Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3EA136CEDB5D11EF98FB2E6B762E951A.roa
File: 3EA136CEDB5D11EF98FB2E6B762E951A.roa (raw, json)
Hash identifier: sFdf/iJi/5j1P+g8yz2aZrgOiPfnhKM8+/NfJtedRv8=
Subject key identifier: 91:B8:C7:93:E8:F0:65:DF:02:CB:8A:9E:F4:EC:C0:C5:29:07:3E:C6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 011319
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3EA136CEDB5D11EF98FB2E6B762E951A.roa
Signing time: Sat 25 Jan 2025 20:45:00 +0000
ROA not before: Sat 25 Jan 2025 20:44:56 +0000
ROA not after: Thu 13 Mar 2025 20:44:56 +0000
asID: 138915
IP address blocks: 156.244.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70425 (0x11319)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 25 20:44:56 2025 GMT
Not After : Mar 13 20:44:56 2025 GMT
Subject: CN=67954d4c-b38f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:39:9b:86:f5:1c:db:0b:21:3a:90:9c:43:97:
f7:5d:0a:b9:c4:c5:b2:09:ef:07:17:d3:3a:dd:9d:
0b:8f:62:26:b3:10:bd:99:3b:f4:cc:26:70:a1:d5:
af:cc:fd:92:44:b5:27:d1:fa:15:d0:9f:b8:85:47:
c5:94:41:02:21:21:47:ba:e1:48:6e:46:20:cd:4b:
b1:5e:c6:b9:16:18:6e:89:f3:03:6b:5c:fd:03:33:
31:8c:a9:90:06:d7:73:67:91:b7:6e:df:ee:e4:57:
ba:73:ba:1e:b1:96:71:75:96:43:f2:15:1d:33:c7:
d1:1d:e4:a4:e7:af:d2:ff:1e:58:ec:36:2c:20:bd:
7c:33:79:7c:f6:a5:06:e6:a9:bd:88:86:75:6f:b3:
c8:78:c8:b7:4b:45:b4:e4:af:56:db:ab:0e:03:0b:
e8:e6:aa:8e:47:d4:51:79:79:53:a9:c9:69:1f:1f:
27:fe:98:e4:c4:ce:47:7f:d1:19:b8:33:69:6b:a7:
1e:fe:d9:dc:55:7c:58:53:8c:f2:de:d5:66:87:41:
45:a4:d9:f8:54:de:c8:06:4b:c2:fc:f2:e2:29:a0:
30:d2:90:96:cf:fc:b7:8c:65:64:03:91:34:d7:a4:
ae:2c:e7:a8:c5:1a:17:a8:cf:25:b5:ae:0c:7d:17:
70:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:B8:C7:93:E8:F0:65:DF:02:CB:8A:9E:F4:EC:C0:C5:29:07:3E:C6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3EA136CEDB5D11EF98FB2E6B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.0.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:0a:05:af:69:e8:e2:e1:35:ad:04:3f:d5:be:e1:4d:50:d0:
b2:17:3e:47:d9:29:73:91:ca:7e:75:4c:5a:3b:88:c8:83:71:
90:45:ef:3f:c7:ee:fd:76:35:35:29:86:47:26:ed:b9:3d:7a:
55:6e:46:c0:1e:4f:02:33:e1:c7:8a:78:d3:e9:84:59:cb:fb:
60:6a:0a:e4:73:c2:d5:97:41:20:0b:69:fc:93:1f:bd:13:cc:
5a:eb:61:ae:2e:44:fa:4a:74:db:05:48:37:0c:55:e4:95:d4:
05:28:10:49:a8:3b:80:4d:8d:9e:3a:3c:67:54:5e:a2:ea:d1:
91:df:15:c1:4e:2e:7d:b6:13:6d:35:8c:5d:24:06:36:26:21:
ca:93:c3:1d:34:d2:6b:53:34:28:82:de:ea:d6:9a:79:11:21:
dc:55:a9:87:94:5a:ed:18:e6:98:00:b0:6d:25:57:fd:ce:61:
32:69:e4:d7:46:6c:da:c0:00:71:8f:0d:b2:29:49:1f:13:b1:
fd:87:b2:c6:d3:a5:dd:eb:1f:11:36:5e:c2:ce:a8:b8:c9:e7:
8b:17:a3:d9:22:bc:c9:8e:44:58:4a:99:cb:a3:95:6c:d5:02:
06:05:8a:43:4d:79:6f:58:d9:36:6d:68:07:d7:a0:a2:88:26:
77:ba:c0:b8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDARMZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTI1MjA0NDU2WhcNMjUwMzEzMjA0NDU2WjAYMRYw
FAYDVQQDEw02Nzk1NGQ0Yy1iMzhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxzmbhvUc2wshOpCcQ5f3XQq5xMWyCe8HF9M63Z0Lj2ImsxC9mTv0zCZw
odWvzP2SRLUn0foV0J+4hUfFlEECISFHuuFIbkYgzUuxXsa5FhhuifMDa1z9AzMx
jKmQBtdzZ5G3bt/u5Fe6c7oesZZxdZZD8hUdM8fRHeSk56/S/x5Y7DYsIL18M3l8
9qUG5qm9iIZ1b7PIeMi3S0W05K9W26sOAwvo5qqOR9RReXlTqclpHx8n/pjkxM5H
f9EZuDNpa6ce/tncVXxYU4zy3tVmh0FFpNn4VN7IBkvC/PLiKaAw0pCWz/y3jGVk
A5E016SuLOeoxRoXqM8lta4MfRdwgwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJG4
x5Po8GXfAsuKnvTswMUpBz7GMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRUExMzZDRURCNUQxMUVGOThGQjJFNkI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPQAMA0GCSqGSIb3DQEBCwUA
A4IBAQBrCgWvaeji4TWtBD/VvuFNUNCyFz5H2Slzkcp+dUxaO4jIg3GQRe8/x+79
djU1KYZHJu25PXpVbkbAHk8CM+HHinjT6YRZy/tgagrkc8LVl0EgC2n8kx+9E8xa
62GuLkT6SnTbBUg3DFXkldQFKBBJqDuATY2eOjxnVF6i6tGR3xXBTi59thNtNYxd
JAY2JiHKk8MdNNJrUzQogt7q1pp5ESHcVamHlFrtGOaYALBtJVf9zmEyaeTXRmza
wABxjw2yKUkfE7H9h7LG06Xd6x8RNl7Czqi4yeeLF6PZIrzJjkRYSpnLo5Vs1QIG
BYpDTXlvWNk2bWgH16CiiCZ3usC4
-----END CERTIFICATE-----
Generated at Sat Apr 26 01:15:23 2025 by rpki-client