Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/406DCB78DB1E11EF83A9B848762E951A.roa
File: 406DCB78DB1E11EF83A9B848762E951A.roa (raw, json)
Hash identifier: Hrr8YRhKoErECU6ZPsn89XHlV8B8kG4xsRNrjef7kHI=
Subject key identifier: C7:7F:16:4A:27:CA:21:46:29:FC:5F:78:DF:C4:9C:08:FF:66:49:A6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01126D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/406DCB78DB1E11EF83A9B848762E951A.roa
Signing time: Sat 25 Jan 2025 13:14:05 +0000
ROA not before: Sat 25 Jan 2025 13:14:01 +0000
ROA not after: Sat 01 Feb 2025 13:14:01 +0000
asID: 137547
IP address blocks: 156.245.128.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70253 (0x1126d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 25 13:14:01 2025 GMT
Not After : Feb 1 13:14:01 2025 GMT
Subject: CN=6794e39d-3c83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:06:1c:2e:d6:58:6a:01:19:5a:82:bc:57:98:
93:c6:c3:f1:22:4b:3a:0c:39:88:f7:0c:bf:0f:12:
63:9d:2f:20:70:26:9a:05:8d:ff:af:bd:26:ef:d2:
67:b9:38:ac:b8:1f:3e:71:00:f5:d0:86:b8:aa:fb:
22:44:f8:8e:13:16:be:d2:e0:31:07:fa:54:0c:a9:
93:9f:71:cb:02:38:0e:29:37:30:0a:b5:76:51:e9:
43:b9:cc:83:67:72:75:4e:e8:17:d4:27:01:ef:e2:
53:d4:09:43:67:cb:e9:62:46:b5:b6:7c:83:64:f4:
2d:ff:5c:b9:56:36:d4:d0:f1:d4:f9:67:7f:7b:73:
38:3e:ec:19:f3:57:f1:79:5e:b2:1b:3a:84:31:ed:
72:da:b8:99:ea:58:78:9c:47:df:09:bb:8f:a0:e1:
52:af:0f:dc:60:ea:07:a7:89:01:80:7a:1e:5f:df:
9d:46:bc:f2:91:e9:54:b7:55:36:9a:7b:8c:94:33:
1a:37:c7:f4:a4:92:0b:49:92:31:9b:90:6f:bf:18:
bf:f7:d7:e8:d2:e6:65:7d:74:27:fb:5b:ea:91:5d:
42:3f:31:9d:10:89:0f:8a:d3:7e:ac:9c:64:c4:72:
4f:0d:ab:a3:76:bd:da:1f:58:9e:55:fa:62:71:01:
f1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:7F:16:4A:27:CA:21:46:29:FC:5F:78:DF:C4:9C:08:FF:66:49:A6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/406DCB78DB1E11EF83A9B848762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.128.0/21
Signature Algorithm: sha256WithRSAEncryption
94:bf:e3:32:22:9d:c7:59:50:b8:56:e2:39:8b:1a:e8:5e:20:
f3:46:e1:d5:bb:9f:b0:bc:0b:f4:92:f2:de:31:52:c4:36:4e:
be:b6:6a:46:c0:ea:dc:97:47:a0:6a:b4:9c:c4:26:09:2f:59:
90:61:c1:4b:47:b4:f9:97:da:42:e9:db:f6:f6:70:c5:89:92:
2a:98:99:89:50:92:cf:47:c0:2c:d5:af:0e:de:27:b6:2c:d3:
6a:55:62:5d:b1:b7:44:1b:0a:7e:fd:b2:fd:e9:d8:38:88:bd:
c1:a9:f6:42:5a:40:a8:fd:32:35:1d:ae:13:1e:12:45:24:59:
76:26:d4:62:e2:39:65:38:cd:e2:59:bd:d0:6f:1b:e9:7a:22:
5b:8d:85:b6:58:fb:87:49:e6:92:0b:ec:23:4a:ec:98:95:2c:
7f:73:1d:17:9d:6b:84:49:2e:d4:62:60:26:5f:49:83:dd:2a:
67:c2:b1:1c:0b:79:e1:fe:6f:fa:c6:15:de:dd:53:83:95:8a:
ac:d1:89:07:68:0e:5b:b0:46:6a:82:dc:17:2c:1b:31:ad:91:
2f:c3:69:e9:83:3f:10:1d:c3:d9:09:39:12:95:21:d3:0a:0f:
42:ac:b9:93:58:b1:2e:ab:39:34:d1:6e:09:c8:41:ac:53:ae:
66:34:23:50
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDARJtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTI1MTMxNDAxWhcNMjUwMjAxMTMxNDAxWjAYMRYw
FAYDVQQDEw02Nzk0ZTM5ZC0zYzgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+QYcLtZYagEZWoK8V5iTxsPxIks6DDmI9wy/DxJjnS8gcCaaBY3/r70m
79JnuTisuB8+cQD10Ia4qvsiRPiOExa+0uAxB/pUDKmTn3HLAjgOKTcwCrV2UelD
ucyDZ3J1TugX1CcB7+JT1AlDZ8vpYka1tnyDZPQt/1y5VjbU0PHU+Wd/e3M4PuwZ
81fxeV6yGzqEMe1y2riZ6lh4nEffCbuPoOFSrw/cYOoHp4kBgHoeX9+dRrzykelU
t1U2mnuMlDMaN8f0pJILSZIxm5Bvvxi/99fo0uZlfXQn+1vqkV1CPzGdEIkPitN+
rJxkxHJPDaujdr3aH1ieVfpicQHx/wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMd/
FkonyiFGKfxfeN/EnAj/ZkmmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MDZEQ0I3OERCMUUxMUVGODNBOUI4NDg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnPWAMA0GCSqGSIb3DQEBCwUA
A4IBAQCUv+MyIp3HWVC4VuI5ixroXiDzRuHVu5+wvAv0kvLeMVLENk6+tmpGwOrc
l0egarScxCYJL1mQYcFLR7T5l9pC6dv29nDFiZIqmJmJUJLPR8As1a8O3ie2LNNq
VWJdsbdEGwp+/bL96dg4iL3BqfZCWkCo/TI1Ha4THhJFJFl2JtRi4jllOM3iWb3Q
bxvpeiJbjYW2WPuHSeaSC+wjSuyYlSx/cx0XnWuESS7UYmAmX0mD3SpnwrEcC3nh
/m/6xhXe3VODlYqs0YkHaA5bsEZqgtwXLBsxrZEvw2npgz8QHcPZCTkSlSHTCg9C
rLmTWLEuqzk00W4JyEGsU65mNCNQ
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:53:30 2025 by rpki-client