Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/64D89E9CDFF211EF91A2EF56762E951A.roa
File: 64D89E9CDFF211EF91A2EF56762E951A.roa (raw, json)
Hash identifier: ohnZBfeCznKcOPnaosb8WNuXwdyvdd+EaUHsjnqpFV0=
Subject key identifier: B9:92:24:2D:9B:A0:B7:26:34:5A:7B:C0:35:4D:09:33:23:EF:61:9D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 011677
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/64D89E9CDFF211EF91A2EF56762E951A.roa
Signing time: Fri 31 Jan 2025 16:42:44 +0000
ROA not before: Fri 31 Jan 2025 16:42:40 +0000
ROA not after: Tue 25 Feb 2025 16:42:40 +0000
asID: 398704
IP address blocks: 156.245.244.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71287 (0x11677)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 31 16:42:40 2025 GMT
Not After : Feb 25 16:42:40 2025 GMT
Subject: CN=679cfd84-7c60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ee:6e:da:5c:ec:65:fa:ae:ce:e5:a1:d5:fd:
bc:84:56:e0:21:d8:cf:75:3b:64:51:fe:eb:ea:d0:
a4:8f:68:c6:13:fd:56:c7:35:d1:f4:cf:e7:b2:ce:
ce:50:6f:8e:9c:bc:fa:47:a1:c2:a4:53:c4:ea:47:
ac:c1:86:55:b7:05:7b:49:54:31:db:c2:25:86:f3:
1d:a5:80:81:e3:3a:63:f4:6c:28:97:e7:7f:5a:43:
df:5f:db:d7:e2:ca:7a:e4:57:99:54:8d:22:a7:35:
2f:f6:75:45:95:b7:6b:d7:81:24:44:2e:dd:f6:08:
e6:70:87:e4:08:71:57:5e:f6:3b:c8:e9:cb:4a:7f:
7b:f7:cd:5c:53:9a:86:c8:83:d0:3b:9d:86:f7:e6:
0c:88:e6:c2:67:a0:e0:a1:0f:0f:aa:93:73:4a:25:
f5:8f:b3:f0:a3:43:a8:b3:09:c8:d1:9e:f9:8e:08:
4c:de:f8:5c:30:ae:74:07:f3:55:0b:72:00:8e:df:
56:67:cd:68:7b:b2:ec:57:f8:57:64:95:ad:a9:72:
21:60:55:4b:07:6a:4a:25:c3:be:ef:01:5f:3f:44:
a3:14:16:64:5f:b5:9e:3d:60:88:74:85:90:0f:6b:
2e:ba:d0:09:b1:c6:20:e1:2e:e5:f8:b5:0f:be:96:
cd:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:92:24:2D:9B:A0:B7:26:34:5A:7B:C0:35:4D:09:33:23:EF:61:9D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/64D89E9CDFF211EF91A2EF56762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.244.0/22
Signature Algorithm: sha256WithRSAEncryption
86:7e:d7:ac:c5:6f:40:72:ac:27:62:47:3a:08:69:b7:cd:3f:
83:0a:02:07:46:c9:c0:3d:b5:5e:3a:03:31:97:08:63:e0:c4:
70:78:b1:d1:51:a2:eb:e4:b0:88:f3:e7:9b:5b:fd:de:60:ee:
1a:30:51:07:94:d3:4b:32:ad:5d:b9:00:ea:aa:d6:c7:5c:a3:
3c:a6:d1:2c:08:42:d9:f8:79:df:4a:04:75:50:f0:03:bd:2a:
a8:70:da:8c:ea:49:c2:2e:fe:6e:3b:45:3b:80:e4:a5:4a:25:
c5:d3:36:87:44:07:8e:e2:51:80:cd:0f:d6:f7:4c:2a:fe:47:
2f:45:45:c4:1f:66:0b:5d:a4:43:4a:83:22:a4:72:9b:4f:18:
c8:e7:54:b1:c3:4d:a9:db:38:7b:ec:6c:77:bf:9e:dc:4c:65:
95:00:21:04:25:8b:15:cb:b8:85:52:8e:96:d3:ab:33:d6:69:
23:e4:0e:bc:73:20:44:99:8c:6f:9f:b8:d8:64:45:cf:0f:1a:
10:ff:f1:8e:e1:9b:3c:4e:e2:4c:92:d5:29:0a:55:e4:88:2c:
c9:54:80:37:b5:d9:4e:3a:97:e3:7b:ce:6e:1f:b2:b3:19:d3:
91:19:76:55:4d:2f:81:90:ba:f0:58:0b:5a:29:01:7f:bd:0f:
42:64:af:c2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDARZ3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTMxMTY0MjQwWhcNMjUwMjI1MTY0MjQwWjAYMRYw
FAYDVQQDEw02NzljZmQ4NC03YzYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAve5u2lzsZfquzuWh1f28hFbgIdjPdTtkUf7r6tCkj2jGE/1WxzXR9M/n
ss7OUG+OnLz6R6HCpFPE6keswYZVtwV7SVQx28IlhvMdpYCB4zpj9Gwol+d/WkPf
X9vX4sp65FeZVI0ipzUv9nVFlbdr14EkRC7d9gjmcIfkCHFXXvY7yOnLSn97981c
U5qGyIPQO52G9+YMiObCZ6DgoQ8PqpNzSiX1j7Pwo0OoswnI0Z75jghM3vhcMK50
B/NVC3IAjt9WZ81oe7LsV/hXZJWtqXIhYFVLB2pKJcO+7wFfP0SjFBZkX7WePWCI
dIWQD2suutAJscYg4S7l+LUPvpbNFwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLmS
JC2boLcmNFp7wDVNCTMj72GdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NEQ4OUU5Q0RGRjIxMUVGOTFBMkVGNTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPX0MA0GCSqGSIb3DQEBCwUA
A4IBAQCGftesxW9AcqwnYkc6CGm3zT+DCgIHRsnAPbVeOgMxlwhj4MRweLHRUaLr
5LCI8+ebW/3eYO4aMFEHlNNLMq1duQDqqtbHXKM8ptEsCELZ+HnfSgR1UPADvSqo
cNqM6knCLv5uO0U7gOSlSiXF0zaHRAeO4lGAzQ/W90wq/kcvRUXEH2YLXaRDSoMi
pHKbTxjI51Sxw02p2zh77Gx3v57cTGWVACEEJYsVy7iFUo6W06sz1mkj5A68cyBE
mYxvn7jYZEXPDxoQ//GO4Zs8TuJMktUpClXkiCzJVIA3tdlOOpfje85uH7KzGdOR
GXZVTS+BkLrwWAtaKQF/vQ9CZK/C
-----END CERTIFICATE-----
Generated at Sat Apr 26 03:29:03 2025 by rpki-client