Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EA47244DBDF11EFA3814D60762E951A.roa
File: 8EA47244DBDF11EFA3814D60762E951A.roa (raw, json)
Hash identifier: m2iAY0Jwhm469TOsEFh0YH9Kpy+vKMPQX1tV0Z9/eZI=
Subject key identifier: F8:DF:27:B5:0C:FE:B9:71:5B:9B:D2:8B:1A:86:8E:01:5C:1C:78:9E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 011374
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EA47244DBDF11EFA3814D60762E951A.roa
Signing time: Sun 26 Jan 2025 12:17:49 +0000
ROA not before: Sun 26 Jan 2025 12:17:45 +0000
ROA not after: Tue 04 Mar 2025 12:17:45 +0000
asID: 203020
IP address blocks: 156.253.216.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70516 (0x11374)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 26 12:17:45 2025 GMT
Not After : Mar 4 12:17:45 2025 GMT
Subject: CN=679627ed-c44c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8e:79:b8:2d:9c:bd:45:dc:a5:ac:6c:eb:d7:
06:2b:a7:85:18:54:7f:77:25:ef:74:bd:2c:56:59:
6b:37:f1:df:cc:42:b5:85:84:7f:2f:39:a2:9e:08:
86:93:87:54:7f:b4:3a:04:cc:4d:c8:93:41:23:2f:
4a:b0:9e:7f:a8:cf:1e:93:14:f7:7a:3b:ac:19:fe:
24:9c:da:c6:b5:d2:48:b5:a6:23:c0:79:47:39:4f:
08:6b:19:b3:8e:22:1b:a3:f1:a3:c1:ea:96:57:c6:
61:01:73:37:a1:25:0c:67:53:10:56:23:6b:73:d8:
a8:a7:d5:bf:9c:e9:5e:8b:72:7e:75:4d:ca:c9:49:
70:9c:05:26:d4:8a:67:de:40:27:28:3b:5c:28:a0:
8a:67:30:94:39:89:ba:e0:30:a4:4d:20:a6:6e:45:
17:dd:99:1e:fc:7b:34:5f:0a:9d:ea:0a:b5:a2:d5:
4d:d8:ba:d2:30:6d:27:a6:1d:97:b9:6c:d5:30:94:
74:d0:5b:df:fd:cf:be:9f:dc:b5:0c:d8:58:7c:34:
3c:e2:33:3d:bd:98:a6:4c:33:e2:9d:6f:26:19:32:
ab:59:2e:ba:f1:75:77:fe:b7:c1:e0:4b:07:dd:75:
fd:ca:82:ad:db:94:2a:37:d6:cd:c1:79:40:4c:b9:
19:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:DF:27:B5:0C:FE:B9:71:5B:9B:D2:8B:1A:86:8E:01:5C:1C:78:9E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EA47244DBDF11EFA3814D60762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.216.0/23
Signature Algorithm: sha256WithRSAEncryption
98:45:db:dd:f6:ea:60:9b:22:c1:9f:7a:35:2e:aa:74:1b:af:
97:10:04:7c:4d:b3:81:2e:73:49:53:69:31:78:62:80:d0:c6:
33:e8:f2:f2:ae:13:cf:1f:d2:fa:16:82:46:86:cf:38:c6:68:
a4:59:f6:61:57:71:fb:e6:24:9f:18:70:2d:6e:19:8e:6f:1b:
23:0e:c9:95:48:f0:9f:9b:ea:21:50:61:63:b1:71:b2:94:0b:
a2:90:da:91:8b:a8:dd:94:61:9b:80:0a:ba:f3:09:4d:da:14:
2d:45:20:3d:75:ea:ce:a3:2b:c2:32:cf:2b:09:6c:84:cd:18:
c0:b3:2c:d1:f5:ea:70:8b:e7:6f:51:f0:66:17:a7:51:aa:09:
c3:98:9f:c9:0e:f5:5c:64:8e:9b:f3:b2:0b:b3:f3:89:7b:f7:
0f:66:bb:25:6b:18:09:86:1d:8a:aa:c3:73:60:8f:89:7f:2e:
24:84:bd:ac:7d:17:9e:64:6c:e2:98:a4:70:c4:7b:a0:6b:eb:
cf:09:29:b0:c2:64:a2:e5:62:fa:d9:f6:fe:51:78:aa:c8:b9:
8e:58:06:c7:7b:d8:9b:de:54:ad:75:c8:6c:cd:f9:16:97:7b:
d5:2a:7f:ff:e7:22:57:03:4f:85:2a:33:92:7f:d9:69:ee:17:
67:51:0a:4f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDARN0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTI2MTIxNzQ1WhcNMjUwMzA0MTIxNzQ1WjAYMRYw
FAYDVQQDEw02Nzk2MjdlZC1jNDRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuo55uC2cvUXcpaxs69cGK6eFGFR/dyXvdL0sVllrN/HfzEK1hYR/Lzmi
ngiGk4dUf7Q6BMxNyJNBIy9KsJ5/qM8ekxT3ejusGf4knNrGtdJItaYjwHlHOU8I
axmzjiIbo/GjweqWV8ZhAXM3oSUMZ1MQViNrc9iop9W/nOlei3J+dU3KyUlwnAUm
1Ipn3kAnKDtcKKCKZzCUOYm64DCkTSCmbkUX3Zke/Hs0Xwqd6gq1otVN2LrSMG0n
ph2XuWzVMJR00Fvf/c++n9y1DNhYfDQ84jM9vZimTDPinW8mGTKrWS668XV3/rfB
4EsH3XX9yoKt25QqN9bNwXlATLkZZwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPjf
J7UM/rlxW5vSixqGjgFcHHieMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RUE0NzI0NERCREYxMUVGQTM4MTRENjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnP3YMA0GCSqGSIb3DQEBCwUA
A4IBAQCYRdvd9upgmyLBn3o1Lqp0G6+XEAR8TbOBLnNJU2kxeGKA0MYz6PLyrhPP
H9L6FoJGhs84xmikWfZhV3H75iSfGHAtbhmObxsjDsmVSPCfm+ohUGFjsXGylAui
kNqRi6jdlGGbgAq68wlN2hQtRSA9derOoyvCMs8rCWyEzRjAsyzR9epwi+dvUfBm
F6dRqgnDmJ/JDvVcZI6b87ILs/OJe/cPZrslaxgJhh2KqsNzYI+Jfy4khL2sfRee
ZGzimKRwxHuga+vPCSmwwmSi5WL62fb+UXiqyLmOWAbHe9ib3lStdchszfkWl3vV
Kn//5yJXA0+FKjOSf9lp7hdnUQpP
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:47:34 2025 by rpki-client