Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C93DA78F57511EF95382794762E951A.roa
File: 1C93DA78F57511EF95382794762E951A.roa (raw, json)
Hash identifier: dqB1EECw55v6eDtKajG9SLB7sC6Y6ix4aaZKxoqzPQ0=
Subject key identifier: 3C:11:E6:33:F7:6B:EF:93:02:51:01:28:06:23:36:97:3F:73:74:87
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013BB8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C93DA78F57511EF95382794762E951A.roa
Signing time: Fri 28 Feb 2025 01:41:21 +0000
ROA not before: Fri 28 Feb 2025 01:41:17 +0000
ROA not after: Sat 19 Feb 2028 01:41:17 +0000
asID: 17561
IP address blocks: 45.204.136.0/24 maxlen: 24
45.204.137.0/24 maxlen: 24
45.204.141.0/24 maxlen: 24
45.204.142.0/24 maxlen: 24
45.204.143.0/24 maxlen: 24
45.204.152.0/24 maxlen: 24
45.204.156.0/24 maxlen: 24
45.204.158.0/24 maxlen: 24
45.204.159.0/24 maxlen: 24
45.204.160.0/24 maxlen: 24
45.204.161.0/24 maxlen: 24
45.204.162.0/24 maxlen: 24
45.204.163.0/24 maxlen: 24
45.204.166.0/24 maxlen: 24
45.204.167.0/24 maxlen: 24
45.204.168.0/24 maxlen: 24
45.204.169.0/24 maxlen: 24
45.204.170.0/24 maxlen: 24
45.204.171.0/24 maxlen: 24
45.204.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80824 (0x13bb8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 28 01:41:17 2025 GMT
Not After : Feb 19 01:41:17 2028 GMT
Subject: CN=67c11441-b8a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9b:75:c4:6a:d9:51:ff:96:d5:a4:a6:2c:70:
09:50:45:a6:1f:9c:da:39:99:0f:dc:f5:3a:89:33:
ab:c9:9d:7a:2e:62:31:e2:89:8c:4b:d0:ed:a6:ec:
7d:bd:f2:13:10:86:40:b0:96:c3:75:3e:c4:70:9f:
be:62:8f:63:8e:ce:f5:bc:64:36:ea:40:86:34:ed:
ec:c1:aa:66:61:29:1a:8d:2a:a1:b0:4a:32:58:e4:
ef:97:7d:b8:ae:5f:1e:d6:22:aa:72:09:a5:19:43:
23:8c:a9:ec:59:36:a7:97:f4:39:1f:69:d9:b4:13:
57:98:b6:87:5f:b7:a1:91:de:b6:72:a4:50:93:c3:
d2:3e:96:5c:05:47:42:3f:16:bc:e6:fa:14:e4:ad:
63:57:d9:8d:76:8b:13:97:46:ad:e2:f3:49:71:03:
fd:b2:17:84:86:42:35:26:81:b2:26:71:74:e6:47:
e4:f7:de:1a:b8:91:12:aa:16:00:a7:d2:f3:01:d0:
11:d5:6c:80:3f:cf:c9:6f:8f:eb:41:b6:63:00:99:
ab:16:f3:fb:dd:38:69:e4:c0:02:66:a9:15:20:76:
bf:2d:e7:61:f5:c9:30:cf:b5:92:c4:ba:0e:b6:e0:
6c:4f:af:70:10:41:3c:e8:19:c2:99:35:2e:17:7c:
4a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:11:E6:33:F7:6B:EF:93:02:51:01:28:06:23:36:97:3F:73:74:87
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C93DA78F57511EF95382794762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.204.136.0/23
45.204.141.0-45.204.143.255
45.204.152.0/24
45.204.156.0/24
45.204.158.0-45.204.163.255
45.204.166.0-45.204.171.255
45.204.175.0/24
Signature Algorithm: sha256WithRSAEncryption
00:29:62:ae:28:e5:0f:95:48:18:64:b3:f4:21:f1:c6:17:f7:
f7:f5:71:33:d8:09:00:ad:9c:2f:8d:7e:08:98:36:c8:a6:f5:
06:3c:68:7e:64:e2:ab:22:dd:65:a9:d6:be:94:49:ce:fd:ee:
e2:8e:41:54:49:ae:e1:61:40:ec:ba:52:cc:36:a4:34:10:78:
ca:1f:94:2d:59:97:eb:0d:0f:1f:66:50:3e:cd:58:7e:c5:d4:
e6:ea:87:86:b0:75:00:1e:14:e3:07:4e:0e:07:9e:bb:82:43:
2f:8f:8c:c7:3c:de:1f:1b:e0:82:5f:b5:93:fb:5f:9f:b1:53:
09:10:33:5c:a6:f5:a7:da:c8:1d:c4:cd:28:7f:1e:51:48:a1:
a9:0e:c3:4f:02:79:b5:c2:5c:dc:84:18:6b:c7:3e:f2:01:c0:
e1:fe:61:f2:f0:a0:48:43:b6:81:0e:74:ec:4c:09:79:4b:81:
b3:27:b5:22:12:1c:23:6a:a8:9e:f3:64:8b:3d:56:3f:1c:40:
89:27:8e:e7:fc:0d:ff:da:9b:59:c2:82:72:1b:79:cb:6e:27:
21:d5:4c:28:c0:7d:48:ee:43:50:2d:52:36:e7:38:14:d8:e1:
bf:a2:09:5d:07:76:7b:6d:99:89:65:30:0e:b6:cd:a9:42:2d:
a6:a7:12:f5
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIDATu4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MDE0MTE3WhcNMjgwMjE5MDE0MTE3WjAYMRYw
FAYDVQQDEw02N2MxMTQ0MS1iOGE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtJt1xGrZUf+W1aSmLHAJUEWmH5zaOZkP3PU6iTOryZ16LmIx4omMS9Dt
pux9vfITEIZAsJbDdT7EcJ++Yo9jjs71vGQ26kCGNO3swapmYSkajSqhsEoyWOTv
l324rl8e1iKqcgmlGUMjjKnsWTanl/Q5H2nZtBNXmLaHX7ehkd62cqRQk8PSPpZc
BUdCPxa85voU5K1jV9mNdosTl0at4vNJcQP9sheEhkI1JoGyJnF05kfk994auJES
qhYAp9LzAdAR1WyAP8/Jb4/rQbZjAJmrFvP73Thp5MACZqkVIHa/Ledh9ckwz7WS
xLoOtuBsT69wEEE86BnCmTUuF3xKlwIDAQABo4IC3jCCAtowHQYDVR0OBBYEFDwR
5jP3a++TAlEBKAYjNpc/c3SHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQzkzREE3OEY1NzUxMUVGOTUzODI3OTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBLcyIMAwDBAAtzI0DBAQtzIAD
BAAtzJgDBAAtzJwwDAMEAS3MngMEAi3MoDAMAwQBLcymAwQCLcyoAwQALcyvMA0G
CSqGSIb3DQEBCwUAA4IBAQAAKWKuKOUPlUgYZLP0IfHGF/f39XEz2AkArZwvjX4I
mDbIpvUGPGh+ZOKrIt1lqda+lEnO/e7ijkFUSa7hYUDsulLMNqQ0EHjKH5QtWZfr
DQ8fZlA+zVh+xdTm6oeGsHUAHhTjB04OB567gkMvj4zHPN4fG+CCX7WT+1+fsVMJ
EDNcpvWn2sgdxM0ofx5RSKGpDsNPAnm1wlzchBhrxz7yAcDh/mHy8KBIQ7aBDnTs
TAl5S4GzJ7UiEhwjaqie82SLPVY/HECJJ47n/A3/2ptZwoJyG3nLbich1UwowH1I
7kNQLVI25zgU2OG/ogldB3Z7bZmJZTAOts2pQi2mpxL1
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:30:55 2025 by rpki-client