Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA4AFD88DC0211EFAD246049762E951A.roa
File: AA4AFD88DC0211EFAD246049762E951A.roa (raw, json)
Hash identifier: rUzkuvyJDmsRMK2D+ljHdQfg6B8iR8YquMqcDAtgcq0=
Subject key identifier: E9:34:1A:2F:48:57:0F:38:11:78:AB:98:A7:1B:3E:FC:77:C7:3C:4D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0113FE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA4AFD88DC0211EFAD246049762E951A.roa
Signing time: Sun 26 Jan 2025 16:29:08 +0000
ROA not before: Sun 26 Jan 2025 16:29:04 +0000
ROA not after: Sun 23 Mar 2025 16:29:04 +0000
asID: 63139
IP address blocks: 156.225.117.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70654 (0x113fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 26 16:29:04 2025 GMT
Not After : Mar 23 16:29:04 2025 GMT
Subject: CN=679662d4-19a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0a:f0:71:1b:79:6d:1d:ab:5f:64:a0:0b:37:
cf:aa:40:35:97:d4:d6:d3:3f:0f:44:9c:f1:be:3b:
57:36:b8:16:c7:ef:7c:82:60:51:89:61:5f:15:13:
66:1d:be:c0:8e:c9:7b:b1:b6:5a:56:5c:3f:d4:2d:
21:3b:c4:27:1d:de:fb:bc:7d:a3:ba:6b:48:75:ce:
70:5c:8c:d2:78:54:c4:83:94:dc:95:53:f8:57:01:
5c:8c:fd:a8:22:4d:99:d4:c2:0c:f3:60:1f:0e:f2:
fc:f2:f4:6e:e1:f5:0b:f8:9b:ff:70:ff:48:cb:f8:
a0:fd:d0:cd:52:5b:2e:1a:89:0f:d0:68:8e:61:c5:
db:cb:99:5b:c7:0e:f2:16:24:0c:77:79:69:f2:8c:
55:f1:36:9d:b3:6e:b4:53:30:ee:d6:8e:86:b3:ad:
e4:2e:65:66:5c:c9:26:34:ca:5f:43:94:5b:89:cc:
2e:75:22:45:c3:14:95:34:c4:84:6b:9d:32:9e:5e:
29:5f:cf:3d:bb:62:81:e9:56:b2:c4:d0:95:c6:4c:
b3:b1:6b:58:48:58:57:2d:d2:74:c3:4f:f8:f1:9e:
25:62:dd:29:89:9c:8f:85:fd:ea:4a:7d:61:a4:84:
ac:01:09:52:72:4d:90:02:9b:59:5a:3b:16:0b:11:
9c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:34:1A:2F:48:57:0F:38:11:78:AB:98:A7:1B:3E:FC:77:C7:3C:4D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA4AFD88DC0211EFAD246049762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.117.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:16:89:2f:03:18:1b:58:f4:a4:7c:ad:26:31:75:75:d0:d7:
c6:ea:b9:74:e1:47:ca:33:d2:84:4f:48:1f:51:9d:54:3f:fe:
e3:28:6a:7e:b6:4f:52:f6:0d:25:99:7b:18:d8:51:55:33:3d:
54:c6:f5:15:f0:32:14:b4:b3:6d:c6:07:e0:17:0a:70:fd:01:
91:fa:7f:c3:98:02:a0:97:92:23:e7:d9:ca:58:d0:8b:15:bc:
28:4a:2c:f9:aa:0c:33:7a:cf:89:76:59:ea:12:0b:94:00:19:
7f:b4:e6:d7:52:34:2e:92:df:54:14:5f:1c:9e:ed:43:46:88:
7e:ae:dc:94:1d:92:4b:e2:77:d9:bf:ae:f8:7a:43:d7:29:f7:
69:21:de:ba:02:95:e4:f5:7f:23:e6:05:a7:e3:d9:26:ad:4f:
12:8e:a7:e0:04:93:1c:81:3e:ef:54:16:dc:05:91:a5:14:ae:
2b:7a:0c:83:65:f6:d6:e1:3b:04:cd:fe:ad:e3:ba:7f:06:3c:
a5:58:2c:ff:64:a9:c4:97:52:db:2f:d3:6a:8f:8f:5b:ec:2b:
65:04:85:1c:ad:c0:ce:f0:3d:aa:13:74:5a:81:db:f6:fc:44:
7d:88:c9:aa:e3:85:50:29:7c:10:79:0c:61:5f:da:fe:a5:e0:
74:ed:88:9c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDARP+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTI2MTYyOTA0WhcNMjUwMzIzMTYyOTA0WjAYMRYw
FAYDVQQDEw02Nzk2NjJkNC0xOWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAygrwcRt5bR2rX2SgCzfPqkA1l9TW0z8PRJzxvjtXNrgWx+98gmBRiWFf
FRNmHb7Ajsl7sbZaVlw/1C0hO8QnHd77vH2jumtIdc5wXIzSeFTEg5TclVP4VwFc
jP2oIk2Z1MIM82AfDvL88vRu4fUL+Jv/cP9Iy/ig/dDNUlsuGokP0GiOYcXby5lb
xw7yFiQMd3lp8oxV8Tads260UzDu1o6Gs63kLmVmXMkmNMpfQ5RbicwudSJFwxSV
NMSEa50ynl4pX889u2KB6VayxNCVxkyzsWtYSFhXLdJ0w0/48Z4lYt0piZyPhf3q
Sn1hpISsAQlSck2QAptZWjsWCxGc3QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOk0
Gi9IVw84EXirmKcbPvx3xzxNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQTRBRkQ4OERDMDIxMUVGQUQyNDYwNDk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOF1MA0GCSqGSIb3DQEBCwUA
A4IBAQCdFokvAxgbWPSkfK0mMXV10NfG6rl04UfKM9KET0gfUZ1UP/7jKGp+tk9S
9g0lmXsY2FFVMz1UxvUV8DIUtLNtxgfgFwpw/QGR+n/DmAKgl5Ij59nKWNCLFbwo
Siz5qgwzes+JdlnqEguUABl/tObXUjQukt9UFF8cnu1DRoh+rtyUHZJL4nfZv674
ekPXKfdpId66ApXk9X8j5gWn49kmrU8SjqfgBJMcgT7vVBbcBZGlFK4regyDZfbW
4TsEzf6t47p/BjylWCz/ZKnEl1LbL9Nqj49b7CtlBIUcrcDO8D2qE3Ragdv2/ER9
iMmq44VQKXwQeQxhX9r+peB07Yic
-----END CERTIFICATE-----
Generated at Sat Apr 26 23:02:14 2025 by rpki-client