Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24EC1072FF3A11EFB5312B78762E951A.roa
File: 24EC1072FF3A11EFB5312B78762E951A.roa (raw, json)
Hash identifier: DV7xduzRKFR/EZjeKsa2wZQ3ky4ApjNPvjid1SFNZ0s=
Subject key identifier: 31:97:CB:E5:E2:F0:5D:59:84:18:3E:9B:4A:64:95:69:E0:EC:13:DD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014569
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24EC1072FF3A11EFB5312B78762E951A.roa
Signing time: Wed 12 Mar 2025 12:04:26 +0000
ROA not before: Wed 12 Mar 2025 12:04:22 +0000
ROA not after: Sun 08 Jun 2025 12:04:22 +0000
asID: 149440
IP address blocks: 156.225.64.0/24 maxlen: 24
156.227.0.0/24 maxlen: 24
156.235.89.0/24 maxlen: 24
156.236.76.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83305 (0x14569)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 12 12:04:22 2025 GMT
Not After : Jun 8 12:04:22 2025 GMT
Subject: CN=67d1784a-62b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:77:ad:cd:19:be:b5:6d:44:a7:b2:2d:5e:a3:
67:1e:88:72:01:88:17:88:ed:d7:98:a0:cb:99:b9:
e4:66:f9:f4:07:c2:e0:9c:c7:8a:17:2c:bf:f9:5f:
dd:4a:42:b9:39:8d:47:5c:9f:19:95:4b:57:ee:de:
24:d1:fe:95:9c:0b:d7:68:86:83:0d:31:88:cd:4d:
3f:f4:28:ed:d4:51:f8:ab:fb:b4:7f:2f:00:0f:2a:
c1:b8:95:ba:80:7f:08:b8:62:7c:ec:0c:25:72:19:
70:2f:de:01:c8:93:52:e2:ae:b7:95:bb:2c:e6:62:
f1:51:09:8a:15:05:63:73:2a:50:ce:e1:18:24:6f:
d8:9d:68:e9:7f:57:82:3f:df:30:19:07:a4:f8:12:
cb:10:57:ff:c1:c1:9f:15:8c:61:7a:a7:c9:22:52:
66:21:0c:09:54:ec:36:5f:d3:0b:2c:3b:e4:0a:34:
2d:35:fb:47:3b:b8:e7:b7:4d:55:d0:53:d6:a9:ae:
78:f5:2f:a2:b2:7e:47:e5:4a:88:da:f7:7b:25:3d:
27:0c:5c:18:ae:54:86:6b:a2:75:bc:cf:22:ca:db:
5e:03:40:b4:09:37:65:4f:d1:b9:64:88:c3:5d:75:
98:13:16:c0:a6:50:1f:ea:7c:52:de:b3:a2:4b:b2:
d6:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:97:CB:E5:E2:F0:5D:59:84:18:3E:9B:4A:64:95:69:E0:EC:13:DD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24EC1072FF3A11EFB5312B78762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.64.0/24
156.227.0.0/24
156.235.89.0/24
156.236.76.0/24
Signature Algorithm: sha256WithRSAEncryption
23:0b:99:3e:cf:e1:85:dc:7e:5c:1a:7b:1b:fa:e3:7f:6f:52:
89:e2:98:39:3f:e8:4d:91:97:51:7b:a9:c3:26:6e:73:cc:ed:
c4:74:9a:c9:29:ca:42:39:cb:e3:ec:5c:4b:62:cb:3f:91:d4:
e2:f9:38:d6:1c:8c:29:ed:bf:a7:ea:1b:82:26:03:8f:f3:d3:
43:ab:dd:81:e6:32:e7:37:18:40:6f:3f:6a:47:b5:db:77:0a:
7b:0f:fd:cb:08:98:58:cc:e4:c1:3b:9e:dd:f7:e7:0e:5f:f7:
e0:8e:60:7e:22:a8:1f:d3:cc:3d:fe:ae:e1:98:36:bc:4a:90:
9c:3f:8a:9e:d2:6d:b3:f4:52:f5:66:e9:da:b7:d6:e3:1c:b2:
fc:0d:07:0d:36:4d:ac:90:e1:ae:14:64:0a:2f:11:32:d6:60:
f4:d8:9e:ab:c8:92:70:ab:c8:89:a9:08:1a:fc:f1:0f:84:60:
28:d8:4a:9e:19:d8:23:c5:88:e6:63:6b:89:d0:e2:69:6b:b3:
f9:1e:fd:90:f3:55:f7:5f:09:c2:46:18:5c:82:e3:94:57:d1:
d7:3a:e1:0c:7d:87:3d:3b:31:8c:6b:cf:d6:04:5c:33:46:91:
12:c9:4e:b1:74:4e:8f:fd:c1:89:e2:a8:17:7b:3c:19:63:0f:
24:5e:71:c4
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIDAUVpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzEyMTIwNDIyWhcNMjUwNjA4MTIwNDIyWjAYMRYw
FAYDVQQDEw02N2QxNzg0YS02MmIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0netzRm+tW1Ep7ItXqNnHohyAYgXiO3XmKDLmbnkZvn0B8LgnMeKFyy/
+V/dSkK5OY1HXJ8ZlUtX7t4k0f6VnAvXaIaDDTGIzU0/9Cjt1FH4q/u0fy8ADyrB
uJW6gH8IuGJ87AwlchlwL94ByJNS4q63lbss5mLxUQmKFQVjcypQzuEYJG/YnWjp
f1eCP98wGQek+BLLEFf/wcGfFYxheqfJIlJmIQwJVOw2X9MLLDvkCjQtNftHO7jn
t01V0FPWqa549S+isn5H5UqI2vd7JT0nDFwYrlSGa6J1vM8iytteA0C0CTdlT9G5
ZIjDXXWYExbAplAf6nxS3rOiS7LWDQIDAQABo4ICtDCCArAwHQYDVR0OBBYEFDGX
y+Xi8F1ZhBg+m0pklWng7BPdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNEVDMTA3MkZGM0ExMUVGQjUzMTJCNzg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAnOFAAwQAnOMAAwQAnOtZAwQA
nOxMMA0GCSqGSIb3DQEBCwUAA4IBAQAjC5k+z+GF3H5cGnsb+uN/b1KJ4pg5P+hN
kZdRe6nDJm5zzO3EdJrJKcpCOcvj7FxLYss/kdTi+TjWHIwp7b+n6huCJgOP89ND
q92B5jLnNxhAbz9qR7Xbdwp7D/3LCJhYzOTBO57d9+cOX/fgjmB+Iqgf08w9/q7h
mDa8SpCcP4qe0m2z9FL1Zunat9bjHLL8DQcNNk2skOGuFGQKLxEy1mD02J6ryJJw
q8iJqQga/PEPhGAo2EqeGdgjxYjmY2uJ0OJpa7P5Hv2Q81X3XwnCRhhcguOUV9HX
OuEMfYc9OzGMa8/WBFwzRpESyU6xdE6P/cGJ4qgXezwZYw8kXnHE
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:15:06 2025 by rpki-client