Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CAFDB6A8D56611EF86E3155B762E951A.roa
File: CAFDB6A8D56611EF86E3155B762E951A.roa (raw, json)
Hash identifier: Z7yIT62Gti7Hr36iBq5F+HYp1MsEQemjQLVt+IB56us=
Subject key identifier: 72:3B:20:DC:A2:30:CD:1E:C3:96:F3:FB:49:99:03:F8:71:FA:1A:A5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010B05
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CAFDB6A8D56611EF86E3155B762E951A.roa
Signing time: Sat 18 Jan 2025 06:38:14 +0000
ROA not before: Sat 18 Jan 2025 06:38:10 +0000
ROA not after: Sat 22 Feb 2025 06:38:10 +0000
asID: 8796
IP address blocks: 156.239.24.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68357 (0x10b05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 18 06:38:10 2025 GMT
Not After : Feb 22 06:38:10 2025 GMT
Subject: CN=678b4c56-52d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:20:8a:85:56:79:a4:ea:f3:81:1e:be:9a:15:
bf:92:64:2f:6f:fd:d8:93:b9:dc:1f:c6:28:e8:0a:
e8:9f:bd:0e:c8:e0:ff:53:04:06:51:2a:8f:de:db:
1c:e3:2c:eb:24:71:ac:a6:06:c2:6f:2c:fc:b2:91:
ee:ca:dd:9f:cc:8f:0e:26:64:72:ac:95:33:06:e2:
be:2c:ef:16:24:d3:ed:1a:15:86:fb:4d:30:11:5b:
6a:45:de:30:dd:76:03:58:a0:62:72:07:b4:ca:ec:
64:2f:25:19:1f:05:59:57:9a:3c:c6:04:b4:f5:13:
26:85:82:01:95:7d:8d:c3:43:e5:94:f2:7b:71:e2:
b8:96:a9:db:5e:6a:a4:eb:5e:79:07:f2:5c:52:26:
01:63:bb:b4:45:f3:9a:65:0a:f6:d8:be:69:29:72:
4b:3f:15:d6:73:68:c7:aa:41:aa:ec:e5:18:02:35:
1d:74:a7:c1:47:ff:54:fa:6e:d1:33:c4:dc:b1:cf:
b3:bd:fb:f0:4d:8e:1a:71:68:d5:c2:54:a6:af:ab:
5a:14:36:94:ca:0f:eb:3b:f6:04:5a:1d:91:3a:d9:
9b:19:36:b1:da:e3:86:88:06:2a:b8:86:5c:2a:1e:
41:fa:ed:c9:a1:c5:65:e5:f9:bb:bd:47:6d:d7:21:
2f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:3B:20:DC:A2:30:CD:1E:C3:96:F3:FB:49:99:03:F8:71:FA:1A:A5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CAFDB6A8D56611EF86E3155B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.24.0/21
Signature Algorithm: sha256WithRSAEncryption
0a:2f:1f:0a:93:8d:26:33:39:f8:bc:85:86:b5:1d:55:28:4c:
2c:d9:7b:5e:44:3e:cd:1d:cf:89:69:1d:cc:26:87:a6:e2:72:
7f:3d:3d:69:6a:fc:f6:58:c7:15:7f:e8:2b:40:3c:e6:5f:3d:
c9:c5:4f:4f:dd:ea:c8:7a:2b:ea:9e:18:5b:4a:e8:87:35:ae:
fb:0f:16:1e:f6:04:a4:7b:f0:1a:1a:02:cc:a7:fa:47:40:a6:
aa:82:05:f0:a9:48:44:82:bb:29:5d:82:16:1e:44:b6:a1:16:
d3:c4:ea:75:74:41:8b:29:16:3e:cc:fd:b9:81:df:3e:f4:d6:
7f:b1:e5:bf:09:29:96:9b:3d:9d:75:5c:03:1e:18:1b:93:17:
03:69:1d:b2:13:18:dc:b8:78:c4:a6:dc:c8:b6:65:45:bb:ab:
94:40:79:de:23:6f:2d:47:c5:89:db:04:4e:a7:57:8d:bc:0a:
2d:f0:7e:0c:0a:91:db:fc:9d:ac:9d:02:e0:37:77:97:ea:f6:
bb:4e:e5:11:0a:d3:25:60:13:0a:05:e8:7b:7e:9e:93:f0:74:
fa:42:48:75:c1:a1:e3:af:93:b9:93:2b:eb:ac:4c:d1:8b:e4:
54:08:89:ed:fb:38:ff:cc:00:11:10:c6:1b:e5:88:af:72:d0:
a4:d1:67:1f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQsFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE4MDYzODEwWhcNMjUwMjIyMDYzODEwWjAYMRYw
FAYDVQQDEw02NzhiNGM1Ni01MmQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwCCKhVZ5pOrzgR6+mhW/kmQvb/3Yk7ncH8Yo6Aron70OyOD/UwQGUSqP
3tsc4yzrJHGspgbCbyz8spHuyt2fzI8OJmRyrJUzBuK+LO8WJNPtGhWG+00wEVtq
Rd4w3XYDWKBicge0yuxkLyUZHwVZV5o8xgS09RMmhYIBlX2Nw0PllPJ7ceK4lqnb
Xmqk6155B/JcUiYBY7u0RfOaZQr22L5pKXJLPxXWc2jHqkGq7OUYAjUddKfBR/9U
+m7RM8Tcsc+zvfvwTY4acWjVwlSmr6taFDaUyg/rO/YEWh2ROtmbGTax2uOGiAYq
uIZcKh5B+u3JocVl5fm7vUdt1yEvJwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHI7
INyiMM0ew5bz+0mZA/hx+hqlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQUZEQjZBOEQ1NjYxMUVGODZFMzE1NUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnO8YMA0GCSqGSIb3DQEBCwUA
A4IBAQAKLx8Kk40mMzn4vIWGtR1VKEws2XteRD7NHc+JaR3MJoem4nJ/PT1pavz2
WMcVf+grQDzmXz3JxU9P3erIeivqnhhbSuiHNa77DxYe9gSke/AaGgLMp/pHQKaq
ggXwqUhEgrspXYIWHkS2oRbTxOp1dEGLKRY+zP25gd8+9NZ/seW/CSmWmz2ddVwD
HhgbkxcDaR2yExjcuHjEptzItmVFu6uUQHneI28tR8WJ2wROp1eNvAot8H4MCpHb
/J2snQLgN3eX6va7TuURCtMlYBMKBeh7fp6T8HT6Qkh1waHjr5O5kyvrrEzRi+RU
CInt+zj/zAAREMYb5YivctCk0Wcf
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:48:17 2025 by rpki-client