Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D01A8074DFFE11EF8046A5A8762E951A.roa
File: D01A8074DFFE11EF8046A5A8762E951A.roa (raw, json)
Hash identifier: RET//nbByNuwb2fRgBGLBSAGWV++qFdapSMhQf1IqAE=
Subject key identifier: A8:EC:4C:83:D0:5A:03:F0:95:BD:DE:56:5E:68:AB:49:36:BA:CB:1B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0116D1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D01A8074DFFE11EF8046A5A8762E951A.roa
Signing time: Fri 31 Jan 2025 18:11:38 +0000
ROA not before: Fri 31 Jan 2025 18:11:34 +0000
ROA not after: Tue 04 Mar 2025 18:11:34 +0000
asID: 60223
IP address blocks: 156.229.248.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71377 (0x116d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 31 18:11:34 2025 GMT
Not After : Mar 4 18:11:34 2025 GMT
Subject: CN=679d125a-a594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fa:3a:c9:27:c3:7f:d7:1c:71:95:62:00:2c:
cf:eb:64:e5:05:9f:20:bc:0b:18:90:59:ef:91:a6:
90:d4:a1:24:99:e1:11:0d:1b:42:74:20:a4:1b:ee:
87:77:41:23:54:d5:c0:ea:45:d1:9a:c5:c1:b3:32:
ba:69:6a:8e:1e:23:14:61:af:8f:90:c4:df:f9:51:
fa:69:f1:99:ae:f8:98:d7:c5:9c:8d:ca:2b:c2:ab:
a0:93:7d:98:e8:0c:f9:52:ab:b2:eb:c8:a4:a9:06:
7e:0f:c7:55:27:3d:bb:ea:3b:42:b3:f5:cf:b6:c7:
6b:12:53:99:e0:a4:35:e7:bc:0a:a9:41:6b:70:09:
db:84:e9:24:54:52:d9:1d:d4:c0:96:3e:05:bc:e6:
94:5c:83:20:3e:17:d2:e4:96:b8:00:d2:48:19:25:
c9:1c:5b:e7:61:c5:74:25:f7:f4:47:25:5f:e1:bc:
60:8c:bc:a6:d0:1a:e0:d9:79:a4:38:f9:1c:dc:bc:
40:39:f1:7a:f0:d8:f5:98:c8:17:57:66:b8:89:e2:
02:be:7a:50:44:bb:74:38:9f:e5:4b:83:c0:d0:64:
64:41:21:ac:7d:13:3a:d1:28:88:28:9c:48:fb:90:
c0:8f:c9:03:b3:9b:47:e5:be:47:44:33:95:89:2a:
f8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:EC:4C:83:D0:5A:03:F0:95:BD:DE:56:5E:68:AB:49:36:BA:CB:1B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D01A8074DFFE11EF8046A5A8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.248.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:02:17:fb:31:9a:96:b0:71:e5:f1:27:fc:24:5c:c9:8f:e4:
71:a8:ed:29:50:5d:4a:bd:4c:1c:4a:85:ee:f1:2b:d2:b3:11:
ca:52:2f:09:8b:de:31:4d:63:59:ac:3d:ad:0b:36:87:1f:55:
38:ea:34:a0:cb:1a:91:8c:4c:e2:bf:02:ee:85:65:70:a4:e7:
e9:62:3e:cb:e0:30:85:2d:51:69:62:1c:af:1b:ad:71:da:58:
54:1a:1b:a1:48:97:64:8d:ca:e2:e6:69:bc:a9:10:38:60:dc:
99:8f:af:b1:4b:f9:b0:d0:80:e1:82:ca:ae:5f:73:33:73:9c:
a3:3a:09:3c:11:23:75:68:9d:90:97:1c:7c:f2:9e:6c:84:07:
7e:f3:69:fc:fc:6d:b3:51:b5:36:41:fd:17:2d:df:e7:fc:4a:
27:16:e4:a4:05:5b:16:85:b4:ed:19:1a:ed:7b:da:5c:0f:98:
44:fb:c7:c9:5b:6d:58:a3:fa:7b:d3:25:05:7a:81:16:a6:9f:
60:36:16:38:63:fa:8d:c9:08:1d:71:33:88:ab:f4:26:fe:24:
67:4b:bb:80:3d:58:37:d9:ce:04:e9:34:a0:de:3e:60:83:19:
43:78:10:4f:bb:65:65:44:06:a4:cb:a9:fa:b9:ed:c5:63:92:
a1:d9:fc:7b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDARbRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTMxMTgxMTM0WhcNMjUwMzA0MTgxMTM0WjAYMRYw
FAYDVQQDEw02NzlkMTI1YS1hNTk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvvo6ySfDf9cccZViACzP62TlBZ8gvAsYkFnvkaaQ1KEkmeERDRtCdCCk
G+6Hd0EjVNXA6kXRmsXBszK6aWqOHiMUYa+PkMTf+VH6afGZrviY18Wcjcorwqug
k32Y6Az5Uquy68ikqQZ+D8dVJz276jtCs/XPtsdrElOZ4KQ157wKqUFrcAnbhOkk
VFLZHdTAlj4FvOaUXIMgPhfS5Ja4ANJIGSXJHFvnYcV0Jff0RyVf4bxgjLym0Brg
2XmkOPkc3LxAOfF68Nj1mMgXV2a4ieICvnpQRLt0OJ/lS4PA0GRkQSGsfRM60SiI
KJxI+5DAj8kDs5tH5b5HRDOViSr4vQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKjs
TIPQWgPwlb3eVl5oq0k2ussbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMDFBODA3NERGRkUxMUVGODA0NkE1QTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOX4MA0GCSqGSIb3DQEBCwUA
A4IBAQAsAhf7MZqWsHHl8Sf8JFzJj+RxqO0pUF1KvUwcSoXu8SvSsxHKUi8Ji94x
TWNZrD2tCzaHH1U46jSgyxqRjEzivwLuhWVwpOfpYj7L4DCFLVFpYhyvG61x2lhU
GhuhSJdkjcri5mm8qRA4YNyZj6+xS/mw0IDhgsquX3Mzc5yjOgk8ESN1aJ2Qlxx8
8p5shAd+82n8/G2zUbU2Qf0XLd/n/EonFuSkBVsWhbTtGRrte9pcD5hE+8fJW21Y
o/p70yUFeoEWpp9gNhY4Y/qNyQgdcTOIq/Qm/iRnS7uAPVg32c4E6TSg3j5ggxlD
eBBPu2VlRAaky6n6ue3FY5Kh2fx7
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:18:20 2025 by rpki-client