Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A028320C91B11EF9E90D667762E951A.roa
File: 2A028320C91B11EF9E90D667762E951A.roa (raw, json)
Hash identifier: wrZxyJdkqv5oL6aV0s7ynMqHI98/QZY7BR476oTGamk=
Subject key identifier: 47:02:9C:B6:24:06:37:F8:93:40:FE:6E:27:41:75:CA:81:41:EA:05
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0132FB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A028320C91B11EF9E90D667762E951A.roa
Signing time: Thu 02 Jan 2025 15:06:38 +0000
ROA not before: Thu 02 Jan 2025 15:06:34 +0000
ROA not after: Mon 13 Dec 2027 15:06:34 +0000
asID: 17561
IP address blocks: 154.222.66.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78587 (0x132fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 15:06:34 2025 GMT
Not After : Dec 13 15:06:34 2027 GMT
Subject: CN=6776ab7e-936c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:3f:e7:69:53:c4:84:0e:4d:ce:15:36:f0:39:
04:6e:1a:29:4d:eb:e4:ae:9b:85:25:77:d2:e1:3b:
d1:00:5b:f0:76:98:ab:2d:03:e7:b7:86:61:32:aa:
db:2b:0f:54:6f:94:0f:f0:2a:5b:5a:9d:48:9b:67:
48:91:3e:b9:2e:9f:12:be:fb:6d:58:f6:4a:84:5c:
f1:da:84:07:18:d5:09:f0:df:99:09:2f:6e:56:08:
87:d7:95:0c:8b:b7:df:e3:8f:f7:f8:9e:11:23:fc:
89:a8:29:4d:9d:58:e5:8d:4b:de:9d:d2:76:88:ae:
5d:f7:a0:c0:1f:f1:1f:be:d8:12:f1:ea:d9:98:6e:
28:23:c1:07:e9:54:e2:d3:ad:3f:0b:47:00:15:3a:
d9:33:9c:11:b2:49:cf:07:16:0b:6d:1c:c5:f4:7e:
95:00:5a:43:83:bd:47:34:41:97:d1:29:65:bc:d5:
76:ea:2a:0b:90:74:41:7a:c2:b3:19:63:74:ea:60:
94:47:19:8d:49:4c:ac:81:79:80:c1:fa:c3:6f:28:
6c:15:23:ef:59:dd:60:44:73:d9:28:85:70:43:51:
5b:1f:ac:5a:f4:d0:29:38:51:6c:73:2f:80:2b:a8:
74:20:5c:ab:47:6e:93:af:04:c5:18:01:e4:67:12:
cd:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:02:9C:B6:24:06:37:F8:93:40:FE:6E:27:41:75:CA:81:41:EA:05
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A028320C91B11EF9E90D667762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.66.0/24
Signature Algorithm: sha256WithRSAEncryption
74:05:79:7a:81:1f:b3:91:f2:6a:fe:c9:57:22:15:a7:0e:92:
53:61:21:2a:95:7a:41:93:bc:e6:b3:fe:6e:3f:14:c6:66:de:
db:3d:14:3a:87:e1:11:1c:87:8e:42:bf:fe:6f:3d:57:ed:78:
4a:e9:29:51:d3:b0:be:ca:06:54:5b:96:31:e8:73:b3:d4:04:
35:54:67:17:d1:14:a0:51:20:46:ed:87:f5:86:f4:54:67:dd:
14:29:56:4f:eb:6a:06:9f:75:22:fd:cf:46:01:57:c9:f6:a1:
8b:ad:2b:c5:56:cc:95:47:f9:52:d6:dc:1c:68:e1:bf:dd:ae:
0a:52:de:b7:9d:2f:e7:7a:10:b6:ce:4e:94:be:40:91:06:d1:
2a:a1:fe:43:6e:92:d7:5b:18:a0:ef:72:59:75:26:df:e8:ba:
6c:52:36:1c:d5:6e:c5:d2:38:b8:6c:ae:63:96:a7:16:59:e3:
57:fd:97:d9:ff:6a:8b:60:9f:83:a7:75:ee:7e:83:22:25:1f:
47:b7:5e:32:a1:64:f5:b4:1c:8c:da:54:09:c9:a8:67:bd:ec:
0c:cf:68:48:ac:40:9e:ae:62:6b:b2:88:db:68:56:c0:8e:e9:
72:ab:6d:53:fa:ef:59:13:53:9c:48:7d:d8:66:5c:c9:7d:a3:
75:e6:45:8b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATL7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTUwNjM0WhcNMjcxMjEzMTUwNjM0WjAYMRYw
FAYDVQQDEw02Nzc2YWI3ZS05MzZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2z/naVPEhA5NzhU28DkEbhopTevkrpuFJXfS4TvRAFvwdpirLQPnt4Zh
MqrbKw9Ub5QP8CpbWp1Im2dIkT65Lp8SvvttWPZKhFzx2oQHGNUJ8N+ZCS9uVgiH
15UMi7ff44/3+J4RI/yJqClNnVjljUvendJ2iK5d96DAH/EfvtgS8erZmG4oI8EH
6VTi060/C0cAFTrZM5wRsknPBxYLbRzF9H6VAFpDg71HNEGX0SllvNV26ioLkHRB
esKzGWN06mCURxmNSUysgXmAwfrDbyhsFSPvWd1gRHPZKIVwQ1FbH6xa9NApOFFs
cy+AK6h0IFyrR26TrwTFGAHkZxLNmQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEcC
nLYkBjf4k0D+bidBdcqBQeoFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQTAyODMyMEM5MUIxMUVGOUU5MEQ2Njc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt5CMA0GCSqGSIb3DQEB
CwUAA4IBAQB0BXl6gR+zkfJq/slXIhWnDpJTYSEqlXpBk7zms/5uPxTGZt7bPRQ6
h+ERHIeOQr/+bz1X7XhK6SlR07C+ygZUW5Yx6HOz1AQ1VGcX0RSgUSBG7Yf1hvRU
Z90UKVZP62oGn3Ui/c9GAVfJ9qGLrSvFVsyVR/lS1twcaOG/3a4KUt63nS/nehC2
zk6UvkCRBtEqof5DbpLXWxig73JZdSbf6LpsUjYc1W7F0ji4bK5jlqcWWeNX/ZfZ
/2qLYJ+Dp3XufoMiJR9Ht14yoWT1tByM2lQJyahnvewMz2hIrECermJrsojbaFbA
julyq21T+u9ZE1OcSH3YZlzJfaN15kWL
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:55:15 2025 by rpki-client