Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/45C9DC16070511F0AAC819A1762E951A.roa
File: 45C9DC16070511F0AAC819A1762E951A.roa (raw, json)
Hash identifier: mv3X7SD+p2OzbApgAHwzFUttIQwL7TFLqsK8sZ1kRQs=
Subject key identifier: DB:04:B0:C6:1D:D4:AC:79:E4:6E:70:19:F6:6E:43:B8:0C:13:8D:27
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01477D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/45C9DC16070511F0AAC819A1762E951A.roa
Signing time: Sat 22 Mar 2025 10:06:07 +0000
ROA not before: Sat 22 Mar 2025 10:06:04 +0000
ROA not after: Thu 01 May 2025 10:06:04 +0000
asID: 61112
IP address blocks: 156.229.160.0/21 maxlen: 24
156.231.111.0/24 maxlen: 24
156.231.112.0/22 maxlen: 24
156.231.116.0/23 maxlen: 24
156.243.244.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83837 (0x1477d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 22 10:06:04 2025 GMT
Not After : May 1 10:06:04 2025 GMT
Subject: CN=67de8b8f-dd5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:59:47:c7:c7:44:88:3c:23:d5:18:06:5e:9a:
51:63:67:83:b9:8d:5f:f9:3b:02:a3:f7:60:09:a5:
b4:97:f0:30:97:d2:b9:8e:c4:02:55:13:df:bf:e7:
9d:51:39:f3:88:b3:c0:63:08:a8:ce:5a:16:af:a3:
fc:6b:24:bb:fe:30:e5:90:3a:b1:24:b7:4d:4a:89:
3f:d1:10:6a:7e:f1:c3:61:1c:f4:9e:cd:1a:55:13:
6c:e5:d1:31:69:bc:b2:e3:47:5f:ef:93:35:00:ed:
1c:6c:f4:06:bd:a9:b5:23:20:96:d5:8f:78:fa:ab:
c7:4c:ec:96:07:99:14:9e:ef:cf:72:f4:97:5b:3a:
c1:22:f1:80:1c:fd:a8:7d:74:33:b9:46:46:71:1a:
49:3b:46:ea:0b:e2:8b:13:74:7c:f7:64:7c:46:80:
8e:fd:aa:ad:a8:cf:5c:9b:43:02:52:4c:52:1d:9a:
32:36:d1:cb:7a:33:2e:3f:91:ec:69:95:99:64:d4:
0e:e5:32:36:63:a6:32:88:6a:db:0b:e8:cf:91:29:
19:a4:b0:8f:fd:c6:9a:92:43:92:7c:4c:13:b2:14:
3e:3b:88:7c:bf:19:b6:ea:81:8d:1a:c9:9c:3d:5f:
ca:16:73:d1:c6:57:e1:0a:60:b1:d6:e1:75:b9:4a:
31:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:04:B0:C6:1D:D4:AC:79:E4:6E:70:19:F6:6E:43:B8:0C:13:8D:27
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/45C9DC16070511F0AAC819A1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.160.0/21
156.231.111.0-156.231.117.255
156.243.244.0/24
Signature Algorithm: sha256WithRSAEncryption
54:9d:2d:cb:bd:f6:31:75:9d:3a:b3:a5:91:08:91:54:8f:f1:
d3:a1:46:66:77:62:ff:07:10:32:88:21:88:bb:cd:4b:20:aa:
86:88:40:00:57:61:07:44:ff:42:8e:ec:ef:48:c1:0b:b0:dc:
60:7b:06:85:35:5f:cb:02:d3:f1:b3:cd:72:b8:6f:5a:18:73:
44:e5:2a:0d:c3:28:0c:19:1f:2c:36:9b:d1:07:6a:78:5d:db:
a2:19:ac:1c:12:f8:0b:f4:0d:01:b0:c1:da:e9:66:d8:dc:03:
90:66:78:31:cd:b2:ff:7d:54:31:b8:95:2d:cd:fa:07:25:1f:
87:9b:c5:e5:ff:c8:dd:00:cd:0c:8c:fc:a2:8e:9d:68:9c:6b:
cf:30:f8:02:55:6d:35:20:b3:94:7a:4c:4c:5d:cb:53:3e:0f:
67:d6:1f:bf:b2:72:98:89:05:86:08:2f:9b:94:8c:9e:72:d6:
30:67:eb:a1:ad:52:35:5b:62:3b:6e:40:c5:1c:e9:7c:e7:a9:
7b:95:ef:36:dd:7f:df:97:0f:c6:0d:bd:c3:f9:57:2a:0e:1c:
d0:b0:ed:36:04:42:5a:44:57:69:21:de:39:33:bd:85:43:60:
e5:4b:4d:bf:8a:7b:de:48:fb:3d:63:f6:77:64:0a:0f:fd:05:
45:4b:ac:48
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIDAUd9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzIyMTAwNjA0WhcNMjUwNTAxMTAwNjA0WjAYMRYw
FAYDVQQDEw02N2RlOGI4Zi1kZDVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyFlHx8dEiDwj1RgGXppRY2eDuY1f+TsCo/dgCaW0l/Awl9K5jsQCVRPf
v+edUTnziLPAYwiozloWr6P8ayS7/jDlkDqxJLdNSok/0RBqfvHDYRz0ns0aVRNs
5dExabyy40df75M1AO0cbPQGvam1IyCW1Y94+qvHTOyWB5kUnu/PcvSXWzrBIvGA
HP2ofXQzuUZGcRpJO0bqC+KLE3R892R8RoCO/aqtqM9cm0MCUkxSHZoyNtHLejMu
P5HsaZWZZNQO5TI2Y6YyiGrbC+jPkSkZpLCP/caakkOSfEwTshQ+O4h8vxm26oGN
GsmcPV/KFnPRxlfhCmCx1uF1uUoxXwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFNsE
sMYd1Kx55G5wGfZuQ7gME40nMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NUM5REMxNjA3MDUxMUYwQUFDODE5QTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDnOWgMAwDBACc528DBAGc53QD
BACc8/QwDQYJKoZIhvcNAQELBQADggEBAFSdLcu99jF1nTqzpZEIkVSP8dOhRmZ3
Yv8HEDKIIYi7zUsgqoaIQABXYQdE/0KO7O9IwQuw3GB7BoU1X8sC0/GzzXK4b1oY
c0TlKg3DKAwZHyw2m9EHanhd26IZrBwS+Av0DQGwwdrpZtjcA5BmeDHNsv99VDG4
lS3N+gclH4ebxeX/yN0AzQyM/KKOnWica88w+AJVbTUgs5R6TExdy1M+D2fWH7+y
cpiJBYYIL5uUjJ5y1jBn66GtUjVbYjtuQMUc6XznqXuV7zbdf9+XD8YNvcP5VyoO
HNCw7TYEQlpEV2kh3jkzvYVDYOVLTb+Ke95I+z1j9ndkCg/9BUVLrEg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:57 2025 by rpki-client