Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2D630AAAF42A11EF81F76AAC762E951A.roa
File: 2D630AAAF42A11EF81F76AAC762E951A.roa (raw, json)
Hash identifier: T6uuj5aRl9xajIfw+kDE2HxeGXUaxQDqh14jshVDu0o=
Subject key identifier: 6F:DD:B1:F2:5E:6A:9A:7B:BD:33:F8:3F:54:19:1E:5D:E1:30:3D:B2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0130D8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2D630AAAF42A11EF81F76AAC762E951A.roa
Signing time: Wed 26 Feb 2025 10:12:26 +0000
ROA not before: Wed 26 Feb 2025 10:12:22 +0000
ROA not after: Thu 19 Feb 2026 10:12:22 +0000
asID: 328608
IP address blocks: 156.255.74.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78040 (0x130d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 10:12:22 2025 GMT
Not After : Feb 19 10:12:22 2026 GMT
Subject: CN=67bee90a-3797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a8:7e:41:6e:6f:80:e9:ed:60:57:b6:24:8a:
c1:fa:d9:51:15:ce:46:6b:ba:56:81:b7:04:c5:ad:
8b:40:e1:43:15:24:a1:91:4a:3b:0c:3e:4c:a9:e0:
40:f0:f9:47:6b:e6:d8:c9:25:09:d6:6c:9e:01:e7:
58:21:ab:89:36:ef:87:f2:44:46:95:8d:16:d6:64:
09:85:85:78:f7:ee:27:d1:ab:fe:58:ad:c5:3b:bd:
63:35:65:bc:46:97:f7:3d:68:6f:f7:9b:73:95:27:
e6:0e:3a:85:c2:1f:a1:e1:d5:9e:b6:c9:fb:27:9c:
ce:29:ce:61:cf:f8:e8:4c:ba:3e:62:64:4c:0b:9a:
dc:6f:53:f1:f8:36:db:e2:d5:e7:54:e1:bb:b5:cd:
18:29:55:70:20:72:a6:21:b9:43:e6:e2:75:db:9b:
eb:4b:64:2c:f4:5c:76:25:8b:1c:25:0e:10:83:0d:
f9:cd:e0:96:63:43:e6:eb:17:fe:a1:e0:89:89:3f:
2c:9b:f0:39:8f:6d:fc:87:b6:99:b6:ce:c2:8d:d6:
77:f5:40:34:52:0b:c0:14:42:21:e3:50:35:e1:52:
83:90:ed:69:fe:55:3b:90:7a:fb:7a:b3:64:3f:96:
01:72:b6:48:72:49:48:6f:85:b7:68:c3:29:d0:6d:
c9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:DD:B1:F2:5E:6A:9A:7B:BD:33:F8:3F:54:19:1E:5D:E1:30:3D:B2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2D630AAAF42A11EF81F76AAC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.74.0/24
Signature Algorithm: sha256WithRSAEncryption
28:aa:96:62:4a:bb:f0:14:e4:71:ce:8c:6e:8b:8d:d2:d3:1b:
04:12:64:f8:a4:ea:58:53:55:1b:2a:0d:51:14:74:97:7a:25:
a6:fe:ae:db:08:b2:45:fc:00:d5:c7:b5:c1:86:d5:bc:1d:0f:
54:fb:6a:8f:a1:73:23:42:58:5f:52:2f:78:f7:50:ee:12:0d:
e9:bc:0f:52:40:d4:1a:da:0b:9f:37:97:cf:4a:d9:c6:df:e3:
bd:5d:0e:34:df:1f:53:5f:7c:63:11:c9:cb:52:1c:9e:7d:f5:
2c:c9:70:a8:c6:c1:9c:29:b6:8e:d4:1a:05:64:01:41:16:5b:
cb:04:d0:bb:77:87:ea:05:83:41:2f:7a:44:2c:83:a3:74:4c:
1f:63:85:81:b8:a4:2f:c4:8a:05:5d:28:17:7e:92:e7:72:9d:
64:05:e3:bc:43:fa:e1:39:fd:e5:e9:0a:70:41:4e:24:af:35:
77:a5:13:2b:45:d5:b8:d5:4c:c1:d5:b1:d3:d3:b8:79:88:00:
39:01:3f:98:49:60:ad:f1:1e:e2:64:e4:1e:d3:cd:d0:94:34:
2e:98:29:10:3a:13:62:5c:db:63:6b:35:bf:9b:84:69:55:1b:
00:dd:c1:ab:b8:6b:22:a4:9b:8d:b7:9e:94:08:e2:2d:bf:0f:
7c:e2:3c:ce
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATDYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTAxMjIyWhcNMjYwMjE5MTAxMjIyWjAYMRYw
FAYDVQQDEw02N2JlZTkwYS0zNzk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnqh+QW5vgOntYFe2JIrB+tlRFc5Ga7pWgbcExa2LQOFDFSShkUo7DD5M
qeBA8PlHa+bYySUJ1myeAedYIauJNu+H8kRGlY0W1mQJhYV49+4n0av+WK3FO71j
NWW8Rpf3PWhv95tzlSfmDjqFwh+h4dWetsn7J5zOKc5hz/joTLo+YmRMC5rcb1Px
+Dbb4tXnVOG7tc0YKVVwIHKmIblD5uJ125vrS2Qs9Fx2JYscJQ4Qgw35zeCWY0Pm
6xf+oeCJiT8sm/A5j238h7aZts7CjdZ39UA0UgvAFEIh41A14VKDkO1p/lU7kHr7
erNkP5YBcrZIcklIb4W3aMMp0G3JKQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG/d
sfJeapp7vTP4P1QZHl3hMD2yMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRDYzMEFBQUY0MkExMUVGODFGNzZBQUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP9KMA0GCSqGSIb3DQEBCwUA
A4IBAQAoqpZiSrvwFORxzoxui43S0xsEEmT4pOpYU1UbKg1RFHSXeiWm/q7bCLJF
/ADVx7XBhtW8HQ9U+2qPoXMjQlhfUi9491DuEg3pvA9SQNQa2gufN5fPStnG3+O9
XQ403x9TX3xjEcnLUhyeffUsyXCoxsGcKbaO1BoFZAFBFlvLBNC7d4fqBYNBL3pE
LIOjdEwfY4WBuKQvxIoFXSgXfpLncp1kBeO8Q/rhOf3l6QpwQU4krzV3pRMrRdW4
1UzB1bHT07h5iAA5AT+YSWCt8R7iZOQe083QlDQumCkQOhNiXNtjazW/m4RpVRsA
3cGruGsipJuNt56UCOItvw984jzO
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:16:53 2025 by rpki-client