Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/034D6A10DC0811EFB7C9DE6D762E951A.roa
File: 034D6A10DC0811EFB7C9DE6D762E951A.roa (raw, json)
Hash identifier: CG5CSZiMV8msjwyKJycugdxRAkGH0X5SV/JLs8fHMGE=
Subject key identifier: 43:B0:66:9F:6C:A7:55:03:C5:B2:E5:69:5D:F8:3A:74:CE:DD:79:35
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 011420
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/034D6A10DC0811EFB7C9DE6D762E951A.roa
Signing time: Sun 26 Jan 2025 17:07:25 +0000
ROA not before: Sun 26 Jan 2025 17:07:21 +0000
ROA not after: Sun 23 Mar 2025 17:07:21 +0000
asID: 63139
IP address blocks: 156.229.30.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70688 (0x11420)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 26 17:07:21 2025 GMT
Not After : Mar 23 17:07:21 2025 GMT
Subject: CN=67966bcc-0759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9a:10:3f:3f:f0:ee:ca:c7:9e:1f:e0:f8:9d:
1c:14:68:a0:d0:8e:e9:5c:37:c7:81:c9:8a:0f:00:
85:8e:d5:c3:c9:2c:66:d0:b3:41:95:8c:8c:ec:0d:
e8:c3:52:3e:1d:ae:70:e6:41:e9:af:c1:81:61:f3:
73:78:e0:c2:15:54:d5:c3:e7:98:2a:d8:b2:3e:aa:
f9:de:0b:ca:1d:9f:d9:8f:d0:52:d2:ed:c7:8b:28:
10:9b:4b:b5:2a:04:34:e0:c1:80:f9:ef:82:9e:ab:
00:7f:dd:b0:c0:06:73:21:f0:0c:d2:e5:ed:bb:40:
97:ea:b1:1d:bf:e6:ce:bb:d5:ba:41:7f:c3:65:62:
79:56:b2:0d:9d:fc:e4:22:36:30:0a:aa:5c:d7:0f:
c3:b3:40:64:ae:b2:11:42:d4:ec:14:d6:12:7e:20:
96:3e:a7:80:1c:93:b2:27:14:95:48:13:f5:2e:09:
e0:82:21:0d:04:e6:27:29:1a:23:74:a6:a7:d1:11:
89:4c:b6:a4:bb:26:4d:03:c5:7b:61:9e:13:c9:61:
8f:e0:09:b8:42:cf:d3:4b:80:29:2a:1a:ed:77:f1:
a6:2a:8f:94:e6:b9:72:10:82:ce:59:c5:d7:db:3a:
f1:c6:15:bd:4a:c5:7b:79:24:b2:ec:de:84:50:cb:
25:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B0:66:9F:6C:A7:55:03:C5:B2:E5:69:5D:F8:3A:74:CE:DD:79:35
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/034D6A10DC0811EFB7C9DE6D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.30.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:93:0a:3e:b5:d3:17:2c:6f:3f:a6:ee:a1:01:c1:f0:f5:46:
35:62:01:4f:51:ab:dd:dd:8d:10:2d:58:92:44:26:a9:1b:19:
79:7b:fb:c9:e7:7b:bd:96:c2:78:77:52:99:7c:65:54:c4:36:
cd:ea:bc:82:04:d9:a9:a5:ae:75:46:55:63:5e:25:ac:4f:c1:
c9:ab:7e:c8:88:93:67:35:02:4c:56:c1:3c:59:d5:21:b2:9b:
c6:7c:2f:40:87:3d:a3:76:a1:f5:dc:7e:54:a2:82:86:8d:dd:
a7:71:fc:25:b2:5f:18:ce:f3:6a:c0:04:ca:3c:4e:fa:c3:3a:
f9:a9:49:c0:7f:09:c0:0e:f0:39:cf:af:d0:cb:06:c7:5d:34:
f9:f9:42:3d:ef:b2:cf:9a:7f:d9:f9:eb:f7:63:83:96:a3:dd:
33:16:93:44:e7:6d:ea:4d:b7:71:b1:47:8a:c6:35:f7:36:0c:
fe:97:07:80:01:f6:51:58:b3:d2:b1:80:71:e0:81:ae:52:b7:
c9:8f:e1:41:17:ec:d4:f3:6b:98:fc:aa:f8:18:93:f4:27:ef:
6d:64:f2:53:3c:46:7b:9b:71:f7:6e:18:f0:cb:03:8d:f4:92:
02:38:a4:0b:66:89:46:8a:30:66:27:c0:29:30:2e:9a:a0:0e:
64:12:29:e9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDARQgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTI2MTcwNzIxWhcNMjUwMzIzMTcwNzIxWjAYMRYw
FAYDVQQDEw02Nzk2NmJjYy0wNzU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnJoQPz/w7srHnh/g+J0cFGig0I7pXDfHgcmKDwCFjtXDySxm0LNBlYyM
7A3ow1I+Ha5w5kHpr8GBYfNzeODCFVTVw+eYKtiyPqr53gvKHZ/Zj9BS0u3HiygQ
m0u1KgQ04MGA+e+CnqsAf92wwAZzIfAM0uXtu0CX6rEdv+bOu9W6QX/DZWJ5VrIN
nfzkIjYwCqpc1w/Ds0BkrrIRQtTsFNYSfiCWPqeAHJOyJxSVSBP1LgnggiENBOYn
KRojdKan0RGJTLakuyZNA8V7YZ4TyWGP4Am4Qs/TS4ApKhrtd/GmKo+U5rlyEILO
WcXX2zrxxhW9SsV7eSSy7N6EUMslfQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEOw
Zp9sp1UDxbLlaV34OnTO3Xk1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMzRENkExMERDMDgxMUVGQjdDOURFNkQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOUeMA0GCSqGSIb3DQEBCwUA
A4IBAQBqkwo+tdMXLG8/pu6hAcHw9UY1YgFPUavd3Y0QLViSRCapGxl5e/vJ53u9
lsJ4d1KZfGVUxDbN6ryCBNmppa51RlVjXiWsT8HJq37IiJNnNQJMVsE8WdUhspvG
fC9Ahz2jdqH13H5UooKGjd2ncfwlsl8YzvNqwATKPE76wzr5qUnAfwnADvA5z6/Q
ywbHXTT5+UI977LPmn/Z+ev3Y4OWo90zFpNE523qTbdxsUeKxjX3Ngz+lweAAfZR
WLPSsYBx4IGuUrfJj+FBF+zU82uY/Kr4GJP0J+9tZPJTPEZ7m3H3bhjwywON9JIC
OKQLZolGijBmJ8ApMC6aoA5kEinp
-----END CERTIFICATE-----
Generated at Sun Apr 27 12:04:25 2025 by rpki-client