Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF34C64AD7C711EFB195FA6D762E951A.roa
File: CF34C64AD7C711EFB195FA6D762E951A.roa (raw, json)
Hash identifier: nNXzxAIB1z4lj67LepItfQWAKJVyvGNl+yBqWVjdZZ0=
Subject key identifier: 60:3F:36:13:EB:F7:24:AB:02:59:AD:9B:C5:6A:BE:94:D8:8F:20:E0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013E6B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF34C64AD7C711EFB195FA6D762E951A.roa
Signing time: Tue 21 Jan 2025 07:17:45 +0000
ROA not before: Tue 21 Jan 2025 07:17:41 +0000
ROA not after: Tue 25 Feb 2025 07:17:41 +0000
asID: 202656
IP address blocks: 154.200.227.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81515 (0x13e6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 21 07:17:41 2025 GMT
Not After : Feb 25 07:17:41 2025 GMT
Subject: CN=678f4a19-2651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:bf:ff:d0:ac:32:03:8e:40:f2:52:a4:cd:3b:
b8:fc:c8:a5:d9:f2:18:36:8b:5a:dd:54:80:c8:3f:
9a:6c:0b:a3:87:73:fc:f6:ae:54:5e:c2:31:a8:e9:
cf:3e:9f:7f:69:3b:f8:e6:12:2e:ea:b8:90:2d:e1:
26:0c:ba:ae:99:d3:79:54:a9:46:3a:5c:e7:49:d1:
1e:d7:b8:da:31:ca:10:cf:ad:a3:1d:48:df:c2:ba:
9e:e7:a6:6f:6d:90:6b:0b:54:c6:89:ab:f9:dc:cd:
34:90:d6:e5:48:cc:f9:61:b5:14:e8:2d:25:eb:9a:
c8:f8:a2:5f:85:de:78:f9:35:4d:b7:f0:6d:f7:a4:
39:27:ae:6e:0d:8b:2e:8b:04:7d:cf:bc:64:36:05:
9b:1e:ff:fb:42:f8:ff:3b:38:70:3b:a3:37:12:de:
e4:20:32:fa:40:5b:09:3d:ef:5a:85:e4:a6:49:be:
d5:1f:a4:98:5d:f3:e7:b9:66:9e:d9:04:4d:cd:fb:
89:7b:05:e7:fd:5b:7d:d3:f4:3c:34:78:8c:be:6a:
01:78:65:1c:47:06:28:3e:95:2c:fe:10:1e:de:00:
2a:73:01:9b:6e:cd:ac:ba:25:73:8b:ec:eb:8f:79:
38:a9:01:5c:96:ea:44:18:8d:91:e8:31:1c:f2:af:
a2:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:3F:36:13:EB:F7:24:AB:02:59:AD:9B:C5:6A:BE:94:D8:8F:20:E0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF34C64AD7C711EFB195FA6D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.227.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:83:2e:06:4c:62:c1:a1:80:59:5e:33:69:10:84:09:84:2f:
99:9e:3c:44:5d:f3:1f:f8:ea:3a:3d:f7:12:45:1f:7f:b8:61:
f7:9d:14:fd:0c:d3:c8:1d:60:ff:d0:97:b2:73:c4:f2:15:92:
9b:cf:c2:7b:6f:25:8a:a4:d7:5a:1e:a7:3a:a9:b2:1c:1a:95:
f5:99:0b:f3:e1:c4:99:dd:86:99:35:16:3e:47:66:87:e7:02:
81:4d:0c:d8:a1:34:cb:4f:74:84:f4:0b:68:c5:d1:52:28:5d:
29:38:d1:fc:db:43:c2:02:8f:d4:d4:1a:3b:ab:81:e0:56:7e:
f5:04:ce:cd:3b:e5:99:2d:ea:58:b2:bf:76:4b:03:2a:88:2f:
f6:84:1c:30:48:8f:59:0f:1b:65:96:aa:9d:5e:7c:77:31:6a:
5a:fa:fb:2a:49:a8:e2:63:f2:41:3a:31:98:ec:df:f1:b7:9e:
6e:5d:fe:3f:29:2d:80:d5:01:42:fd:f4:70:4e:20:0a:13:85:
2c:d1:fa:30:98:85:ac:aa:39:0a:4c:80:20:e6:e6:a3:6e:c3:
75:a8:6e:4c:98:d6:c5:17:7f:df:f8:61:71:ee:21:ba:7c:97:
2f:3d:ac:d0:c7:a9:57:7c:42:63:e4:f7:21:42:e4:2f:eb:17:
5d:60:73:bc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT5rMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIxMDcxNzQxWhcNMjUwMjI1MDcxNzQxWjAYMRYw
FAYDVQQDEw02NzhmNGExOS0yNjUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmb//0KwyA45A8lKkzTu4/Mil2fIYNota3VSAyD+abAujh3P89q5UXsIx
qOnPPp9/aTv45hIu6riQLeEmDLqumdN5VKlGOlznSdEe17jaMcoQz62jHUjfwrqe
56ZvbZBrC1TGiav53M00kNblSMz5YbUU6C0l65rI+KJfhd54+TVNt/Bt96Q5J65u
DYsuiwR9z7xkNgWbHv/7Qvj/OzhwO6M3Et7kIDL6QFsJPe9aheSmSb7VH6SYXfPn
uWae2QRNzfuJewXn/Vt90/Q8NHiMvmoBeGUcRwYoPpUs/hAe3gAqcwGbbs2suiVz
i+zrj3k4qQFclupEGI2R6DEc8q+iOwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGA/
NhPr9ySrAlmtm8VqvpTYjyDgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRjM0QzY0QUQ3QzcxMUVGQjE5NUZBNkQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsjjMA0GCSqGSIb3DQEB
CwUAA4IBAQAsgy4GTGLBoYBZXjNpEIQJhC+ZnjxEXfMf+Oo6PfcSRR9/uGH3nRT9
DNPIHWD/0Jeyc8TyFZKbz8J7byWKpNdaHqc6qbIcGpX1mQvz4cSZ3YaZNRY+R2aH
5wKBTQzYoTTLT3SE9AtoxdFSKF0pONH820PCAo/U1Bo7q4HgVn71BM7NO+WZLepY
sr92SwMqiC/2hBwwSI9ZDxtllqqdXnx3MWpa+vsqSajiY/JBOjGY7N/xt55uXf4/
KS2A1QFC/fRwTiAKE4Us0fowmIWsqjkKTIAg5uajbsN1qG5MmNbFF3/f+GFx7iG6
fJcvPazQx6lXfEJj5PchQuQv6xddYHO8
-----END CERTIFICATE-----
Generated at Sun Apr 27 07:29:32 2025 by rpki-client