Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B684AAB0C54911EF8B329AA1762E951A.roa
File: B684AAB0C54911EF8B329AA1762E951A.roa (raw, json)
Hash identifier: HEWO82SlQXkB680rluS/5i/p3C6TI+0apF0xOyjGXhs=
Subject key identifier: F0:E1:EE:B1:43:2E:D1:F6:10:DB:A5:5A:05:65:24:E6:18:9E:99:97
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012CCD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B684AAB0C54911EF8B329AA1762E951A.roa
Signing time: Sat 28 Dec 2024 18:29:46 +0000
ROA not before: Sat 28 Dec 2024 18:29:42 +0000
ROA not after: Fri 12 Dec 2025 18:29:42 +0000
asID: 984
IP address blocks: 154.209.66.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77005 (0x12ccd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 18:29:42 2024 GMT
Not After : Dec 12 18:29:42 2025 GMT
Subject: CN=6770439a-9bef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:2e:ef:51:5b:cd:3b:c7:e5:4e:80:0d:2b:1d:
a5:44:0e:6c:50:7b:76:be:1a:f0:0a:04:75:33:e2:
66:f9:52:3d:df:42:9c:88:15:4a:f8:4e:5a:99:d3:
22:3d:9a:a1:b9:8f:f0:e3:7b:c7:ba:4c:bb:c0:06:
76:8b:dc:01:b5:09:64:46:b0:4d:ad:81:b3:36:63:
e0:f7:bc:d6:31:6b:af:ba:fb:dd:68:80:76:b0:ff:
f7:9d:a2:cb:fd:35:39:b4:70:52:2b:3d:f7:d6:db:
cb:1d:88:b1:45:86:37:cf:3c:72:dc:fd:92:d7:f5:
22:41:f0:d9:13:d4:32:7a:64:6e:2a:02:da:ed:54:
e3:22:5b:02:c5:2c:41:e1:c7:11:cd:99:15:a4:f7:
80:0b:94:2a:52:8c:41:d8:a2:13:59:7d:d9:d1:dd:
df:3f:0e:03:7e:a5:ed:26:e4:1d:ee:ac:39:f0:66:
d2:eb:2f:fa:24:19:3e:1f:53:75:f5:ce:32:9f:0d:
c1:46:15:39:a4:48:b6:da:da:d4:16:56:31:c4:43:
a8:b6:d3:78:75:d1:2b:4e:af:40:80:87:15:49:41:
df:09:5a:5c:8f:5f:79:e7:86:36:97:43:c9:f0:36:
cf:d8:bc:8a:c2:57:49:32:36:60:58:c8:e3:89:cd:
f6:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:E1:EE:B1:43:2E:D1:F6:10:DB:A5:5A:05:65:24:E6:18:9E:99:97
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B684AAB0C54911EF8B329AA1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.66.0/24
Signature Algorithm: sha256WithRSAEncryption
68:fe:a9:40:e9:68:28:d2:f3:bf:4d:b1:41:7a:04:a8:8d:0b:
36:3e:91:cb:ee:4e:18:d4:e1:6b:73:64:ca:27:3c:21:62:3d:
8b:ef:1c:70:59:14:fa:a8:1a:ed:41:0b:d9:7b:c4:23:44:b0:
ba:e2:e4:3b:a8:0d:ca:db:1c:41:cc:0b:79:a5:6f:33:4a:64:
7d:77:2d:36:90:0d:c1:76:c4:7c:e3:20:c2:ce:60:45:41:8d:
06:eb:34:af:1e:1f:c8:91:d1:82:c3:b5:25:27:70:f6:2e:e0:
69:69:f1:2f:82:23:43:d3:f7:24:c6:07:b5:88:77:7e:ed:d1:
68:73:5e:71:03:3a:94:9a:27:69:ad:39:be:57:9c:18:4e:04:
36:2a:b5:c5:bc:94:01:0f:a4:51:94:a3:14:a7:db:ab:86:20:
35:28:5e:4c:df:9e:2e:a5:d9:f0:b8:6c:f7:d1:59:ce:11:99:
9c:4c:66:45:4a:d8:c3:f3:e3:09:54:c8:e0:8f:ce:52:06:3f:
ad:ad:ef:36:c6:8e:45:6a:f9:d5:ca:46:7a:23:b1:db:58:bb:
5f:c7:65:ca:ef:c8:cc:2b:ee:9a:f5:13:69:af:a9:71:41:86:
7c:7f:b4:8c:00:64:36:90:21:1d:8b:9f:a5:d1:b7:38:79:cb:
ba:b7:bd:e8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASzNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTgyOTQyWhcNMjUxMjEyMTgyOTQyWjAYMRYw
FAYDVQQDEw02NzcwNDM5YS05YmVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4C7vUVvNO8flToANKx2lRA5sUHt2vhrwCgR1M+Jm+VI930KciBVK+E5a
mdMiPZqhuY/w43vHuky7wAZ2i9wBtQlkRrBNrYGzNmPg97zWMWuvuvvdaIB2sP/3
naLL/TU5tHBSKz331tvLHYixRYY3zzxy3P2S1/UiQfDZE9QyemRuKgLa7VTjIlsC
xSxB4ccRzZkVpPeAC5QqUoxB2KITWX3Z0d3fPw4DfqXtJuQd7qw58GbS6y/6JBk+
H1N19c4ynw3BRhU5pEi22trUFlYxxEOottN4ddErTq9AgIcVSUHfCVpcj19554Y2
l0PJ8DbP2LyKwldJMjZgWMjjic32jQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPDh
7rFDLtH2ENulWgVlJOYYnpmXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNjg0QUFCMEM1NDkxMUVGOEIzMjlBQTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtFCMA0GCSqGSIb3DQEB
CwUAA4IBAQBo/qlA6Wgo0vO/TbFBegSojQs2PpHL7k4Y1OFrc2TKJzwhYj2L7xxw
WRT6qBrtQQvZe8QjRLC64uQ7qA3K2xxBzAt5pW8zSmR9dy02kA3BdsR84yDCzmBF
QY0G6zSvHh/IkdGCw7UlJ3D2LuBpafEvgiND0/ckxge1iHd+7dFoc15xAzqUmidp
rTm+V5wYTgQ2KrXFvJQBD6RRlKMUp9urhiA1KF5M354updnwuGz30VnOEZmcTGZF
StjD8+MJVMjgj85SBj+tre82xo5FavnVykZ6I7HbWLtfx2XK78jMK+6a9RNpr6lx
QYZ8f7SMAGQ2kCEdi5+l0bc4ecu6t73o
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:30 2025 by rpki-client