTIFICATE-----
Generated at Sat Apr 26 02:10:56 2025 by rpki-client