Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6678CD32DC8A11EF9C578660762E951A.roa
File: 6678CD32DC8A11EF9C578660762E951A.roa (raw, json)
Hash identifier: jAATFxeR3nQfe3Z6qmIJ/oqfrkw/TnIcRlhl7DJ7g/o=
Subject key identifier: 2C:A2:C3:43:EE:16:3F:D4:E1:E1:6F:20:4C:11:A3:C1:11:6D:85:BE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0114B3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6678CD32DC8A11EF9C578660762E951A.roa
Signing time: Mon 27 Jan 2025 08:40:45 +0000
ROA not before: Mon 27 Jan 2025 08:40:42 +0000
ROA not after: Sat 08 Feb 2025 08:40:42 +0000
asID: 5065
IP address blocks: 156.246.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70835 (0x114b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 27 08:40:42 2025 GMT
Not After : Feb 8 08:40:42 2025 GMT
Subject: CN=6797468d-01d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a3:12:b9:31:53:59:04:ff:57:7d:cf:f5:14:
9a:b1:40:ca:5a:52:7d:49:b9:6c:c9:34:23:02:aa:
60:10:27:1d:9c:59:85:bc:eb:49:4e:90:e9:50:78:
6f:82:f4:ef:a0:72:be:ce:75:f9:ab:4e:a6:4e:c3:
e3:3c:76:a0:dc:21:d7:19:bf:be:7a:c4:35:a1:01:
af:95:a0:d6:f5:48:d1:1d:b9:40:d5:9e:5c:4e:20:
67:c0:25:91:71:01:91:d7:50:e3:c9:a0:38:bb:b1:
d6:19:d1:54:67:3c:21:3a:57:c0:28:10:21:31:7d:
f3:4f:7e:bb:42:5c:ab:6d:f2:65:40:fe:1b:f9:76:
71:d0:92:67:4d:1c:67:bb:61:63:b2:f4:8a:f5:9f:
39:5c:3f:9a:a2:27:4b:80:c7:95:fd:c3:ca:d7:38:
14:eb:4a:78:05:e9:f1:0a:ba:54:1b:79:87:63:3d:
22:ca:a6:86:d6:78:4e:94:09:e6:56:f0:d6:c1:af:
32:5c:02:fb:4b:39:3a:67:cf:3c:70:b9:55:86:8d:
3b:c6:68:ab:af:ec:1c:c6:89:7f:11:33:99:80:85:
b4:82:c6:6d:3e:21:64:39:4c:99:ca:63:74:26:32:
f1:65:81:da:47:fe:60:4c:6d:1b:52:79:b5:e8:97:
15:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:A2:C3:43:EE:16:3F:D4:E1:E1:6F:20:4C:11:A3:C1:11:6D:85:BE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6678CD32DC8A11EF9C578660762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.99.0/24
Signature Algorithm: sha256WithRSAEncryption
81:f2:57:3f:3c:d7:a4:87:8e:da:3f:02:08:0a:db:07:f2:6a:
59:46:6f:b8:e0:9a:ab:1a:1d:82:49:3c:32:b9:e8:70:c9:cd:
e1:77:05:03:86:30:c3:7d:50:9c:cc:f0:8a:a8:a7:dc:6e:46:
f5:50:5a:a3:28:14:a9:a1:0a:fb:64:09:bc:57:15:9e:e6:f9:
55:88:ff:6b:ef:32:a1:39:ce:db:62:f8:53:14:6d:9a:a1:1c:
45:fa:21:0b:a6:cd:2c:44:16:4c:5a:3a:de:52:b1:f4:d7:80:
75:28:46:aa:5c:5c:62:60:6b:49:9f:49:e8:ee:ce:77:a1:4f:
de:41:3c:5a:80:20:52:02:0d:de:1a:32:ab:ec:f4:56:d2:53:
f1:f3:ae:0d:64:82:29:a6:5e:93:01:43:f0:84:87:6d:0a:a9:
36:77:93:0f:11:1f:66:f3:b8:9f:05:19:20:8b:80:4f:a9:94:
f9:aa:a6:e6:c5:17:d1:41:f8:90:42:51:72:e7:5f:4d:aa:d1:
9a:ba:b4:88:bd:f0:b0:ac:5d:5d:ff:88:a1:b4:6e:22:7c:c7:
ba:3b:6e:84:11:6b:0e:24:0d:5a:c9:14:7a:18:21:61:43:98:
a2:d8:1f:a6:cf:d7:b8:a4:97:44:03:ab:9a:11:1b:2a:f4:2e:
96:1d:12:4f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDARSzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTI3MDg0MDQyWhcNMjUwMjA4MDg0MDQyWjAYMRYw
FAYDVQQDEw02Nzk3NDY4ZC0wMWQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs6MSuTFTWQT/V33P9RSasUDKWlJ9SblsyTQjAqpgECcdnFmFvOtJTpDp
UHhvgvTvoHK+znX5q06mTsPjPHag3CHXGb++esQ1oQGvlaDW9UjRHblA1Z5cTiBn
wCWRcQGR11DjyaA4u7HWGdFUZzwhOlfAKBAhMX3zT367QlyrbfJlQP4b+XZx0JJn
TRxnu2FjsvSK9Z85XD+aoidLgMeV/cPK1zgU60p4BenxCrpUG3mHYz0iyqaG1nhO
lAnmVvDWwa8yXAL7Szk6Z888cLlVho07xmirr+wcxol/ETOZgIW0gsZtPiFkOUyZ
ymN0JjLxZYHaR/5gTG0bUnm16JcVvwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCyi
w0PuFj/U4eFvIEwRo8ERbYW+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82Njc4Q0QzMkRDOEExMUVGOUM1Nzg2NjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPZjMA0GCSqGSIb3DQEBCwUA
A4IBAQCB8lc/PNekh47aPwIICtsH8mpZRm+44JqrGh2CSTwyuehwyc3hdwUDhjDD
fVCczPCKqKfcbkb1UFqjKBSpoQr7ZAm8VxWe5vlViP9r7zKhOc7bYvhTFG2aoRxF
+iELps0sRBZMWjreUrH014B1KEaqXFxiYGtJn0no7s53oU/eQTxagCBSAg3eGjKr
7PRW0lPx864NZIIppl6TAUPwhIdtCqk2d5MPER9m87ifBRkgi4BPqZT5qqbmxRfR
QfiQQlFy519NqtGaurSIvfCwrF1d/4ihtG4ifMe6O26EEWsOJA1ayRR6GCFhQ5ii
2B+mz9e4pJdEA6uaERsq9C6WHRJP
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:16:07 2025 by rpki-client