Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CFC8E278DA2711EF9A951843762E951A.roa
File: CFC8E278DA2711EF9A951843762E951A.roa (raw, json)
Hash identifier: 6gbQeRbRbBm2ti4azSRulSWBWw0G0Vpl7VGsTPE0rpc=
Subject key identifier: 38:B3:1A:5C:77:4C:FB:BA:BB:88:4D:3E:48:E7:76:C9:8C:50:8E:92
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014432
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CFC8E278DA2711EF9A951843762E951A.roa
Signing time: Fri 24 Jan 2025 07:50:00 +0000
ROA not before: Fri 24 Jan 2025 07:49:56 +0000
ROA not after: Wed 05 Mar 2025 07:49:56 +0000
asID: 202656
IP address blocks: 154.222.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82994 (0x14432)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 24 07:49:56 2025 GMT
Not After : Mar 5 07:49:56 2025 GMT
Subject: CN=67934628-e5ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:74:a9:2b:ba:80:23:33:0b:04:c5:68:a1:9b:
42:f2:62:fc:a2:0c:da:95:38:47:5d:8d:4d:3d:02:
2e:78:d6:df:fd:76:86:af:b0:4b:70:bd:98:94:c2:
d6:82:bd:b0:1f:ee:ba:72:ec:5a:43:70:91:c1:47:
a0:3c:62:a4:16:85:84:8e:3b:ae:da:da:fd:9e:12:
70:6b:bc:8c:19:4d:d0:6e:11:7d:65:e4:1f:0c:b5:
84:c9:c2:fd:9b:7d:d4:d7:45:c0:1b:16:a5:20:a1:
91:3b:1a:bd:e6:b2:bc:6a:55:6e:7d:de:f0:d7:de:
5f:43:23:f7:28:d6:10:80:20:a0:8a:c5:81:76:7c:
37:3c:90:5d:ce:de:ac:9c:8e:84:e0:05:13:01:fb:
0c:61:f0:76:e2:92:a0:b4:d3:4b:52:00:19:52:47:
83:96:82:c7:62:ee:ee:0e:93:45:54:f1:3f:c5:bd:
a6:fd:e8:cb:ca:63:87:13:c7:7f:71:12:07:8c:ab:
26:d9:ad:e3:9b:a3:4e:b5:82:64:ca:ff:43:af:b5:
ad:a4:f7:ab:74:8e:11:da:25:91:d1:f3:bd:e0:b7:
e5:f5:18:66:d2:dc:64:5f:0e:14:b1:45:29:7a:26:
95:5b:ce:5a:5e:1f:b8:b3:d8:4f:94:23:bc:8f:4e:
0b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B3:1A:5C:77:4C:FB:BA:BB:88:4D:3E:48:E7:76:C9:8C:50:8E:92
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CFC8E278DA2711EF9A951843762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.199.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:67:b8:df:09:38:ef:24:99:eb:f5:a1:a7:57:0a:87:06:ce:
ce:4d:ba:bb:7d:93:62:46:d8:12:a2:4f:8b:05:89:4f:72:f9:
95:6c:73:4f:51:51:28:45:67:19:75:fb:8f:c1:a2:ea:58:9a:
42:02:f2:7a:73:8a:39:24:c0:be:1e:71:df:0b:9c:e7:82:9f:
6c:0b:86:f8:c3:0d:85:b5:36:05:6f:6b:c6:94:1d:f8:2c:0b:
69:cb:a4:33:ab:21:38:b0:a9:7f:24:ca:4b:a6:32:fd:7a:81:
64:69:62:48:20:54:6c:6f:e4:6e:92:ea:99:7b:12:6d:fc:27:
13:f4:80:0d:cd:4a:ba:b7:95:cc:e0:da:bb:2d:7e:d3:5c:8a:
7a:eb:c1:30:59:9b:c0:86:0f:cf:5a:3c:fb:45:3c:40:7e:86:
18:d4:21:7e:f8:7f:31:c6:82:97:69:2c:f7:2b:af:a2:da:dd:
42:f2:6e:5f:45:59:ce:b3:65:8f:4b:1f:42:24:40:54:0d:a4:
e5:ad:5f:3f:aa:f4:be:f8:ad:3a:9f:89:a7:8b:a6:2e:c1:08:
bc:57:60:4b:65:4c:c4:3f:fe:61:02:5c:14:91:2d:13:57:15:
c2:a9:bc:7e:7e:cc:37:47:c8:18:d0:b5:6b:aa:34:14:9b:8a:
70:35:05:61
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUQyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDc0OTU2WhcNMjUwMzA1MDc0OTU2WjAYMRYw
FAYDVQQDEw02NzkzNDYyOC1lNWVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAznSpK7qAIzMLBMVooZtC8mL8ogzalThHXY1NPQIueNbf/XaGr7BLcL2Y
lMLWgr2wH+66cuxaQ3CRwUegPGKkFoWEjjuu2tr9nhJwa7yMGU3QbhF9ZeQfDLWE
ycL9m33U10XAGxalIKGROxq95rK8alVufd7w195fQyP3KNYQgCCgisWBdnw3PJBd
zt6snI6E4AUTAfsMYfB24pKgtNNLUgAZUkeDloLHYu7uDpNFVPE/xb2m/ejLymOH
E8d/cRIHjKsm2a3jm6NOtYJkyv9Dr7WtpPerdI4R2iWR0fO94Lfl9Rhm0txkXw4U
sUUpeiaVW85aXh+4s9hPlCO8j04L2QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDiz
Glx3TPu6u4hNPkjndsmMUI6SMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRkM4RTI3OERBMjcxMUVGOUE5NTE4NDM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt7HMA0GCSqGSIb3DQEB
CwUAA4IBAQB9Z7jfCTjvJJnr9aGnVwqHBs7OTbq7fZNiRtgSok+LBYlPcvmVbHNP
UVEoRWcZdfuPwaLqWJpCAvJ6c4o5JMC+HnHfC5zngp9sC4b4ww2FtTYFb2vGlB34
LAtpy6QzqyE4sKl/JMpLpjL9eoFkaWJIIFRsb+RukuqZexJt/CcT9IANzUq6t5XM
4Nq7LX7TXIp668EwWZvAhg/PWjz7RTxAfoYY1CF++H8xxoKXaSz3K6+i2t1C8m5f
RVnOs2WPSx9CJEBUDaTlrV8/qvS++K06n4mni6YuwQi8V2BLZUzEP/5hAlwUkS0T
VxXCqbx+fsw3R8gY0LVrqjQUm4pwNQVh
-----END CERTIFICATE-----
Generated at Sun Apr 27 09:58:05 2025 by rpki-client