Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5AFC880ADC0211EF991B1147762E951A.roa
File: 5AFC880ADC0211EF991B1147762E951A.roa (raw, json)
Hash identifier: b0WzdHQWxqTweQZtgXAypsU0tqREmY5M5olAZdCzTsY=
Subject key identifier: 69:1A:C0:FF:C2:13:C6:56:3B:65:2E:7E:AF:D7:2B:DE:F2:ED:DE:0A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0113FC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5AFC880ADC0211EF991B1147762E951A.roa
Signing time: Sun 26 Jan 2025 16:26:55 +0000
ROA not before: Sun 26 Jan 2025 16:26:51 +0000
ROA not after: Sun 23 Mar 2025 16:26:51 +0000
asID: 63139
IP address blocks: 156.225.114.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70652 (0x113fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 26 16:26:51 2025 GMT
Not After : Mar 23 16:26:51 2025 GMT
Subject: CN=6796624f-6fef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5a:d7:6f:47:15:4a:22:54:62:dd:37:44:76:
7b:89:4d:18:82:03:1c:6f:16:f2:1f:2a:46:2a:9c:
05:79:79:80:9e:3f:08:67:65:d2:a3:c1:ff:bf:18:
ab:40:f3:f4:d2:2a:f0:2f:d4:bc:31:43:74:44:91:
ee:51:ea:8d:18:e2:a1:dd:e9:35:92:eb:ae:62:b6:
9c:22:f6:dd:97:48:6c:2d:e1:43:6d:cf:01:fa:aa:
a7:9f:4e:1a:3e:35:12:6a:80:4d:e7:8e:16:e4:eb:
05:fd:94:e7:ed:31:77:0c:7d:20:40:71:b4:5d:5c:
65:67:58:7e:81:ea:96:2f:8c:ce:a3:fe:b3:d5:c9:
4c:d9:0e:ad:f2:58:0e:99:10:25:dc:ed:a7:bf:02:
21:d3:96:49:e5:8e:04:6a:11:be:e3:ea:1e:d9:46:
82:b5:cd:4b:34:6a:74:38:28:06:9d:fa:5b:79:3f:
e6:3b:c7:c7:d7:96:5c:bf:eb:c2:16:44:26:3e:2b:
40:4e:31:1f:bc:28:bd:83:38:eb:fe:d4:6d:46:f2:
34:69:d7:e3:03:d8:c4:7e:25:60:b5:9e:f9:af:37:
b6:a7:f8:33:bb:49:db:b1:3a:0a:cd:c9:27:3e:70:
e3:5f:7d:ba:1f:3b:ba:37:86:92:cc:16:3d:ad:0a:
6b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:1A:C0:FF:C2:13:C6:56:3B:65:2E:7E:AF:D7:2B:DE:F2:ED:DE:0A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5AFC880ADC0211EF991B1147762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.114.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:c1:31:81:2c:69:f3:56:07:6d:d3:1d:95:19:9c:f3:31:fd:
c3:e4:62:d9:a1:44:c4:41:af:11:62:60:5d:cd:5f:64:bc:4a:
05:03:3c:43:8d:5f:6e:d7:fd:61:af:38:53:cc:30:45:cf:e9:
3b:ad:d9:1e:38:40:48:a9:2c:cf:49:94:f1:9a:9b:65:67:2d:
16:87:82:95:4f:81:8d:0b:09:f2:69:3c:75:45:ce:33:71:8c:
5c:49:f1:34:9c:26:3e:10:22:ed:a9:7d:2d:d9:01:24:fb:85:
b2:9d:f1:1a:0b:7e:7a:aa:20:32:02:99:f3:9d:cd:43:91:c4:
a1:08:43:57:35:d8:85:57:fd:12:ba:d2:56:b4:58:04:dd:d8:
ca:d1:2a:eb:ce:f4:4a:e8:20:d9:ac:82:a7:d3:94:13:fa:08:
4f:34:17:da:16:5a:b3:2f:e9:b9:de:ed:d3:53:ba:6a:46:07:
00:f3:73:d8:3a:86:fa:0d:ed:60:7e:84:1a:fb:49:41:19:51:
3e:3a:b7:56:9f:31:89:c4:0a:0f:21:2d:e8:0b:df:8c:a7:52:
ad:22:b3:2d:fb:d9:3e:47:62:f3:45:4d:75:32:7c:89:0b:e4:
cd:94:15:7a:46:b6:5f:d6:91:7a:32:30:36:00:53:ae:d7:c1:
f1:55:2e:5a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDARP8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTI2MTYyNjUxWhcNMjUwMzIzMTYyNjUxWjAYMRYw
FAYDVQQDEw02Nzk2NjI0Zi02ZmVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs1rXb0cVSiJUYt03RHZ7iU0YggMcbxbyHypGKpwFeXmAnj8IZ2XSo8H/
vxirQPP00irwL9S8MUN0RJHuUeqNGOKh3ek1kuuuYracIvbdl0hsLeFDbc8B+qqn
n04aPjUSaoBN544W5OsF/ZTn7TF3DH0gQHG0XVxlZ1h+geqWL4zOo/6z1clM2Q6t
8lgOmRAl3O2nvwIh05ZJ5Y4EahG+4+oe2UaCtc1LNGp0OCgGnfpbeT/mO8fH15Zc
v+vCFkQmPitATjEfvCi9gzjr/tRtRvI0adfjA9jEfiVgtZ75rze2p/gzu0nbsToK
zcknPnDjX326Hzu6N4aSzBY9rQprkQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGka
wP/CE8ZWO2Uufq/XK97y7d4KMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QUZDODgwQURDMDIxMUVGOTkxQjExNDc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOFyMA0GCSqGSIb3DQEBCwUA
A4IBAQBvwTGBLGnzVgdt0x2VGZzzMf3D5GLZoUTEQa8RYmBdzV9kvEoFAzxDjV9u
1/1hrzhTzDBFz+k7rdkeOEBIqSzPSZTxmptlZy0Wh4KVT4GNCwnyaTx1Rc4zcYxc
SfE0nCY+ECLtqX0t2QEk+4WynfEaC356qiAyApnznc1DkcShCENXNdiFV/0SutJW
tFgE3djK0SrrzvRK6CDZrIKn05QT+ghPNBfaFlqzL+m53u3TU7pqRgcA83PYOob6
De1gfoQa+0lBGVE+OrdWnzGJxAoPIS3oC9+Mp1KtIrMt+9k+R2LzRU11MnyJC+TN
lBV6RrZf1pF6MjA2AFOu18HxVS5a
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:33:40 2025 by rpki-client