Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/35E22384F4FA11EFADE52156762E951A.roa
File: 35E22384F4FA11EFADE52156762E951A.roa (raw, json)
Hash identifier: WdG++AKcbGia7i1dI0IIl+jPdmLB+L3P41ZB4JdJ6Bc=
Subject key identifier: 1A:8E:A4:5B:50:2A:3D:54:4D:30:20:AD:A2:58:42:0F:4E:F5:76:1B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0139F0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/35E22384F4FA11EFADE52156762E951A.roa
Signing time: Thu 27 Feb 2025 11:01:35 +0000
ROA not before: Thu 27 Feb 2025 11:01:32 +0000
ROA not after: Sat 19 Feb 2028 11:01:32 +0000
asID: 17561
IP address blocks: 156.226.192.0/24 maxlen: 24
156.226.193.0/24 maxlen: 24
156.226.194.0/24 maxlen: 24
156.226.195.0/24 maxlen: 24
156.226.198.0/24 maxlen: 24
156.226.200.0/24 maxlen: 24
156.226.201.0/24 maxlen: 24
156.226.202.0/24 maxlen: 24
156.226.203.0/24 maxlen: 24
156.226.206.0/24 maxlen: 24
156.226.207.0/24 maxlen: 24
156.226.210.0/24 maxlen: 24
156.226.211.0/24 maxlen: 24
156.226.212.0/24 maxlen: 24
156.226.213.0/24 maxlen: 24
156.226.214.0/24 maxlen: 24
156.226.215.0/24 maxlen: 24
156.226.220.0/24 maxlen: 24
156.226.223.0/24 maxlen: 24
156.226.225.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80368 (0x139f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 27 11:01:32 2025 GMT
Not After : Feb 19 11:01:32 2028 GMT
Subject: CN=67c0460f-d342
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8d:e3:d6:3d:90:95:aa:cc:22:a8:08:84:d2:
cd:8f:ea:9e:12:68:d0:8b:9b:40:aa:c4:4c:a6:89:
c4:83:97:13:8a:2b:09:51:18:4e:35:34:88:f8:56:
ce:e4:57:e0:80:4d:e4:64:f8:6b:98:c1:09:d7:75:
1a:2c:a0:b8:b9:94:b1:93:27:6d:73:47:f5:01:8b:
39:3c:48:e6:bb:aa:7c:c4:ae:83:ce:94:3b:0f:40:
48:72:b2:03:e7:9c:0f:03:7b:dc:dd:6a:34:7d:d8:
eb:fc:af:e7:1b:26:69:1d:1c:39:d1:94:75:d9:dc:
05:4c:02:f8:15:2b:23:34:a9:b4:9b:d8:ae:e6:c3:
a6:2d:ca:2b:44:03:53:e7:d7:1f:59:ab:c1:79:46:
89:6a:2b:e0:ca:b5:1f:93:30:ff:f9:98:70:44:a8:
a9:29:a1:a3:60:64:e4:9d:36:85:84:f2:e3:59:8c:
3a:29:f4:ec:05:26:40:87:6a:0e:31:bc:69:d0:1b:
af:c8:70:52:b9:1f:0c:08:af:c8:6b:19:ad:5d:b0:
bf:4c:75:4c:44:2d:71:99:1b:ae:5f:f2:31:9a:32:
6e:05:dd:6d:91:4c:8e:90:b9:7d:12:15:6d:76:41:
fc:29:96:da:94:bf:1e:71:d8:b3:18:77:76:4e:92:
8c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:8E:A4:5B:50:2A:3D:54:4D:30:20:AD:A2:58:42:0F:4E:F5:76:1B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/35E22384F4FA11EFADE52156762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.192.0/22
156.226.198.0/24
156.226.200.0/22
156.226.206.0/23
156.226.210.0-156.226.215.255
156.226.220.0/24
156.226.223.0/24
156.226.225.0/24
Signature Algorithm: sha256WithRSAEncryption
57:4d:d1:c2:81:7d:cc:6d:b3:f3:e9:09:8a:5a:31:15:51:de:
8e:df:c2:fc:10:ce:73:8e:1f:ec:0c:47:08:7e:0c:56:8e:22:
d3:67:d6:3b:73:28:e9:38:3f:43:21:f2:9c:9f:a6:d5:38:0b:
31:91:f3:f6:05:e4:db:3f:5b:d9:82:d6:88:a2:aa:2f:97:57:
a7:0d:ea:49:0c:37:8f:f3:e2:e9:af:e0:07:8e:7f:c5:f3:3c:
25:1a:dd:81:92:d8:20:b1:3b:f4:4b:42:4a:b2:49:34:70:67:
77:a4:4c:5d:c1:32:1e:30:6f:02:dc:a5:00:f3:75:20:28:e6:
2e:34:47:f4:a3:8a:c5:28:1d:a8:49:b2:03:cb:69:a5:2c:71:
72:f8:7b:f2:88:bd:14:f9:55:cd:86:3b:db:2b:b8:34:e9:91:
50:ec:45:99:86:24:18:6a:5f:2c:35:b3:a5:0e:a7:9a:1e:7f:
f3:80:a4:23:d2:77:c1:85:20:d3:c2:63:bb:7d:5e:c7:b0:83:
7e:0c:75:58:65:86:3c:78:ac:0d:0d:65:77:5a:df:ae:ac:3d:
8a:17:4d:e7:07:02:13:fa:5d:4d:2f:ba:2b:ec:03:c0:b7:41:
4e:93:15:b2:15:f5:a9:d6:26:bb:72:0b:90:7a:8d:ef:21:4c:
59:cc:75:cc
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgIDATnwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI3MTEwMTMyWhcNMjgwMjE5MTEwMTMyWjAYMRYw
FAYDVQQDEw02N2MwNDYwZi1kMzQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1I3j1j2QlarMIqgIhNLNj+qeEmjQi5tAqsRMponEg5cTiisJURhONTSI
+FbO5FfggE3kZPhrmMEJ13UaLKC4uZSxkydtc0f1AYs5PEjmu6p8xK6DzpQ7D0BI
crID55wPA3vc3Wo0fdjr/K/nGyZpHRw50ZR12dwFTAL4FSsjNKm0m9iu5sOmLcor
RANT59cfWavBeUaJaivgyrUfkzD/+ZhwRKipKaGjYGTknTaFhPLjWYw6KfTsBSZA
h2oOMbxp0BuvyHBSuR8MCK/IaxmtXbC/THVMRC1xmRuuX/IxmjJuBd1tkUyOkLl9
EhVtdkH8KZbalL8ecdizGHd2TpKMaQIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFBqO
pFtQKj1UTTAgraJYQg9O9XYbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNUUyMjM4NEY0RkExMUVGQURFNTIxNTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCnOLAAwQAnOLGAwQCnOLIAwQB
nOLOMAwDBAGc4tIDBAOc4tADBACc4twDBACc4t8DBACc4uEwDQYJKoZIhvcNAQEL
BQADggEBAFdN0cKBfcxts/PpCYpaMRVR3o7fwvwQznOOH+wMRwh+DFaOItNn1jtz
KOk4P0Mh8pyfptU4CzGR8/YF5Ns/W9mC1oiiqi+XV6cN6kkMN4/z4umv4AeOf8Xz
PCUa3YGS2CCxO/RLQkqySTRwZ3ekTF3BMh4wbwLcpQDzdSAo5i40R/SjisUoHahJ
sgPLaaUscXL4e/KIvRT5Vc2GO9sruDTpkVDsRZmGJBhqXyw1s6UOp5oef/OApCPS
d8GFINPCY7t9Xsewg34MdVhlhjx4rA0NZXda366sPYoXTecHAhP6XU0vuivsA8C3
QU6TFbIV9anWJrtyC5B6je8hTFnMdcw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:09:12 2025 by rpki-client