Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/66DC49C4C32211EFA6124363762E951A.roa
File: 66DC49C4C32211EFA6124363762E951A.roa (raw, json)
Hash identifier: YtdXRrIdr1SHcEm8kRe1mYVh22gBhRYOdPsTHvu5t7o=
Subject key identifier: 82:9B:02:0D:57:C2:25:3A:2F:58:52:E6:DD:6E:A3:72:3C:A6:54:F9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA31
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/66DC49C4C32211EFA6124363762E951A.roa
Signing time: Thu 26 Dec 2024 00:43:19 +0000
ROA not before: Thu 26 Dec 2024 00:00:16 +0000
ROA not after: Wed 10 Dec 2025 00:00:16 +0000
asID: 984
IP address blocks: 156.228.233.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59953 (0xea31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Dec 26 00:00:16 2024 GMT
Not After : Dec 10 00:00:16 2025 GMT
Subject: CN=676ca6a7-dd9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:43:da:9b:b0:17:8e:64:f2:a0:2e:c2:70:67:
dc:0f:b8:a8:64:75:2a:48:c3:e8:83:6d:52:e4:52:
85:3c:a0:ee:4f:c7:7a:b5:81:b0:ef:b4:3d:a6:fd:
a5:64:fb:11:8e:4f:93:72:c8:96:9b:61:32:08:75:
22:ae:e2:5e:9b:80:d6:f7:a3:6e:da:19:90:fc:f8:
81:5c:92:22:1c:83:2d:97:a3:a6:c6:53:53:9c:e4:
8c:0a:75:ce:64:97:da:43:6c:fe:e3:0d:8d:de:5d:
89:93:96:4d:c6:dc:7f:8b:83:77:17:7c:f6:c7:53:
4d:4a:bf:a5:23:d9:43:05:16:d5:81:6d:2b:12:00:
97:59:97:68:79:ac:b9:3f:9c:32:f0:f0:33:1e:83:
98:4c:21:1b:1b:d8:8e:cb:51:d9:0b:9d:1e:eb:42:
05:b5:05:d0:6e:d1:5d:8d:c0:42:ef:4c:ed:4d:f0:
ae:11:8f:75:fa:69:08:a1:dc:d3:d3:f4:3d:94:8a:
09:ae:83:5c:05:8c:50:82:6d:99:37:bf:19:d6:c4:
09:dc:b4:bc:d9:ef:8b:73:6f:95:85:6e:8e:af:4c:
69:ed:78:d0:5a:20:52:a5:9f:ec:0f:9d:d3:35:90:
6e:c6:12:7d:70:ff:f7:ca:ef:de:d1:a2:b3:66:3a:
90:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:9B:02:0D:57:C2:25:3A:2F:58:52:E6:DD:6E:A3:72:3C:A6:54:F9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/66DC49C4C32211EFA6124363762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.233.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:45:38:5f:61:ed:45:e3:d2:50:6f:bb:b7:73:7f:37:57:33:
77:11:a7:5c:5e:4e:1c:45:42:83:2b:e8:17:67:04:bb:74:79:
25:e1:76:3b:dc:a3:5e:56:6a:c9:fb:94:44:86:6c:ae:ed:b5:
01:51:9d:c9:3d:97:0d:ff:20:1d:9f:d3:6e:ba:c1:fd:7a:65:
ba:b6:9e:92:bb:f7:43:7a:77:b8:27:4c:e9:9d:f3:85:14:f2:
53:64:97:33:ae:e9:f0:c8:31:81:f4:d7:41:25:9b:ad:c9:7c:
af:e9:3c:6e:1d:75:ab:f0:60:26:81:84:6b:eb:78:2e:4f:48:
ad:36:d6:68:6b:1f:21:66:38:f1:7e:6e:b8:2c:01:58:cb:99:
60:62:4f:2d:ac:e2:e1:67:35:c3:ba:28:85:66:ff:2a:0a:f7:
74:2b:b6:95:82:4c:c6:c4:a7:cf:bf:15:2d:a1:07:38:27:cf:
ed:5d:f8:30:8d:9d:b6:ce:c7:b8:ce:5c:d8:fa:d7:3e:5c:ae:
eb:04:d8:5c:c1:a8:48:ff:f2:9e:30:79:9f:46:42:0c:95:76:
3c:cd:75:52:4e:31:11:5a:99:bf:a7:41:ca:da:9e:ef:70:68:
71:8a:c3:a2:6e:c2:d3:6f:3c:2c:6e:55:a0:84:e9:f4:29:ff:
ae:fd:1e:c1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOoxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDAwMDE2WhcNMjUxMjEwMDAwMDE2WjAYMRYw
FAYDVQQDEw02NzZjYTZhNy1kZDlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA20Pam7AXjmTyoC7CcGfcD7ioZHUqSMPog21S5FKFPKDuT8d6tYGw77Q9
pv2lZPsRjk+TcsiWm2EyCHUiruJem4DW96Nu2hmQ/PiBXJIiHIMtl6OmxlNTnOSM
CnXOZJfaQ2z+4w2N3l2Jk5ZNxtx/i4N3F3z2x1NNSr+lI9lDBRbVgW0rEgCXWZdo
eay5P5wy8PAzHoOYTCEbG9iOy1HZC50e60IFtQXQbtFdjcBC70ztTfCuEY91+mkI
odzT0/Q9lIoJroNcBYxQgm2ZN78Z1sQJ3LS82e+Lc2+VhW6Or0xp7XjQWiBSpZ/s
D53TNZBuxhJ9cP/3yu/e0aKzZjqQrQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIKb
Ag1XwiU6L1hS5t1uo3I8plT5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NkRDNDlDNEMzMjIxMUVGQTYxMjQzNjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOTpMA0GCSqGSIb3DQEBCwUA
A4IBAQB6RThfYe1F49JQb7u3c383VzN3EadcXk4cRUKDK+gXZwS7dHkl4XY73KNe
VmrJ+5REhmyu7bUBUZ3JPZcN/yAdn9NuusH9emW6tp6Su/dDene4J0zpnfOFFPJT
ZJczrunwyDGB9NdBJZutyXyv6TxuHXWr8GAmgYRr63guT0itNtZoax8hZjjxfm64
LAFYy5lgYk8trOLhZzXDuiiFZv8qCvd0K7aVgkzGxKfPvxUtoQc4J8/tXfgwjZ22
zse4zlzY+tc+XK7rBNhcwahI//KeMHmfRkIMlXY8zXVSTjERWpm/p0HK2p7vcGhx
isOibsLTbzwsblWghOn0Kf+u/R7B
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:36:38 2025 by rpki-client