Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/49A85BEADFF611EF859DE56E762E951A.roa
File: 49A85BEADFF611EF859DE56E762E951A.roa (raw, json)
Hash identifier: UbYPvlS1BxM3Vvf0P+h0/VYgfxCbNAc2RXLCC1Kx6Pg=
Subject key identifier: 56:BE:19:27:0C:06:B7:DD:20:7A:2F:01:92:D1:ED:E5:74:E0:BE:19
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0116AB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/49A85BEADFF611EF859DE56E762E951A.roa
Signing time: Fri 31 Jan 2025 17:10:36 +0000
ROA not before: Fri 31 Jan 2025 17:10:33 +0000
ROA not after: Tue 11 Feb 2025 17:10:33 +0000
asID: 131471
IP address blocks: 156.238.66.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71339 (0x116ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 31 17:10:33 2025 GMT
Not After : Feb 11 17:10:33 2025 GMT
Subject: CN=679d040c-3311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:7f:6e:5a:d7:a8:0d:71:60:b3:2a:57:d9:4d:
1a:1d:e0:af:aa:df:09:1b:82:17:fa:5f:b8:69:03:
d2:3e:8a:74:66:4c:5a:ca:35:40:1b:16:3a:0b:d0:
dc:a9:e1:21:e3:78:cc:bc:5f:57:b3:12:bc:70:63:
28:ff:ac:e8:31:96:a0:cb:74:4f:99:fd:7a:57:e3:
33:29:e6:3f:e8:c2:9c:f2:d8:70:d5:2a:46:18:78:
9d:1d:b1:8d:b9:0b:08:86:cb:43:93:9f:7a:3f:ae:
a9:55:ad:21:b9:44:83:ac:bc:81:32:8e:66:68:c9:
f2:3a:7a:53:25:bd:5c:72:a8:a3:51:a9:c9:9b:64:
95:a9:ab:df:f9:b3:6b:5c:86:b7:26:06:17:ee:0e:
bc:88:2c:54:21:27:7a:1a:60:57:b5:f0:38:b0:ad:
17:af:f9:08:5d:ec:be:0d:7a:c2:2b:8e:52:1d:28:
9e:a9:83:ce:f9:28:9e:54:7d:b1:89:33:06:16:92:
2b:84:fe:a0:00:57:8d:3b:fc:7e:13:d2:66:07:c2:
0a:4d:2b:d7:d7:67:ab:ea:d0:d7:07:34:fc:c9:fe:
79:0b:6e:1d:bc:0b:52:49:9d:67:31:c5:80:87:c2:
52:50:ad:55:b5:fd:b4:51:ed:72:2d:87:f1:2d:84:
60:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:BE:19:27:0C:06:B7:DD:20:7A:2F:01:92:D1:ED:E5:74:E0:BE:19
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/49A85BEADFF611EF859DE56E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.66.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:2c:bd:64:d0:07:99:f0:09:d4:08:f2:01:4c:6f:8a:5d:9f:
37:e2:0b:2b:66:42:30:22:53:1e:06:23:12:0e:84:55:7e:ee:
d2:9e:9a:80:55:05:03:a7:54:eb:0e:46:15:26:0d:98:2f:09:
ba:ca:69:66:ee:91:91:bf:88:1c:8c:43:d6:c0:a1:45:ba:bb:
10:3f:21:1e:94:11:0c:f1:92:33:48:d6:65:7e:af:71:e5:81:
6a:d8:a6:e7:a1:fe:56:4f:31:70:53:f3:3d:f7:77:c4:aa:5e:
4f:f4:c1:0a:6f:e6:76:be:85:84:33:f2:d5:8b:7c:bb:b7:04:
06:50:12:2a:45:c9:9d:1a:e5:db:2e:40:ba:61:5a:59:f6:27:
59:47:d5:05:cb:9c:e5:4c:61:ed:25:a5:4b:03:3a:20:f7:b6:
4e:51:f1:ad:9e:64:f8:d4:14:32:83:1a:fa:7b:74:96:4c:1b:
64:6b:41:e3:b0:16:4d:1c:e4:91:a2:20:33:d7:63:60:47:84:
8c:73:75:b3:ec:f1:e4:de:1a:30:ed:ea:f0:0e:9d:21:14:11:
80:9e:81:b0:5c:a5:71:93:95:c6:65:5c:1b:75:18:ee:08:18:
0a:ad:ec:34:60:09:f9:4b:0e:2e:ee:88:78:30:b8:9d:be:7b:
4a:98:37:5e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDARarMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTMxMTcxMDMzWhcNMjUwMjExMTcxMDMzWjAYMRYw
FAYDVQQDEw02NzlkMDQwYy0zMzExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy39uWteoDXFgsypX2U0aHeCvqt8JG4IX+l+4aQPSPop0ZkxayjVAGxY6
C9DcqeEh43jMvF9XsxK8cGMo/6zoMZagy3RPmf16V+MzKeY/6MKc8thw1SpGGHid
HbGNuQsIhstDk596P66pVa0huUSDrLyBMo5maMnyOnpTJb1ccqijUanJm2SVqavf
+bNrXIa3JgYX7g68iCxUISd6GmBXtfA4sK0Xr/kIXey+DXrCK45SHSieqYPO+Sie
VH2xiTMGFpIrhP6gAFeNO/x+E9JmB8IKTSvX12er6tDXBzT8yf55C24dvAtSSZ1n
McWAh8JSUK1Vtf20Ue1yLYfxLYRgsQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFa+
GScMBrfdIHovAZLR7eV04L4ZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80OUE4NUJFQURGRjYxMUVGODU5REU1NkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO5CMA0GCSqGSIb3DQEBCwUA
A4IBAQClLL1k0AeZ8AnUCPIBTG+KXZ834gsrZkIwIlMeBiMSDoRVfu7SnpqAVQUD
p1TrDkYVJg2YLwm6ymlm7pGRv4gcjEPWwKFFursQPyEelBEM8ZIzSNZlfq9x5YFq
2Kbnof5WTzFwU/M993fEql5P9MEKb+Z2voWEM/LVi3y7twQGUBIqRcmdGuXbLkC6
YVpZ9idZR9UFy5zlTGHtJaVLAzog97ZOUfGtnmT41BQygxr6e3SWTBtka0HjsBZN
HOSRoiAz12NgR4SMc3Wz7PHk3how7erwDp0hFBGAnoGwXKVxk5XGZVwbdRjuCBgK
rew0YAn5Sw4u7oh4MLidvntKmDde
-----END CERTIFICATE-----
Generated at Tue Apr 29 07:20:44 2025 by rpki-client