Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3B2ED40AF46311EF929667BA762E951A.roa
File: 3B2ED40AF46311EF929667BA762E951A.roa (raw, json)
Hash identifier: Bg+akCCRljPmAMVVABrrS84tQp6Tj+3WdaFtPZ2IQGw=
Subject key identifier: A3:8B:24:2F:9D:23:51:DB:F0:B1:72:63:50:DC:C5:30:0A:7D:57:41
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01354C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3B2ED40AF46311EF929667BA762E951A.roa
Signing time: Wed 26 Feb 2025 17:00:50 +0000
ROA not before: Wed 26 Feb 2025 17:00:47 +0000
ROA not after: Thu 19 Feb 2026 17:00:47 +0000
asID: 984
IP address blocks: 156.245.73.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79180 (0x1354c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 17:00:47 2025 GMT
Not After : Feb 19 17:00:47 2026 GMT
Subject: CN=67bf48c2-5894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:47:ff:5e:fe:e5:80:ee:04:d7:66:e0:88:af:
d1:bd:a1:36:03:33:22:2c:e0:f6:bf:01:84:ba:71:
d2:68:a7:02:1e:0b:4f:e1:76:6b:c5:03:74:4a:d0:
a1:b8:58:63:bf:db:21:b9:3e:72:eb:b3:93:ab:77:
d5:78:5b:39:3b:91:e6:5e:29:39:12:91:b2:59:85:
2b:7f:23:09:7f:09:d3:82:b1:c9:f5:6c:36:8e:5e:
c1:e6:a3:90:4a:6c:8b:e4:7a:b7:d5:a7:1f:c5:02:
6a:14:15:d8:27:14:36:3b:84:7b:7c:bb:ca:96:8b:
76:ce:d0:1d:ea:b7:bf:63:a5:6e:61:41:49:fb:20:
26:93:10:8a:82:16:cc:da:a8:3a:d4:9e:29:f5:6a:
82:4e:97:0d:3e:a0:96:b7:db:59:74:95:25:73:55:
70:96:e4:8b:7d:90:96:21:02:16:3c:56:6f:f6:a2:
d8:d2:52:8f:3a:aa:37:20:ee:7d:0a:fd:71:75:0a:
60:e4:40:32:73:36:bf:ec:95:17:51:3f:ca:71:3f:
05:13:2b:c4:fb:7d:30:aa:95:47:54:cd:93:8a:0c:
a0:38:cd:21:05:14:2b:08:07:00:ef:d9:16:94:d4:
0f:02:dc:00:a8:6d:dd:0d:10:34:83:fa:cf:0a:8d:
72:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:8B:24:2F:9D:23:51:DB:F0:B1:72:63:50:DC:C5:30:0A:7D:57:41
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3B2ED40AF46311EF929667BA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.73.0/24
Signature Algorithm: sha256WithRSAEncryption
52:70:ba:be:75:8a:d9:43:96:65:e5:fd:e9:09:9c:82:ad:8e:
d6:55:e4:24:67:47:a7:b1:0f:3a:bf:d8:d5:02:59:fb:e0:7f:
23:1d:91:08:85:b1:61:09:3b:8f:fd:32:0f:54:bc:bc:eb:a8:
e9:74:2c:8f:18:38:e3:0a:79:13:cf:79:e0:e7:74:1c:b7:36:
c1:d3:0a:8d:35:98:59:e7:d1:4e:00:32:08:5a:3d:09:17:c0:
18:b0:41:6f:b5:a0:5f:ae:7a:e3:64:fe:4d:81:ad:cf:2e:5f:
1a:80:fa:b1:fb:e8:d6:42:ed:6f:2d:f0:10:82:dc:6c:d6:fb:
66:5b:a1:a3:45:0c:e1:af:3b:d2:bf:34:46:24:55:ec:8c:24:
02:41:8a:e5:ba:a5:e5:86:5c:6e:b8:40:1e:6d:f9:3d:1a:4b:
d8:59:b4:48:f9:79:cf:19:3b:d1:de:df:90:23:8a:5f:fa:5a:
d0:f6:c2:d0:57:6b:99:86:a0:c4:e9:5b:28:3a:e3:60:46:3d:
1b:fd:d3:8a:d4:c1:78:26:53:1d:87:f0:39:66:78:b3:74:0e:
17:94:88:2d:e6:1c:6e:b5:e1:b6:17:80:fd:45:cd:fd:48:22:
2f:c5:e7:71:12:cc:fc:9c:da:36:30:48:cd:5b:ca:5b:96:08:
da:6e:ec:85
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATVMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTcwMDQ3WhcNMjYwMjE5MTcwMDQ3WjAYMRYw
FAYDVQQDEw02N2JmNDhjMi01ODk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo0f/Xv7lgO4E12bgiK/RvaE2AzMiLOD2vwGEunHSaKcCHgtP4XZrxQN0
StChuFhjv9shuT5y67OTq3fVeFs5O5HmXik5EpGyWYUrfyMJfwnTgrHJ9Ww2jl7B
5qOQSmyL5Hq31acfxQJqFBXYJxQ2O4R7fLvKlot2ztAd6re/Y6VuYUFJ+yAmkxCK
ghbM2qg61J4p9WqCTpcNPqCWt9tZdJUlc1VwluSLfZCWIQIWPFZv9qLY0lKPOqo3
IO59Cv1xdQpg5EAycza/7JUXUT/KcT8FEyvE+30wqpVHVM2TigygOM0hBRQrCAcA
79kWlNQPAtwAqG3dDRA0g/rPCo1y+QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKOL
JC+dI1Hb8LFyY1DcxTAKfVdBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQjJFRDQwQUY0NjMxMUVGOTI5NjY3QkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPVJMA0GCSqGSIb3DQEBCwUA
A4IBAQBScLq+dYrZQ5Zl5f3pCZyCrY7WVeQkZ0ensQ86v9jVAln74H8jHZEIhbFh
CTuP/TIPVLy866jpdCyPGDjjCnkTz3ng53QctzbB0wqNNZhZ59FOADIIWj0JF8AY
sEFvtaBfrnrjZP5Nga3PLl8agPqx++jWQu1vLfAQgtxs1vtmW6GjRQzhrzvSvzRG
JFXsjCQCQYrluqXlhlxuuEAebfk9GkvYWbRI+XnPGTvR3t+QI4pf+lrQ9sLQV2uZ
hqDE6VsoOuNgRj0b/dOK1MF4JlMdh/A5ZnizdA4XlIgt5hxuteG2F4D9Rc39SCIv
xedxEsz8nNo2MEjNW8pblgjabuyF
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:05 2025 by rpki-client