Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A952E42EDCD711EFABCDA463762E951A.roa
File: A952E42EDCD711EFABCDA463762E951A.roa (raw, json)
Hash identifier: lfa/W4Jtk0Zqxh0hjBEQP4kuaO3jrkB7F8/Kq8fO1E0=
Subject key identifier: 3C:21:65:FC:F9:AD:35:DF:EB:22:04:37:A7:A9:DD:9D:24:3E:CE:EF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01156D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A952E42EDCD711EFABCDA463762E951A.roa
Signing time: Mon 27 Jan 2025 17:53:49 +0000
ROA not before: Mon 27 Jan 2025 17:53:45 +0000
ROA not after: Sun 16 Feb 2025 17:53:45 +0000
asID: 135097
IP address blocks: 156.226.64.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71021 (0x1156d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 27 17:53:45 2025 GMT
Not After : Feb 16 17:53:45 2025 GMT
Subject: CN=6797c82d-d2fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:70:46:0d:ab:0b:aa:6b:63:a5:d8:0f:df:b0:
88:8a:fb:c2:e2:20:de:81:89:23:d7:a9:5a:28:58:
66:86:55:bc:23:f3:10:ce:a8:78:37:bf:54:cd:39:
79:13:f3:e4:e6:de:1f:bc:be:b4:b4:09:30:a9:8c:
c6:88:70:44:39:5a:01:04:7e:d7:cb:a0:09:55:f5:
70:5e:7e:68:42:98:c3:13:d5:e6:7d:61:25:78:61:
bc:18:a4:38:0b:5d:bf:bb:65:98:f4:fe:aa:8a:66:
5c:6b:e1:9b:df:4d:54:5f:6e:d3:f7:00:8f:2c:24:
c3:d9:49:17:97:bd:f3:0d:b2:85:a5:1f:73:85:35:
80:b6:ab:37:d2:5d:26:59:44:2e:e8:a2:98:75:ad:
ba:06:78:7d:29:74:23:eb:2b:d7:5d:3c:fb:17:0b:
32:15:e1:9f:b0:1b:b8:d9:18:5f:81:68:03:71:8f:
f0:a0:80:4f:39:8d:16:e6:ac:48:f0:dc:45:28:be:
26:d2:75:9b:17:0f:4c:69:6a:e5:3f:df:a5:ee:85:
23:5e:c3:b8:c9:fa:c6:e4:e4:f3:cf:22:a4:07:2d:
b6:a9:59:6b:05:15:76:03:46:ad:d5:ad:0c:7a:26:
6d:44:5b:e9:17:0d:c1:50:76:e4:e1:f8:5c:b1:db:
61:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:21:65:FC:F9:AD:35:DF:EB:22:04:37:A7:A9:DD:9D:24:3E:CE:EF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A952E42EDCD711EFABCDA463762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.64.0/18
Signature Algorithm: sha256WithRSAEncryption
0a:89:70:08:51:c2:d5:a8:ab:d5:3a:28:cc:a3:2f:d0:8b:54:
66:cd:2e:3c:c2:fb:d3:b9:75:b3:d6:bf:51:67:c8:ea:17:66:
bf:6f:3f:7f:a9:7b:18:75:59:58:e9:02:48:7e:62:88:ae:8d:
56:d7:fd:bf:71:c5:7b:9c:5c:91:a8:6e:df:fc:55:9d:23:bd:
9b:20:67:99:b4:69:69:a7:40:40:02:4b:7a:ec:29:a2:85:5f:
54:e6:3c:a7:36:c0:b9:c7:36:07:8a:1a:9c:e6:12:03:4b:9b:
83:6e:2e:1f:fc:4e:dd:a7:7f:4d:24:3a:91:4b:65:41:be:44:
4a:1e:b7:34:4b:b2:e0:d5:8e:a8:38:31:42:f0:15:4c:c2:2d:
01:26:55:77:1a:92:5f:2c:b3:0e:d4:f9:7b:8a:07:69:18:27:
5d:be:19:bf:54:22:09:52:45:35:64:d4:a8:c8:32:71:64:78:
0a:7a:f7:e6:77:c0:9a:dc:5e:de:30:84:03:45:db:8f:af:d6:
16:f1:54:71:5d:7f:f0:e4:1b:52:8e:43:4e:12:ac:e2:41:c0:
52:11:0d:48:b9:ef:a8:79:bc:b9:71:87:51:fa:bd:fe:06:cb:
14:b5:31:09:65:58:0f:88:ea:a7:cb:cd:bf:d4:2e:c4:4e:ce:
95:0c:59:85
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDARVtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTI3MTc1MzQ1WhcNMjUwMjE2MTc1MzQ1WjAYMRYw
FAYDVQQDEw02Nzk3YzgyZC1kMmZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvHBGDasLqmtjpdgP37CIivvC4iDegYkj16laKFhmhlW8I/MQzqh4N79U
zTl5E/Pk5t4fvL60tAkwqYzGiHBEOVoBBH7Xy6AJVfVwXn5oQpjDE9XmfWEleGG8
GKQ4C12/u2WY9P6qimZca+Gb301UX27T9wCPLCTD2UkXl73zDbKFpR9zhTWAtqs3
0l0mWUQu6KKYda26Bnh9KXQj6yvXXTz7FwsyFeGfsBu42RhfgWgDcY/woIBPOY0W
5qxI8NxFKL4m0nWbFw9MaWrlP9+l7oUjXsO4yfrG5OTzzyKkBy22qVlrBRV2A0at
1a0MeiZtRFvpFw3BUHbk4fhcsdthpwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDwh
Zfz5rTXf6yIEN6ep3Z0kPs7vMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BOTUyRTQyRURDRDcxMUVGQUJDREE0NjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGnOJAMA0GCSqGSIb3DQEBCwUA
A4IBAQAKiXAIUcLVqKvVOijMoy/Qi1RmzS48wvvTuXWz1r9RZ8jqF2a/bz9/qXsY
dVlY6QJIfmKIro1W1/2/ccV7nFyRqG7f/FWdI72bIGeZtGlpp0BAAkt67CmihV9U
5jynNsC5xzYHihqc5hIDS5uDbi4f/E7dp39NJDqRS2VBvkRKHrc0S7Lg1Y6oODFC
8BVMwi0BJlV3GpJfLLMO1Pl7igdpGCddvhm/VCIJUkU1ZNSoyDJxZHgKevfmd8Ca
3F7eMIQDRduPr9YW8VRxXX/w5BtSjkNOEqziQcBSEQ1Iue+oeby5cYdR+r3+BssU
tTEJZVgPiOqny82/1C7ETs6VDFmF
-----END CERTIFICATE-----
Generated at Tue Apr 29 03:20:26 2025 by rpki-client