Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0DFD712AF43211EF8B1C8463762E951A.roa
File: 0DFD712AF43211EF8B1C8463762E951A.roa (raw, json)
Hash identifier: 8agpe0XUIiOYH+iexpJAO989TDWFpPOQ+261UH8IGlo=
Subject key identifier: 43:BC:44:12:8E:E3:92:B5:6E:E9:23:D6:5C:82:4A:80:34:D2:5F:EE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01319E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0DFD712AF43211EF8B1C8463762E951A.roa
Signing time: Wed 26 Feb 2025 11:08:49 +0000
ROA not before: Wed 26 Feb 2025 11:08:46 +0000
ROA not after: Thu 19 Feb 2026 11:08:46 +0000
asID: 984
IP address blocks: 156.252.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78238 (0x1319e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 11:08:46 2025 GMT
Not After : Feb 19 11:08:46 2026 GMT
Subject: CN=67bef641-123e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:02:0e:8b:33:49:2a:19:9c:9f:de:7f:fb:ee:
a5:47:19:fa:30:1c:d9:50:e4:de:09:ad:ae:39:1d:
76:e3:4c:99:35:6d:8a:1b:c3:23:d0:a6:3f:d0:3f:
5b:67:58:49:6d:d8:89:6e:79:4c:e1:f1:97:3e:5f:
9f:82:8f:5c:c7:57:f3:5e:24:0b:41:5f:50:0e:75:
e1:ad:a2:48:75:8c:2a:a3:6f:68:c8:2c:6e:0a:8f:
91:da:58:60:19:e0:50:23:98:b2:7c:dd:5d:f7:0d:
64:b3:30:e0:8a:85:e1:52:44:71:5e:91:6a:9d:bd:
f7:ef:fd:55:6d:69:94:00:05:05:8f:2e:a6:b7:07:
e1:85:89:c7:eb:9c:88:23:d5:50:fc:13:04:35:a2:
f5:75:0f:0f:5b:2e:13:c9:be:f0:51:12:e4:78:8a:
26:35:db:da:1d:c5:87:51:da:43:dd:35:26:80:6d:
32:ac:e7:d5:b4:e1:d7:05:60:fb:21:7d:e5:eb:9e:
09:6b:20:2a:1a:f5:0b:1a:1a:81:46:75:7b:2e:60:
7f:7a:d5:e0:52:0d:34:b3:58:b2:93:b3:84:99:c3:
dd:1e:98:ce:44:20:36:d8:4d:42:2e:89:d0:88:7a:
87:d0:67:e8:f7:3b:d7:5f:ef:bf:b8:b2:8f:60:96:
d6:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:BC:44:12:8E:E3:92:B5:6E:E9:23:D6:5C:82:4A:80:34:D2:5F:EE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0DFD712AF43211EF8B1C8463762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.108.0/24
Signature Algorithm: sha256WithRSAEncryption
19:72:2b:b1:24:2b:24:75:ea:22:ce:df:e1:80:0e:49:05:b1:
f1:37:c0:72:a7:1c:04:ef:17:46:8e:75:1a:fc:d8:c8:61:ef:
ff:e0:26:b9:48:0a:e6:f4:3b:22:ab:03:17:b7:1f:c8:4c:49:
9e:c9:cf:eb:8d:d5:57:cc:be:72:13:65:f7:d0:1e:42:a8:4b:
b6:00:4a:dc:de:23:f9:57:f0:7b:c2:c2:73:e4:24:34:a7:67:
00:0d:2d:79:ad:b2:1a:ee:4d:33:17:cb:f7:c6:e6:59:e9:07:
24:70:1f:ec:d5:56:b7:07:fd:a3:35:11:5f:af:69:67:ff:85:
44:71:b9:79:c4:41:d0:44:e9:d9:73:f0:9a:ee:85:0b:b7:06:
49:44:7f:d5:c3:a0:a2:12:3f:93:75:bf:ad:b7:86:34:f7:09:
94:15:09:07:1e:57:ea:59:44:b9:41:f3:cf:97:ab:b4:87:f3:
c3:32:98:27:83:65:8f:35:1e:6f:b8:05:16:1a:4e:a9:07:a1:
9d:ac:81:a2:be:ed:05:39:27:19:a1:8e:21:9b:f2:1c:f1:14:
1b:a4:77:65:d7:c4:b6:ff:b7:e7:69:14:a3:5f:e0:68:3c:ac:
b3:73:8f:a8:c4:06:70:f4:a1:fa:fa:23:ad:c6:ae:5e:6e:b5:
7c:ad:df:57
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATGeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTEwODQ2WhcNMjYwMjE5MTEwODQ2WjAYMRYw
FAYDVQQDEw02N2JlZjY0MS0xMjNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArgIOizNJKhmcn95/++6lRxn6MBzZUOTeCa2uOR1240yZNW2KG8Mj0KY/
0D9bZ1hJbdiJbnlM4fGXPl+fgo9cx1fzXiQLQV9QDnXhraJIdYwqo29oyCxuCo+R
2lhgGeBQI5iyfN1d9w1kszDgioXhUkRxXpFqnb337/1VbWmUAAUFjy6mtwfhhYnH
65yII9VQ/BMENaL1dQ8PWy4Tyb7wURLkeIomNdvaHcWHUdpD3TUmgG0yrOfVtOHX
BWD7IX3l654JayAqGvULGhqBRnV7LmB/etXgUg00s1iyk7OEmcPdHpjORCA22E1C
LonQiHqH0Gfo9zvXX++/uLKPYJbW7wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEO8
RBKO45K1bukj1lyCSoA00l/uMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wREZENzEyQUY0MzIxMUVGOEIxQzg0NjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPxsMA0GCSqGSIb3DQEBCwUA
A4IBAQAZciuxJCskdeoizt/hgA5JBbHxN8BypxwE7xdGjnUa/NjIYe//4Ca5SArm
9DsiqwMXtx/ITEmeyc/rjdVXzL5yE2X30B5CqEu2AErc3iP5V/B7wsJz5CQ0p2cA
DS15rbIa7k0zF8v3xuZZ6QckcB/s1Va3B/2jNRFfr2ln/4VEcbl5xEHQROnZc/Ca
7oULtwZJRH/Vw6CiEj+Tdb+tt4Y09wmUFQkHHlfqWUS5QfPPl6u0h/PDMpgng2WP
NR5vuAUWGk6pB6GdrIGivu0FOScZoY4hm/Ic8RQbpHdl18S2/7fnaRSjX+BoPKyz
c4+oxAZw9KH6+iOtxq5ebrV8rd9X
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:27:16 2025 by rpki-client