Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B4FCDEEEC1CD11EF9D5EAF73762E951A.roa
File: B4FCDEEEC1CD11EF9D5EAF73762E951A.roa (raw, json)
Hash identifier: aICg1iMqTTpG/V21tDflTmT0+vLDMCgzpKzkI8LXO34=
Subject key identifier: AB:F4:F0:AF:7D:AE:12:8B:85:FA:B2:20:5D:DB:8E:21:64:0C:08:C8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01227B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B4FCDEEEC1CD11EF9D5EAF73762E951A.roa
Signing time: Tue 24 Dec 2024 08:04:32 +0000
ROA not before: Tue 24 Dec 2024 08:04:28 +0000
ROA not after: Wed 10 Dec 2025 08:04:28 +0000
asID: 984
IP address blocks: 154.193.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74363 (0x1227b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 08:04:28 2024 GMT
Not After : Dec 10 08:04:28 2025 GMT
Subject: CN=676a6b10-3e66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8b:c0:55:2b:2a:44:6e:32:d4:9a:94:4e:43:
1d:b7:6f:e0:2c:42:1a:74:ad:ee:d9:0b:2d:23:b8:
d3:fb:d8:56:aa:75:aa:49:80:aa:c9:a2:2e:bd:f6:
ff:62:e7:20:37:0d:a7:41:90:c3:b7:9a:1e:4f:4b:
17:3f:e5:9c:c7:5f:78:6d:d4:59:dd:bb:bc:01:93:
83:99:ff:bf:d0:f6:12:23:2a:aa:e5:50:79:c9:ec:
c6:66:52:4f:9d:77:00:b7:fa:c3:70:24:3f:78:b2:
ef:2a:b2:c9:1f:51:1a:68:39:61:76:7b:94:bb:fa:
c2:b6:88:03:c9:d2:a3:2c:b5:f9:ba:0c:da:6a:fb:
67:ca:ab:6b:4c:e5:a2:1f:c8:1a:74:65:21:64:f3:
64:e3:00:2b:21:92:0a:0f:99:2e:d3:42:54:76:4c:
8b:02:d5:7d:ca:95:34:b5:75:1f:f0:32:be:d5:72:
c5:33:46:60:12:1d:38:58:10:00:7b:ed:63:fd:2b:
f1:7f:10:f8:6a:e2:df:f0:d8:35:26:42:52:46:f7:
95:9e:85:18:5c:10:23:3d:e9:1f:a5:20:84:ac:a8:
c7:27:2e:04:74:a0:02:5d:a1:49:29:38:00:4e:d2:
a2:83:8d:6e:ee:6d:05:de:7e:eb:4c:1f:f4:60:f8:
f7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:F4:F0:AF:7D:AE:12:8B:85:FA:B2:20:5D:DB:8E:21:64:0C:08:C8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B4FCDEEEC1CD11EF9D5EAF73762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.221.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:b7:b3:8e:0b:d3:56:76:ac:8d:43:15:e0:bb:f2:d5:c6:91:
ad:fb:9d:81:b2:88:ed:7a:24:a6:80:a5:6e:75:24:dc:09:40:
48:97:4e:93:de:12:34:c3:11:44:10:7c:5e:80:55:c3:93:c7:
8e:ee:f6:e0:58:9a:75:bd:61:39:58:27:13:c6:f7:5b:b8:be:
b0:39:27:43:7a:11:f7:29:8f:cf:7b:20:2b:8f:b3:82:e2:6d:
40:94:1f:7d:3c:c9:cc:15:a9:3a:ad:c1:3b:d3:d5:30:91:5c:
fb:4c:43:10:f3:39:fd:29:b7:b5:db:7e:cb:a4:35:be:6b:f0:
5b:1c:02:de:5c:26:b8:b7:b8:13:c0:53:ea:8d:6e:a1:15:40:
51:12:c1:f0:cb:1d:cd:2a:a0:4b:36:a1:f6:f5:0d:d1:97:38:
d7:52:bb:15:9e:1f:16:ff:6d:82:51:82:5c:1e:8d:cd:81:70:
f0:ee:2c:03:45:a1:42:93:10:4e:c1:7a:d9:0b:29:9e:3d:be:
17:c5:63:c2:1d:7e:26:b9:a9:04:33:e6:f3:6a:96:cf:3c:61:
c1:a0:46:e6:18:01:17:84:4a:5e:75:e0:01:7f:15:eb:4e:79:
d9:f4:39:9e:98:ce:da:2f:a5:19:49:5a:b3:d2:ca:27:53:04:
32:63:58:2c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASJ7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDgwNDI4WhcNMjUxMjEwMDgwNDI4WjAYMRYw
FAYDVQQDEw02NzZhNmIxMC0zZTY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu4vAVSsqRG4y1JqUTkMdt2/gLEIadK3u2QstI7jT+9hWqnWqSYCqyaIu
vfb/YucgNw2nQZDDt5oeT0sXP+Wcx194bdRZ3bu8AZODmf+/0PYSIyqq5VB5yezG
ZlJPnXcAt/rDcCQ/eLLvKrLJH1EaaDlhdnuUu/rCtogDydKjLLX5ugzaavtnyqtr
TOWiH8gadGUhZPNk4wArIZIKD5ku00JUdkyLAtV9ypU0tXUf8DK+1XLFM0ZgEh04
WBAAe+1j/SvxfxD4auLf8Ng1JkJSRveVnoUYXBAjPekfpSCErKjHJy4EdKACXaFJ
KTgATtKig41u7m0F3n7rTB/0YPj3OwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKv0
8K99rhKLhfqyIF3bjiFkDAjIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNEZDREVFRUMxQ0QxMUVGOUQ1RUFGNzM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsHdMA0GCSqGSIb3DQEB
CwUAA4IBAQB9t7OOC9NWdqyNQxXgu/LVxpGt+52BsojteiSmgKVudSTcCUBIl06T
3hI0wxFEEHxegFXDk8eO7vbgWJp1vWE5WCcTxvdbuL6wOSdDehH3KY/PeyArj7OC
4m1AlB99PMnMFak6rcE709UwkVz7TEMQ8zn9Kbe1237LpDW+a/BbHALeXCa4t7gT
wFPqjW6hFUBREsHwyx3NKqBLNqH29Q3RlzjXUrsVnh8W/22CUYJcHo3NgXDw7iwD
RaFCkxBOwXrZCymePb4XxWPCHX4muakEM+bzapbPPGHBoEbmGAEXhEpedeABfxXr
TnnZ9DmemM7aL6UZSVqz0sonUwQyY1gs
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:35:38 2025 by rpki-client