Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/48FAA1940A1711F0ACBB7362762E951A.roa
File: 48FAA1940A1711F0ACBB7362762E951A.roa (raw, json)
Hash identifier: HAswxUfsCWZR7K0Wcd68UiDeW2D1n2anODw9ZAna8Lg=
Subject key identifier: 9E:89:27:7C:FF:1A:52:EB:4B:52:59:CE:08:F6:1C:6E:AA:23:2A:74
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01483E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/48FAA1940A1711F0ACBB7362762E951A.roa
Signing time: Wed 26 Mar 2025 07:52:37 +0000
ROA not before: Wed 26 Mar 2025 07:52:33 +0000
ROA not after: Fri 02 May 2025 07:52:33 +0000
asID: 214143
IP address blocks: 156.228.16.0/23 maxlen: 24
156.228.48.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84030 (0x1483e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 26 07:52:33 2025 GMT
Not After : May 2 07:52:33 2025 GMT
Subject: CN=67e3b245-a20b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cd:0a:31:a3:fe:55:df:86:7b:fe:0d:24:0c:
24:c4:47:dd:7d:67:58:42:59:60:f8:d1:88:b8:27:
4b:d9:c4:7a:61:b4:80:cb:7d:41:4e:6b:bf:3c:8f:
37:d7:ce:d5:bb:da:ed:61:41:fa:c2:c3:35:15:3c:
eb:d7:15:b7:02:73:d0:42:5e:ac:6e:30:ac:a5:73:
5c:a7:80:68:6c:09:a7:69:7b:e3:67:53:ff:0c:59:
e7:0f:66:ee:79:11:03:ce:b8:2a:ef:21:36:82:95:
4f:88:f4:ab:b1:f5:0e:6f:dd:cd:af:4f:43:76:39:
44:ea:44:e0:d4:aa:cf:20:c2:4d:9c:7e:55:d8:26:
29:d1:ea:ec:59:61:88:2c:d5:cb:3a:53:b0:39:da:
75:0d:63:94:18:75:f2:f1:17:59:2b:aa:f7:43:05:
2f:a6:f4:e8:77:97:ab:91:e0:35:76:d3:79:2b:60:
82:a5:03:3e:1f:cf:e9:e2:91:07:ad:d8:3f:bc:0d:
95:ee:0c:af:5a:cc:4b:61:0f:c8:df:1c:a4:b6:1d:
63:49:a8:8e:20:b7:61:4b:ea:14:d4:27:6d:bd:e9:
3c:68:99:02:00:a3:e7:90:af:29:8b:f1:98:76:bc:
ea:21:62:06:58:39:b3:8c:81:71:c7:20:c8:ef:3f:
aa:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:89:27:7C:FF:1A:52:EB:4B:52:59:CE:08:F6:1C:6E:AA:23:2A:74
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/48FAA1940A1711F0ACBB7362762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.16.0/23
156.228.48.0/21
Signature Algorithm: sha256WithRSAEncryption
5c:4b:f3:08:3c:a1:e8:8f:c8:0a:6d:ee:96:dc:8b:78:92:0d:
c2:86:5a:d6:c7:6e:42:f7:f8:7e:bf:e4:b6:1b:20:29:cc:de:
cc:b8:9a:a4:19:14:a9:47:61:45:3f:b9:91:11:a7:54:75:a8:
a2:eb:aa:82:d9:bc:10:1d:6e:7d:b1:4e:db:46:32:ae:87:d0:
0b:a6:7f:64:c4:2e:a6:c5:48:23:8f:8c:4d:ca:20:7c:df:5e:
ab:e1:ea:00:ba:b5:9b:f1:a6:b8:a4:cd:d2:01:e8:6d:c3:cf:
7a:40:ae:21:11:f1:63:ed:f1:e1:e7:01:3e:2b:2e:a9:61:50:
1f:a9:bd:5c:49:ff:9a:b0:60:81:8b:4e:2a:86:23:b7:69:cd:
f4:f1:e1:37:ce:d0:2f:f0:32:74:d1:28:78:86:0d:6f:80:28:
a7:78:aa:22:12:0f:31:97:e9:c8:d4:d8:29:0e:d4:fb:8e:d4:
c7:dc:2d:70:f7:14:f2:cf:14:d2:75:7c:e2:a9:83:df:ef:17:
5b:52:c7:6d:e4:c8:a1:c4:60:57:19:49:cf:28:76:23:6d:7f:
13:87:c6:4d:c5:10:38:39:e0:f3:97:7d:1b:e0:1e:fb:54:09:
bd:dd:bb:c0:3b:3c:dd:40:3b:8a:af:72:5f:ad:c4:c2:bf:51:
b4:7c:27:c7
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAUg+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzI2MDc1MjMzWhcNMjUwNTAyMDc1MjMzWjAYMRYw
FAYDVQQDEw02N2UzYjI0NS1hMjBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsM0KMaP+Vd+Ge/4NJAwkxEfdfWdYQllg+NGIuCdL2cR6YbSAy31BTmu/
PI83187Vu9rtYUH6wsM1FTzr1xW3AnPQQl6sbjCspXNcp4BobAmnaXvjZ1P/DFnn
D2bueREDzrgq7yE2gpVPiPSrsfUOb93Nr09DdjlE6kTg1KrPIMJNnH5V2CYp0ers
WWGILNXLOlOwOdp1DWOUGHXy8RdZK6r3QwUvpvTod5erkeA1dtN5K2CCpQM+H8/p
4pEHrdg/vA2V7gyvWsxLYQ/I3xykth1jSaiOILdhS+oU1Cdtvek8aJkCAKPnkK8p
i/GYdrzqIWIGWDmzjIFxxyDI7z+qfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ6J
J3z/GlLrS1JZzgj2HG6qIyp0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80OEZBQTE5NDBBMTcxMUYwQUNCQjczNjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBnOQQAwQDnOQwMA0GCSqGSIb3
DQEBCwUAA4IBAQBcS/MIPKHoj8gKbe6W3It4kg3ChlrWx25C9/h+v+S2GyApzN7M
uJqkGRSpR2FFP7mREadUdaii66qC2bwQHW59sU7bRjKuh9ALpn9kxC6mxUgjj4xN
yiB8316r4eoAurWb8aa4pM3SAehtw896QK4hEfFj7fHh5wE+Ky6pYVAfqb1cSf+a
sGCBi04qhiO3ac308eE3ztAv8DJ00Sh4hg1vgCineKoiEg8xl+nI1NgpDtT7jtTH
3C1w9xTyzxTSdXziqYPf7xdbUsdt5MihxGBXGUnPKHYjbX8Th8ZNxRA4OeDzl30b
4B77VAm93bvAOzzdQDuKr3JfrcTCv1G0fCfH
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:47 2025 by rpki-client