Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29394152D57511EFAF05DBB6762E951A.roa
File: 29394152D57511EFAF05DBB6762E951A.roa (raw, json)
Hash identifier: ymf3sg4GfkjM4pwkKvH7sSuyCpdQa9K1hxto995zZzc=
Subject key identifier: 2C:85:B4:9B:FC:37:78:B0:1C:F3:D0:F1:BD:3E:C8:CA:4E:FD:17:A9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013DC0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29394152D57511EFAF05DBB6762E951A.roa
Signing time: Sat 18 Jan 2025 08:21:05 +0000
ROA not before: Sat 18 Jan 2025 08:21:01 +0000
ROA not after: Sat 22 Feb 2025 08:21:01 +0000
asID: 395886
IP address blocks: 154.89.144.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81344 (0x13dc0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 18 08:21:01 2025 GMT
Not After : Feb 22 08:21:01 2025 GMT
Subject: CN=678b6471-67d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5a:93:d3:73:86:bf:88:c1:6e:25:af:3b:83:
f8:89:ed:f2:4f:5b:d5:00:a6:0d:93:12:cf:a2:60:
17:96:38:ec:49:65:7b:87:e8:a7:9b:28:9f:90:64:
39:46:98:15:93:22:8b:b9:f5:2e:94:69:4f:65:e2:
2c:a1:51:a4:e4:8d:ee:5e:4f:cd:d3:01:11:34:77:
bd:c3:b4:3e:ea:a6:92:ce:79:e9:13:56:87:86:80:
c6:ac:ef:b8:8a:53:a5:db:11:45:79:16:23:69:d7:
76:35:cd:73:64:77:ac:1d:cd:01:d8:4d:f4:85:9d:
cb:c6:af:e1:3e:d7:27:76:62:7e:1b:f7:7f:93:ed:
75:d8:6e:d5:87:77:c3:05:0e:c7:de:91:cd:bd:44:
de:b0:10:67:4c:27:7c:d7:d7:44:7f:af:51:b0:87:
dd:a5:7f:50:35:03:76:0c:48:b1:71:6a:59:f0:93:
33:cb:22:71:00:31:8d:82:8d:0e:6c:ed:d8:0c:b4:
ae:da:1f:fa:20:ba:8c:15:3d:b3:22:99:8d:ff:7d:
aa:0c:10:15:61:5e:d4:10:14:92:ec:fc:72:81:c4:
12:e6:36:20:b1:5f:7c:06:8f:db:16:3a:28:9a:de:
09:83:3a:09:e8:ad:e4:2d:39:70:47:29:9a:d5:75:
12:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:85:B4:9B:FC:37:78:B0:1C:F3:D0:F1:BD:3E:C8:CA:4E:FD:17:A9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29394152D57511EFAF05DBB6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.144.0/20
Signature Algorithm: sha256WithRSAEncryption
40:a0:cf:16:1f:23:cb:89:75:5d:1c:c9:4b:28:77:82:e5:d5:
e7:0f:b6:1c:f3:a0:ad:c7:ed:17:69:c4:f7:9e:62:b4:ba:0e:
0f:62:01:9e:d5:77:92:1c:3f:20:55:90:83:af:08:8b:17:3c:
c4:aa:22:2a:7e:31:a3:df:9f:9b:23:61:1b:20:53:45:ee:a0:
a9:39:f3:e8:59:d4:6d:75:48:5b:cd:59:a4:a8:4b:76:b4:7f:
fa:a1:7b:be:35:b8:a2:78:28:9b:ae:a1:12:a5:37:f5:55:f9:
86:69:83:35:d4:0a:b8:94:a2:77:f4:6b:49:e5:2e:cb:0e:32:
58:70:f0:b4:d9:9a:4c:5e:19:8b:aa:93:46:87:42:a2:70:eb:
e8:3f:d4:74:04:35:fb:3e:01:ce:dd:e7:31:70:00:f7:41:0b:
75:e1:69:76:0c:bb:e6:f3:ed:a3:84:74:b5:35:db:13:7a:6d:
b0:a0:93:58:25:c1:0c:a2:42:45:38:07:cf:66:2c:27:09:cb:
68:1c:f3:a3:6d:85:40:d8:99:24:08:e1:2c:7c:5c:bf:71:52:
d8:31:7f:a7:af:c7:ef:31:a2:bd:fa:2f:c3:78:d4:0c:93:42:
f3:45:21:03:ea:b6:22:7a:a7:c3:54:2a:bb:6b:ce:83:cb:c9:
a4:87:d4:c6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT3AMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE4MDgyMTAxWhcNMjUwMjIyMDgyMTAxWjAYMRYw
FAYDVQQDEw02NzhiNjQ3MS02N2Q2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqlqT03OGv4jBbiWvO4P4ie3yT1vVAKYNkxLPomAXljjsSWV7h+inmyif
kGQ5RpgVkyKLufUulGlPZeIsoVGk5I3uXk/N0wERNHe9w7Q+6qaSznnpE1aHhoDG
rO+4ilOl2xFFeRYjadd2Nc1zZHesHc0B2E30hZ3Lxq/hPtcndmJ+G/d/k+112G7V
h3fDBQ7H3pHNvUTesBBnTCd819dEf69RsIfdpX9QNQN2DEixcWpZ8JMzyyJxADGN
go0ObO3YDLSu2h/6ILqMFT2zIpmN/32qDBAVYV7UEBSS7PxygcQS5jYgsV98Bo/b
Fjoomt4JgzoJ6K3kLTlwRyma1XUSvwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCyF
tJv8N3iwHPPQ8b0+yMpO/RepMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOTM5NDE1MkQ1NzUxMUVGQUYwNURCQjY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmlmQMA0GCSqGSIb3DQEB
CwUAA4IBAQBAoM8WHyPLiXVdHMlLKHeC5dXnD7Yc86Ctx+0XacT3nmK0ug4PYgGe
1XeSHD8gVZCDrwiLFzzEqiIqfjGj35+bI2EbIFNF7qCpOfPoWdRtdUhbzVmkqEt2
tH/6oXu+NbiieCibrqESpTf1VfmGaYM11Aq4lKJ39GtJ5S7LDjJYcPC02ZpMXhmL
qpNGh0KicOvoP9R0BDX7PgHO3ecxcAD3QQt14Wl2DLvm8+2jhHS1NdsTem2woJNY
JcEMokJFOAfPZiwnCctoHPOjbYVA2JkkCOEsfFy/cVLYMX+nr8fvMaK9+i/DeNQM
k0LzRSED6rYieqfDVCq7a86Dy8mkh9TG
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:40:04 2025 by rpki-client