Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2225C8BEF4A511EF963A777F762E951A.roa
File: 2225C8BEF4A511EF963A777F762E951A.roa (raw, json)
Hash identifier: hnLswt9b4SicgiW1IyyJ3JCejl5x+SgWO/5ORHVtpqI=
Subject key identifier: EE:88:5A:62:04:0D:EC:AE:E8:B0:2E:5B:2F:76:D7:BD:FF:9A:B3:BA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013896
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2225C8BEF4A511EF963A777F762E951A.roa
Signing time: Thu 27 Feb 2025 00:52:35 +0000
ROA not before: Thu 27 Feb 2025 00:00:31 +0000
ROA not after: Thu 19 Feb 2026 00:00:31 +0000
asID: 984
IP address blocks: 156.236.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80022 (0x13896)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 27 00:00:31 2025 GMT
Not After : Feb 19 00:00:31 2026 GMT
Subject: CN=67bfb753-a72c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:76:57:d5:56:f0:c9:a8:91:e4:1e:3e:0a:7a:
bd:67:1c:3e:fa:d5:07:be:70:b8:ee:a2:f4:d8:6f:
be:4d:c4:f2:87:b4:8b:be:b8:ec:64:e6:df:e2:e6:
02:64:3b:5e:b9:c1:f9:93:7d:f7:6c:4c:ac:4b:a2:
3b:fc:d2:15:b6:85:b8:11:f9:06:de:2f:ca:5a:c9:
f6:03:1e:04:2a:7e:f3:0d:41:5f:f5:cd:c0:f9:63:
ac:b1:5c:d9:e2:f0:f8:b5:1f:fc:43:b2:f3:a8:c6:
15:2b:a9:7e:60:2e:d9:b2:12:47:db:90:14:da:c5:
e9:77:72:37:a5:f9:3a:25:42:10:07:e0:c5:da:38:
74:d4:6a:1b:e7:9f:9d:62:ea:21:50:2d:12:94:09:
03:2c:98:16:84:aa:ee:21:85:bd:91:16:3f:19:9e:
2a:b2:41:99:3a:57:fb:d5:16:22:68:f0:2b:8d:91:
eb:be:f2:11:34:c0:10:72:0d:8d:06:08:7b:c8:37:
55:b8:40:a9:bc:ec:55:43:ad:30:34:e1:a5:40:d1:
62:53:f8:c9:09:ac:8a:59:13:cd:f7:ba:f9:37:f2:
c9:3c:69:65:7d:1d:fd:19:e3:77:5e:cf:ed:2e:7c:
e8:7e:8f:31:ce:f9:34:48:35:01:ba:d0:ed:8b:b1:
39:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:88:5A:62:04:0D:EC:AE:E8:B0:2E:5B:2F:76:D7:BD:FF:9A:B3:BA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2225C8BEF4A511EF963A777F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.4.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:09:15:2c:72:01:db:81:51:7d:dc:2f:a4:92:e7:8a:cd:7e:
00:68:6e:ee:3e:f2:aa:ca:9b:d3:6f:9a:fa:e3:8f:c1:53:3d:
db:b5:e9:3f:25:cc:95:05:26:d6:da:39:81:aa:3f:b1:b7:c9:
56:93:ac:5e:e2:05:2b:85:f0:bd:df:cf:a0:d8:f2:11:3d:6c:
dd:31:9f:f6:91:13:e3:71:9f:bd:00:c5:18:23:83:58:a5:a4:
61:d3:ee:1c:45:6e:e4:1b:d3:9a:d7:7a:c8:94:dc:d5:e2:cc:
80:65:b5:6c:c6:09:4f:5c:b2:21:cb:1a:a9:21:32:b4:bb:dc:
75:2c:45:1d:6b:18:33:b0:e5:09:94:9d:d3:44:e9:9f:80:5f:
2b:7d:96:d6:0e:32:bb:eb:ea:55:29:cb:30:28:4a:d7:be:6c:
aa:96:d5:36:ae:1a:f5:01:a8:a2:0d:55:7a:f3:54:cc:d8:54:
f3:80:96:a4:9b:1e:08:20:a1:45:43:3b:c9:d5:c6:2f:3b:12:
cf:0c:a8:ff:72:b2:26:9e:20:fa:39:ff:00:55:43:5e:f7:5d:
6a:a6:c5:c3:16:43:bf:2d:a1:6c:c9:0d:7f:97:bb:ec:40:73:
53:2a:27:ae:5e:90:06:cf:8f:09:39:2f:0e:5c:c6:53:b8:24:
77:b5:8b:db
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATiWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI3MDAwMDMxWhcNMjYwMjE5MDAwMDMxWjAYMRYw
FAYDVQQDEw02N2JmYjc1My1hNzJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr3ZX1VbwyaiR5B4+Cnq9Zxw++tUHvnC47qL02G++TcTyh7SLvrjsZObf
4uYCZDteucH5k333bEysS6I7/NIVtoW4EfkG3i/KWsn2Ax4EKn7zDUFf9c3A+WOs
sVzZ4vD4tR/8Q7LzqMYVK6l+YC7ZshJH25AU2sXpd3I3pfk6JUIQB+DF2jh01Gob
55+dYuohUC0SlAkDLJgWhKruIYW9kRY/GZ4qskGZOlf71RYiaPArjZHrvvIRNMAQ
cg2NBgh7yDdVuECpvOxVQ60wNOGlQNFiU/jJCayKWRPN97r5N/LJPGllfR39GeN3
Xs/tLnzofo8xzvk0SDUButDti7E5+QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFO6I
WmIEDeyu6LAuWy92173/mrO6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMjI1QzhCRUY0QTUxMUVGOTYzQTc3N0Y3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOwEMA0GCSqGSIb3DQEBCwUA
A4IBAQAdCRUscgHbgVF93C+kkueKzX4AaG7uPvKqypvTb5r644/BUz3btek/JcyV
BSbW2jmBqj+xt8lWk6xe4gUrhfC938+g2PIRPWzdMZ/2kRPjcZ+9AMUYI4NYpaRh
0+4cRW7kG9Oa13rIlNzV4syAZbVsxglPXLIhyxqpITK0u9x1LEUdaxgzsOUJlJ3T
ROmfgF8rfZbWDjK76+pVKcswKErXvmyqltU2rhr1AaiiDVV681TM2FTzgJakmx4I
IKFFQzvJ1cYvOxLPDKj/crImniD6Of8AVUNe911qpsXDFkO/LaFsyQ1/l7vsQHNT
KieuXpAGz48JOS8OXMZTuCR3tYvb
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:17:05 2025 by rpki-client