Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3651E73/4D3CFA1A78C411E6BB9D4831F8AEA228/D365A0ACF80D11EFBEB14452762E951A.roa
File: D365A0ACF80D11EFBEB14452762E951A.roa (raw, json)
Hash identifier: Am6JfmXKv4DHhKvXRKWcitTRJPjjXl+0+2dzYYkuDLU=
Subject key identifier: FD:0E:47:39:D3:E2:FE:51:C7:30:C7:3E:00:04:17:D6:BD:01:EF:F5
Certificate issuer: /CN=F3651E73AR/serialNumber=9CBA1420D721CC03023C5006D2251C20BAF4C882
Certificate serial: 0C77
Authority key identifier: 9C:BA:14:20:D7:21:CC:03:02:3C:50:06:D2:25:1C:20:BA:F4:C8:82
Authority info access: rsync://rpki.afrinic.net/repository/arin/nLoUINchzAMCPFAG0iUcILr0yII.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3651E73/4D3CFA1A78C411E6BB9D4831F8AEA228/D365A0ACF80D11EFBEB14452762E951A.roa
Signing time: Mon 03 Mar 2025 08:59:34 +0000
ROA not before: Mon 03 Mar 2025 08:59:29 +0000
ROA not after: Wed 31 Mar 2027 08:59:29 +0000
asID: 327983
IP address blocks: 160.19.112.0/20 maxlen: 24
169.239.208.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3191 (0xc77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3651E73AR
Validity
Not Before: Mar 3 08:59:29 2025 GMT
Not After : Mar 31 08:59:29 2027 GMT
Subject: CN=67c56f76-5451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:eb:f6:f2:63:6b:bc:ae:3a:4f:4c:d2:08:af:
65:a4:42:93:9b:a6:e0:9b:d5:fd:1d:7c:90:3a:be:
60:d6:74:5b:fe:39:e2:8b:57:0b:96:c5:32:5a:8f:
9f:29:0b:f0:f1:82:4c:ae:0a:e3:05:ed:4d:69:ff:
b6:1f:92:97:de:13:31:85:51:d7:9d:ae:86:88:c6:
98:d8:b0:c8:c5:a7:23:5a:f3:3a:66:e0:3e:c8:e7:
77:1f:90:1f:de:32:53:31:3b:5d:79:6a:fc:c1:9e:
1e:33:63:7d:84:8c:e1:63:ce:e3:e4:32:7b:03:4f:
8a:16:13:f8:a7:7a:a2:f1:cf:80:44:97:8a:f4:1b:
55:71:d8:dd:0f:ae:a9:24:46:25:1f:aa:e1:06:b3:
15:5e:59:30:69:a7:56:3a:f8:03:10:48:0a:73:d1:
7d:4a:13:9b:dd:4b:2b:c9:46:a6:0c:4a:73:c2:1d:
80:df:15:e9:05:4e:bc:42:a2:0e:fd:5b:1a:0b:8f:
b9:b8:a1:23:58:4b:00:13:f0:c8:5b:80:5b:25:22:
ec:42:01:92:e0:15:87:0f:ca:11:08:24:92:78:81:
58:de:c3:6b:64:74:e8:76:b9:cc:95:51:7b:4e:51:
a0:57:42:33:d1:5d:aa:76:2e:cc:17:7c:b1:96:0d:
54:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:0E:47:39:D3:E2:FE:51:C7:30:C7:3E:00:04:17:D6:BD:01:EF:F5
X509v3 Authority Key Identifier:
keyid:9C:BA:14:20:D7:21:CC:03:02:3C:50:06:D2:25:1C:20:BA:F4:C8:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3651E73/4D3CFA1A78C411E6BB9D4831F8AEA228/nLoUINchzAMCPFAG0iUcILr0yII.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/nLoUINchzAMCPFAG0iUcILr0yII.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3651E73/4D3CFA1A78C411E6BB9D4831F8AEA228/D365A0ACF80D11EFBEB14452762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.19.112.0/20
169.239.208.0/22
Signature Algorithm: sha256WithRSAEncryption
97:91:ff:ca:b0:b3:f0:93:08:2b:21:d4:e7:09:27:93:c9:14:
88:5b:15:19:52:4d:c6:02:b7:93:29:2b:11:e5:f9:cc:e0:d1:
43:f3:88:ee:76:ef:37:92:e8:2d:b9:fd:c0:b7:d3:8e:4c:cd:
cb:7b:ee:a6:ee:8f:15:4e:ac:a1:b7:c9:a4:4c:b7:84:14:3e:
59:f3:ec:6d:0a:94:d7:7d:73:d4:e7:52:fe:91:cd:ee:f2:93:
14:f5:07:0f:70:f7:00:9d:c8:05:c9:fa:39:0f:1b:2b:53:b8:
27:3d:84:a1:97:07:c5:62:a5:1d:f6:38:84:8e:94:7c:b6:b7:
0a:57:21:cf:11:6f:da:79:f5:0e:06:92:ea:80:58:cb:b7:e4:
1f:ac:39:98:d5:21:10:0a:3d:3f:64:db:57:38:4c:23:9f:f6:
5d:35:1f:cf:64:5d:f5:73:8a:e4:9b:75:bb:6d:d9:d9:d3:f1:
5f:fa:ed:53:69:f9:cd:9a:e4:79:be:77:a6:03:ed:88:85:5e:
81:ac:8f:36:e6:e7:4c:87:5a:16:c5:33:34:d5:c2:a8:7c:51:
e4:24:14:d3:eb:e1:bf:56:79:83:7b:5c:ea:7e:25:cb:48:82:
9d:23:dd:09:1a:09:4f:af:16:9d:27:d3:1d:8d:d5:e9:f2:bd:
96:76:da:1a
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDHcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NTFFNzNBUjExMC8GA1UEBRMoOUNCQTE0MjBENzIxQ0MwMzAyM0M1MDA2RDIyNTFD
MjBCQUY0Qzg4MjAeFw0yNTAzMDMwODU5MjlaFw0yNzAzMzEwODU5MjlaMBgxFjAU
BgNVBAMTDTY3YzU2Zjc2LTU0NTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDh6/byY2u8rjpPTNIIr2WkQpObpuCb1f0dfJA6vmDWdFv+OeKLVwuWxTJa
j58pC/DxgkyuCuMF7U1p/7YfkpfeEzGFUdedroaIxpjYsMjFpyNa8zpm4D7I53cf
kB/eMlMxO115avzBnh4zY32EjOFjzuPkMnsDT4oWE/ineqLxz4BEl4r0G1Vx2N0P
rqkkRiUfquEGsxVeWTBpp1Y6+AMQSApz0X1KE5vdSyvJRqYMSnPCHYDfFekFTrxC
og79WxoLj7m4oSNYSwAT8MhbgFslIuxCAZLgFYcPyhEIJJJ4gVjew2tkdOh2ucyV
UXtOUaBXQjPRXap2LswXfLGWDVS9AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU/Q5H
OdPi/lHHMMc+AAQX1r0B7/UwHwYDVR0jBBgwFoAUnLoUINchzAMCPFAG0iUcILr0
yIIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjUxRTczLzREM0NGQTFBNzhDNDExRTZCQjlENDgzMUY4QUVBMjI4L25Mb1VJ
TmNoekFNQ1BGQUcwaVVjSUxyMHlJSS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L25Mb1VJTmNoekFNQ1BGQUcwaVVjSUxyMHlJSS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjUxRTczLzREM0NGQTFBNzhDNDExRTZCQjlENDgzMUY4QUVB
MjI4L0QzNjVBMEFDRjgwRDExRUZCRUIxNDQ1Mjc2MkU5NTFBLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
JQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBASgE3ADBAKp79AwDQYJKoZIhvcN
AQELBQADggEBAJeR/8qws/CTCCsh1OcJJ5PJFIhbFRlSTcYCt5MpKxHl+czg0UPz
iO527zeS6C25/cC3045Mzct77qbujxVOrKG3yaRMt4QUPlnz7G0KlNd9c9TnUv6R
ze7ykxT1Bw9w9wCdyAXJ+jkPGytTuCc9hKGXB8VipR32OISOlHy2twpXIc8Rb9p5
9Q4GkuqAWMu35B+sOZjVIRAKPT9k21c4TCOf9l01H89kXfVziuSbdbtt2dnT8V/6
7VNp+c2a5Hm+d6YD7YiFXoGsjzbm50yHWhbFMzTVwqh8UeQkFNPr4b9WeYN7XOp+
JctIgp0j3QkaCU+vFp0n0x2N1enyvZZ22ho=
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:39:49 2025 by rpki-client