Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FC5FEFC8D97511EF8988B493762E951A.roa
File: FC5FEFC8D97511EF8988B493762E951A.roa (raw, json)
Hash identifier: kZTjHLIdXe15MBv3bRwgk/8/FcvIysFH8A1CrlYD0ic=
Subject key identifier: 47:E3:62:1B:A4:34:9C:1B:8E:E9:48:1E:56:BF:97:5F:B1:92:14:69
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014138
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FC5FEFC8D97511EF8988B493762E951A.roa
Signing time: Thu 23 Jan 2025 10:37:04 +0000
ROA not before: Thu 23 Jan 2025 10:37:00 +0000
ROA not after: Fri 28 Feb 2025 10:37:00 +0000
asID: 62240
IP address blocks: 154.195.130.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82232 (0x14138)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 23 10:37:00 2025 GMT
Not After : Feb 28 10:37:00 2025 GMT
Subject: CN=67921bd0-88c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:6c:0d:2a:36:1e:92:22:a9:4c:74:15:fd:bc:
2e:6e:68:89:0c:d9:bd:ac:18:2f:ef:d7:b8:61:c1:
53:e0:98:ee:c6:d6:0a:a7:2e:57:93:39:91:66:fc:
dd:44:7f:8b:37:a2:2c:eb:0f:04:34:6a:cd:c8:57:
50:96:90:15:a4:ad:45:8a:5c:5d:85:b6:10:35:04:
92:ca:b1:ab:8b:8b:06:3a:bf:cf:21:5d:78:7a:de:
60:9e:11:87:57:ee:81:27:7a:10:0c:a4:c4:9e:58:
a3:6d:18:b5:c3:83:d8:8d:7c:9c:aa:54:61:2c:92:
ce:59:85:1e:e4:da:fe:e6:95:ac:cb:dc:3c:78:b7:
d0:24:72:4c:0a:eb:7a:6d:2c:a6:7c:39:8e:42:b4:
97:9a:bf:78:ea:cf:58:3e:2f:12:ce:90:a1:f3:45:
e3:2f:82:11:69:42:2e:fc:17:ae:63:c3:b7:fb:14:
bb:6a:11:5e:4a:07:cc:ef:93:db:38:71:f0:c5:b0:
c2:02:66:8d:e5:6f:a8:d3:77:5f:e5:1b:55:21:34:
cf:86:0a:e0:a9:bc:66:0f:f5:fa:e2:fb:20:63:57:
06:3f:01:18:6b:97:ff:44:6a:df:5b:7c:1e:fb:fe:
c5:62:7a:07:81:66:90:97:b8:48:5f:14:14:73:12:
96:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:E3:62:1B:A4:34:9C:1B:8E:E9:48:1E:56:BF:97:5F:B1:92:14:69
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FC5FEFC8D97511EF8988B493762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.130.0/24
Signature Algorithm: sha256WithRSAEncryption
67:35:68:dd:b6:ed:59:6c:43:b6:3e:a2:4a:cd:4c:05:fa:83:
dd:25:db:3c:8b:b0:cd:55:5e:0b:87:ea:2b:8f:22:b9:1d:12:
aa:98:e1:ef:a8:2f:d7:28:ad:33:ca:49:40:e3:4f:e6:6b:bd:
89:ec:e9:e7:e9:3b:3d:8a:35:14:d2:8c:97:25:60:ba:b5:7b:
8a:51:c7:c4:19:36:b5:19:97:b2:c4:bb:08:18:a6:d2:b1:3e:
6b:e8:1d:e4:a3:9b:22:27:c1:95:d8:65:16:06:21:5a:96:18:
26:a3:e4:01:4f:c8:8c:21:cf:71:68:cd:aa:0d:47:c3:f0:52:
8b:6e:c8:91:89:46:0f:9c:b0:f3:f1:ca:5b:94:37:f3:d4:09:
ad:75:54:60:61:64:cf:40:6f:6e:85:bf:60:a1:1b:c2:e2:9f:
86:6f:43:11:23:ce:ad:c1:4a:6c:7e:48:1d:21:45:71:ed:cc:
8b:88:9d:f3:66:eb:16:38:c0:1d:2c:c9:30:f7:12:a4:5d:12:
4d:88:7f:35:1a:75:7c:a7:7e:65:40:c2:23:cc:1d:d8:fb:82:
52:57:09:a0:bb:2b:4e:e4:c2:69:8d:0d:4f:8e:00:62:d5:5f:
86:98:13:25:0d:03:ab:c9:31:e9:d8:af:cf:3d:11:60:1e:bb:
8c:2c:85:96
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUE4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMTAzNzAwWhcNMjUwMjI4MTAzNzAwWjAYMRYw
FAYDVQQDEw02NzkyMWJkMC04OGM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0GwNKjYekiKpTHQV/bwubmiJDNm9rBgv79e4YcFT4JjuxtYKpy5XkzmR
ZvzdRH+LN6Is6w8ENGrNyFdQlpAVpK1FilxdhbYQNQSSyrGri4sGOr/PIV14et5g
nhGHV+6BJ3oQDKTEnlijbRi1w4PYjXycqlRhLJLOWYUe5Nr+5pWsy9w8eLfQJHJM
Cut6bSymfDmOQrSXmr946s9YPi8SzpCh80XjL4IRaUIu/BeuY8O3+xS7ahFeSgfM
75PbOHHwxbDCAmaN5W+o03df5RtVITTPhgrgqbxmD/X64vsgY1cGPwEYa5f/RGrf
W3we+/7FYnoHgWaQl7hIXxQUcxKWtwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEfj
YhukNJwbjulIHla/l1+xkhRpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQzVGRUZDOEQ5NzUxMUVGODk4OEI0OTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsOCMA0GCSqGSIb3DQEB
CwUAA4IBAQBnNWjdtu1ZbEO2PqJKzUwF+oPdJds8i7DNVV4Lh+orjyK5HRKqmOHv
qC/XKK0zyklA40/ma72J7Onn6Ts9ijUU0oyXJWC6tXuKUcfEGTa1GZeyxLsIGKbS
sT5r6B3ko5siJ8GV2GUWBiFalhgmo+QBT8iMIc9xaM2qDUfD8FKLbsiRiUYPnLDz
8cpblDfz1AmtdVRgYWTPQG9uhb9goRvC4p+Gb0MRI86twUpsfkgdIUVx7cyLiJ3z
ZusWOMAdLMkw9xKkXRJNiH81GnV8p35lQMIjzB3Y+4JSVwmguytO5MJpjQ1PjgBi
1V+GmBMlDQOryTHp2K/PPRFgHruMLIWW
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:22:46 2025 by rpki-client