Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B3AA3BE6DCAC11EFBAC46244762E951A.roa
File: B3AA3BE6DCAC11EFBAC46244762E951A.roa (raw, json)
Hash identifier: 2sYDkb1JsCJKALpGIyP8GJ5b2oKAHuJf0UjEq1M/sPI=
Subject key identifier: F6:53:3B:92:7D:1C:BD:AF:C3:9A:2F:8F:DB:70:2D:13:47:1C:9B:C7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0114E9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B3AA3BE6DCAC11EFBAC46244762E951A.roa
Signing time: Mon 27 Jan 2025 12:46:18 +0000
ROA not before: Mon 27 Jan 2025 12:46:14 +0000
ROA not after: Sat 08 Feb 2025 12:46:14 +0000
asID: 5065
IP address blocks: 156.233.22.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70889 (0x114e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 27 12:46:14 2025 GMT
Not After : Feb 8 12:46:14 2025 GMT
Subject: CN=6797801a-42c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:55:8e:80:70:5c:19:3c:a3:46:bf:0a:6b:74:
e9:23:cf:ae:11:45:fb:93:81:30:de:40:cc:4d:70:
95:df:91:a2:2e:b9:1a:5c:4a:87:65:de:07:98:00:
70:4c:93:7c:c3:39:78:8a:94:b7:ab:c8:c5:97:95:
12:6e:8f:f0:0b:4e:be:7c:44:3d:0e:4c:2d:e7:94:
5b:6f:70:59:6e:7f:1f:1b:eb:2a:fc:50:6c:19:88:
4c:b9:3e:03:f5:86:c2:96:11:2f:53:83:a6:82:95:
69:5a:74:e3:3c:94:db:ed:81:43:e1:77:6a:24:30:
8e:25:15:6e:d6:a7:0f:85:0b:34:fd:17:0b:5d:62:
ca:1b:50:c2:7a:2b:8c:76:66:1b:08:13:6e:f7:96:
f2:10:7c:12:e8:0a:76:79:c2:1b:25:0e:e7:fb:c7:
da:a3:d6:2e:18:7c:31:3d:e6:40:b2:87:87:e8:36:
2b:7b:3f:26:34:77:3d:3a:7d:a3:8d:93:3f:66:33:
eb:25:6a:b4:43:f3:60:3c:c2:41:63:5a:33:2e:ee:
4f:2d:97:40:f8:a5:42:d8:c0:9e:b0:5e:48:ad:01:
1e:84:83:0b:ad:e2:49:bb:79:a2:71:d9:f7:36:9c:
7c:5f:61:bf:a1:67:29:3e:05:b5:dd:70:7a:16:e7:
b4:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:53:3B:92:7D:1C:BD:AF:C3:9A:2F:8F:DB:70:2D:13:47:1C:9B:C7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B3AA3BE6DCAC11EFBAC46244762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.22.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:f8:14:19:45:a3:3a:76:53:4e:60:c9:e7:54:b5:94:aa:b4:
65:0e:1e:20:9d:33:e3:95:d4:6f:d0:17:4f:99:0d:3f:77:e0:
6f:a5:b4:f8:8c:3f:e3:af:0f:c2:40:07:35:b6:79:92:89:fb:
ad:9d:ba:81:39:f8:fc:6a:6a:6f:c5:9b:86:a3:d8:f2:7d:67:
49:70:f2:3b:a6:15:af:0f:a7:e8:e7:59:ea:1d:cb:12:63:42:
e9:2f:b4:80:83:c6:74:f2:a8:7a:6b:b3:3f:51:ef:b5:09:9b:
26:77:c3:5b:f5:70:fc:ee:d5:57:de:c1:4b:25:ee:c9:9f:b6:
9e:56:84:39:62:2c:07:d3:3d:e1:28:c0:6b:f6:25:84:25:c5:
0a:25:5d:ac:33:e5:72:cf:9c:fa:df:58:af:16:af:da:ce:9b:
0d:d6:f9:10:89:ee:63:95:7e:65:df:91:6e:66:58:ca:35:69:
8a:0a:dd:c2:1e:c8:1b:c9:3f:e2:bc:95:15:fd:fc:d9:93:8e:
76:6b:03:7b:2a:e5:11:44:d9:01:1d:7d:41:e2:cf:f6:99:c3:
ad:f3:75:85:68:09:5d:c2:ef:b8:1e:1a:6a:e8:82:dd:5a:df:
e6:5d:ed:16:ee:48:2b:92:da:37:e0:c3:b6:67:3a:08:5c:50:
b1:10:ca:e1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDARTpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTI3MTI0NjE0WhcNMjUwMjA4MTI0NjE0WjAYMRYw
FAYDVQQDEw02Nzk3ODAxYS00MmMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAylWOgHBcGTyjRr8Ka3TpI8+uEUX7k4Ew3kDMTXCV35GiLrkaXEqHZd4H
mABwTJN8wzl4ipS3q8jFl5USbo/wC06+fEQ9Dkwt55Rbb3BZbn8fG+sq/FBsGYhM
uT4D9YbClhEvU4OmgpVpWnTjPJTb7YFD4XdqJDCOJRVu1qcPhQs0/RcLXWLKG1DC
eiuMdmYbCBNu95byEHwS6Ap2ecIbJQ7n+8fao9YuGHwxPeZAsoeH6DYrez8mNHc9
On2jjZM/ZjPrJWq0Q/NgPMJBY1ozLu5PLZdA+KVC2MCesF5IrQEehIMLreJJu3mi
cdn3Npx8X2G/oWcpPgW13XB6Fue0mQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPZT
O5J9HL2vw5ovj9twLRNHHJvHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CM0FBM0JFNkRDQUMxMUVGQkFDNDYyNDQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOkWMA0GCSqGSIb3DQEBCwUA
A4IBAQCt+BQZRaM6dlNOYMnnVLWUqrRlDh4gnTPjldRv0BdPmQ0/d+BvpbT4jD/j
rw/CQAc1tnmSifutnbqBOfj8ampvxZuGo9jyfWdJcPI7phWvD6fo51nqHcsSY0Lp
L7SAg8Z08qh6a7M/Ue+1CZsmd8Nb9XD87tVX3sFLJe7Jn7aeVoQ5YiwH0z3hKMBr
9iWEJcUKJV2sM+Vyz5z631ivFq/azpsN1vkQie5jlX5l35FuZljKNWmKCt3CHsgb
yT/ivJUV/fzZk452awN7KuURRNkBHX1B4s/2mcOt83WFaAldwu+4Hhpq6ILdWt/m
Xe0W7kgrkto34MO2ZzoIXFCxEMrh
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:17:49 2025 by rpki-client