Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A8E5880CD9211EFAE047158762E951A.roa
File: 1A8E5880CD9211EFAE047158762E951A.roa (raw, json)
Hash identifier: Sc+Jd4H9EjKVcu9gWPu8x+xg9UdepYmFoowON+lBsfc=
Subject key identifier: C8:7F:95:5D:7F:6C:05:7C:54:35:D4:58:4A:0C:4C:53:8E:10:84:A7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010061
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A8E5880CD9211EFAE047158762E951A.roa
Signing time: Wed 08 Jan 2025 07:28:07 +0000
ROA not before: Wed 08 Jan 2025 07:28:03 +0000
ROA not after: Wed 12 Feb 2025 07:28:03 +0000
asID: 20473
IP address blocks: 156.236.78.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65633 (0x10061)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 8 07:28:03 2025 GMT
Not After : Feb 12 07:28:03 2025 GMT
Subject: CN=677e2907-c529
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:82:44:08:08:e4:eb:56:27:9f:8c:1c:6d:77:
14:41:48:8e:c8:68:fd:aa:42:fc:fb:82:13:35:20:
8f:e1:fb:dc:fe:78:36:17:90:70:cc:c3:ba:ab:53:
16:01:84:87:d5:e2:49:f4:34:e0:c9:18:c5:ea:1a:
d8:71:68:5d:3c:95:7d:a1:57:b0:8a:72:94:5f:84:
2c:b5:23:5a:2e:ff:e5:76:39:55:45:85:40:14:62:
19:52:81:d3:86:55:6a:b4:42:74:1e:ab:cd:c4:fb:
e9:6d:bd:84:bb:76:61:c2:28:51:2e:a6:61:48:52:
ac:29:86:50:19:ec:7a:93:ee:d3:b8:82:86:95:d8:
e1:39:e5:cb:31:55:5c:4b:cd:ae:82:41:ca:3a:e9:
14:a1:93:88:2f:1a:2b:d7:0d:82:ba:27:e4:92:1c:
65:3f:54:f3:17:c6:1a:9f:12:57:4e:94:ec:ba:dd:
e4:d6:bc:ea:9a:f7:ab:66:b9:e5:d0:a6:2a:d8:c7:
82:d9:1e:1c:41:37:ed:ea:4d:b1:57:c0:bc:4b:ef:
62:42:83:11:98:cf:60:3c:3b:53:02:f3:49:6a:31:
cc:5f:ec:11:bb:4d:71:4f:72:19:88:10:09:25:d6:
96:d2:7d:6d:0e:3e:e9:56:27:f6:32:d1:78:2e:d3:
0d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:7F:95:5D:7F:6C:05:7C:54:35:D4:58:4A:0C:4C:53:8E:10:84:A7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A8E5880CD9211EFAE047158762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.78.0/23
Signature Algorithm: sha256WithRSAEncryption
25:86:84:84:1f:8c:a7:73:58:4e:68:be:91:6d:fc:cb:a7:e4:
6a:11:f4:db:49:2f:68:51:53:58:61:4c:3e:61:0d:fb:0f:5d:
b9:25:14:d0:ca:f5:3c:64:f6:d9:a7:b1:96:d0:92:d0:09:44:
6d:2b:af:2e:b4:20:99:4e:a1:66:50:2a:42:c0:18:f5:20:df:
2a:e5:4e:77:7a:72:50:c9:8d:78:29:ce:94:01:e1:b9:d0:69:
58:59:26:31:0e:71:8d:17:99:3b:a7:1e:a9:01:d8:c4:5f:b7:
0d:e3:44:ec:14:09:98:7c:a5:52:01:d6:c0:ce:9c:b6:bd:bc:
b2:22:74:c2:e2:00:25:d6:cf:49:e7:74:f1:f5:04:0e:07:e9:
b3:b9:43:fa:1c:86:b4:49:18:4c:16:94:67:55:09:5e:5d:c1:
10:20:b3:a3:c2:2b:af:69:1c:46:9d:e0:c4:c1:5f:6d:92:a8:
dc:3e:85:db:3a:67:10:9c:89:18:4e:5f:d8:de:45:2a:c4:e8:
1c:1a:15:c4:c2:33:ef:47:47:bc:18:cd:7c:48:2a:3f:46:15:
74:42:09:83:50:fa:14:ff:aa:40:f6:fd:7a:dc:8e:ba:2e:ba:
39:02:12:07:1b:3b:06:ef:d3:33:ea:2a:de:40:c9:7c:ac:25:
34:b1:2a:5c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQBhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDcyODAzWhcNMjUwMjEyMDcyODAzWjAYMRYw
FAYDVQQDEw02NzdlMjkwNy1jNTI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1IJECAjk61Ynn4wcbXcUQUiOyGj9qkL8+4ITNSCP4fvc/ng2F5BwzMO6
q1MWAYSH1eJJ9DTgyRjF6hrYcWhdPJV9oVewinKUX4QstSNaLv/ldjlVRYVAFGIZ
UoHThlVqtEJ0HqvNxPvpbb2Eu3ZhwihRLqZhSFKsKYZQGex6k+7TuIKGldjhOeXL
MVVcS82ugkHKOukUoZOILxor1w2CuifkkhxlP1TzF8YanxJXTpTsut3k1rzqmver
Zrnl0KYq2MeC2R4cQTft6k2xV8C8S+9iQoMRmM9gPDtTAvNJajHMX+wRu01xT3IZ
iBAJJdaW0n1tDj7pVif2MtF4LtMNdQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMh/
lV1/bAV8VDXUWEoMTFOOEISnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQThFNTg4MENEOTIxMUVGQUUwNDcxNTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOxOMA0GCSqGSIb3DQEBCwUA
A4IBAQAlhoSEH4ync1hOaL6RbfzLp+RqEfTbSS9oUVNYYUw+YQ37D125JRTQyvU8
ZPbZp7GW0JLQCURtK68utCCZTqFmUCpCwBj1IN8q5U53enJQyY14Kc6UAeG50GlY
WSYxDnGNF5k7px6pAdjEX7cN40TsFAmYfKVSAdbAzpy2vbyyInTC4gAl1s9J53Tx
9QQOB+mzuUP6HIa0SRhMFpRnVQleXcEQILOjwiuvaRxGneDEwV9tkqjcPoXbOmcQ
nIkYTl/Y3kUqxOgcGhXEwjPvR0e8GM18SCo/RhV0QgmDUPoU/6pA9v163I66Lro5
AhIHGzsG79Mz6ireQMl8rCU0sSpc
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:22:55 2025 by rpki-client