Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40ED9B98D72011EFAC759E9E762E951A.roa
File: 40ED9B98D72011EFAC759E9E762E951A.roa (raw, json)
Hash identifier: 9XPT807GmX7owQ3o4nwpLaENNwD3OvsBFNJXry/41Lo=
Subject key identifier: F2:D8:A8:D8:78:25:8B:3F:E5:FF:6B:42:9C:73:2C:0D:6A:EF:F1:55
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010C37
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40ED9B98D72011EFAC759E9E762E951A.roa
Signing time: Mon 20 Jan 2025 11:18:20 +0000
ROA not before: Mon 20 Jan 2025 11:18:16 +0000
ROA not after: Sat 01 Feb 2025 11:18:16 +0000
asID: 44559
IP address blocks: 45.199.240.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68663 (0x10c37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 20 11:18:16 2025 GMT
Not After : Feb 1 11:18:16 2025 GMT
Subject: CN=678e30fc-65b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a1:40:72:e6:b7:cb:0d:f3:b3:12:37:ac:6d:
dd:da:7c:ea:2f:8d:2d:81:39:93:21:00:9c:95:f9:
c4:1d:f5:d2:8e:aa:00:b1:48:b5:3b:46:9b:2d:f8:
75:b8:0d:b3:2b:11:27:ef:7f:76:05:e6:04:1c:93:
f4:c9:72:95:70:22:fe:fa:1b:e8:e7:b6:5c:14:33:
6c:4d:fa:78:e8:42:1b:e7:d6:57:4d:1f:61:4b:72:
ba:2b:16:72:d2:77:39:26:f9:f5:cc:65:7c:ba:33:
61:fc:45:6e:c3:3a:b2:c6:3c:2b:4f:6a:bd:af:a6:
7c:7e:4f:f6:75:d4:3d:f8:1f:7f:83:8d:85:3c:a9:
37:39:e8:5d:3d:3b:a4:a0:c1:8c:c4:7e:c7:3d:ad:
55:1e:7a:e5:0b:c7:b4:09:57:0d:ef:7c:3d:78:50:
06:b8:dc:51:e7:25:c0:92:bc:fa:a9:b4:44:64:15:
85:b9:8c:4b:d0:c9:65:f8:02:a2:19:76:81:a4:b5:
f4:4e:66:c6:93:3a:9c:e0:69:25:5b:a1:43:10:2f:
b6:a0:54:57:83:39:cf:20:f2:da:3f:5a:c8:ef:5c:
f4:3a:af:21:92:b6:57:ff:8f:7a:f8:88:3e:f4:55:
3f:5f:b6:11:05:9d:f7:11:f1:e0:95:bb:1a:0d:39:
e2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:D8:A8:D8:78:25:8B:3F:E5:FF:6B:42:9C:73:2C:0D:6A:EF:F1:55
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40ED9B98D72011EFAC759E9E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.199.240.0/24
Signature Algorithm: sha256WithRSAEncryption
06:37:d0:2d:42:80:3d:48:a1:05:a1:fb:fd:ca:2a:81:ff:7c:
67:c7:46:41:24:63:df:e7:af:15:44:be:15:43:ba:21:89:a8:
49:47:93:d2:82:7f:51:ae:e2:97:c8:e6:e7:fc:5e:96:af:3c:
25:84:66:1c:72:b5:45:ad:2e:13:c9:67:05:5f:fa:c2:af:74:
26:e2:c7:13:f5:59:83:c8:bf:3d:47:82:83:7e:92:da:b4:c9:
ea:c5:3b:fe:32:5c:86:a9:b9:3f:6e:ba:60:7d:53:c7:4c:31:
be:17:9c:08:e4:d6:b6:a5:d7:a0:11:24:bd:1a:e3:6c:e0:12:
2d:e7:6d:91:2d:5a:95:ac:7e:bb:c3:c5:0c:fd:f1:96:b9:3d:
82:05:04:3d:6f:2b:5c:1d:5b:9e:87:b7:96:6e:b9:0e:1e:27:
f2:4a:2e:00:8e:b8:f5:7f:83:c8:dc:e7:96:2e:9d:bf:1d:5a:
e7:bc:4b:cf:7b:e1:0c:19:9e:4f:b6:89:c4:6d:7b:ed:39:51:
cf:bc:84:e7:b3:d7:df:cf:b5:65:12:d8:ac:44:7c:46:80:e8:
12:05:24:4b:8b:5a:bc:5b:2a:44:6d:9e:a3:92:58:f7:63:7d:
bf:bd:69:6f:03:2a:6d:d8:41:61:b2:4c:75:f9:45:25:ad:b3:
12:2c:a0:e0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQw3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTIwMTExODE2WhcNMjUwMjAxMTExODE2WjAYMRYw
FAYDVQQDEw02NzhlMzBmYy02NWI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw6FAcua3yw3zsxI3rG3d2nzqL40tgTmTIQCclfnEHfXSjqoAsUi1O0ab
Lfh1uA2zKxEn7392BeYEHJP0yXKVcCL++hvo57ZcFDNsTfp46EIb59ZXTR9hS3K6
KxZy0nc5Jvn1zGV8ujNh/EVuwzqyxjwrT2q9r6Z8fk/2ddQ9+B9/g42FPKk3Oehd
PTukoMGMxH7HPa1VHnrlC8e0CVcN73w9eFAGuNxR5yXAkrz6qbREZBWFuYxL0Mll
+AKiGXaBpLX0TmbGkzqc4GklW6FDEC+2oFRXgznPIPLaP1rI71z0Oq8hkrZX/496
+Ig+9FU/X7YRBZ33EfHglbsaDTniMwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPLY
qNh4JYs/5f9rQpxzLA1q7/FVMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MEVEOUI5OEQ3MjAxMUVGQUM3NTlFOUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcfwMA0GCSqGSIb3DQEBCwUA
A4IBAQAGN9AtQoA9SKEFofv9yiqB/3xnx0ZBJGPf568VRL4VQ7ohiahJR5PSgn9R
ruKXyObn/F6WrzwlhGYccrVFrS4TyWcFX/rCr3Qm4scT9VmDyL89R4KDfpLatMnq
xTv+MlyGqbk/brpgfVPHTDG+F5wI5Na2pdegESS9GuNs4BIt522RLVqVrH67w8UM
/fGWuT2CBQQ9bytcHVueh7eWbrkOHifySi4Ajrj1f4PI3OeWLp2/HVrnvEvPe+EM
GZ5PtonEbXvtOVHPvITns9ffz7VlEtisRHxGgOgSBSRLi1q8WypEbZ6jklj3Y32/
vWlvAypt2EFhskx1+UUlrbMSLKDg
-----END CERTIFICATE-----
Generated at Sat Apr 26 10:22:08 2025 by rpki-client