Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5DE13A7E070011F0BF222084762E951A.roa
File: 5DE13A7E070011F0BF222084762E951A.roa (raw, json)
Hash identifier: 1sBvt8YbAqdU4rUVrlXpB+MILEd7ro9W8/2JbXLIjiE=
Subject key identifier: EC:5B:B0:3E:C6:2E:39:2A:E7:EF:45:59:3B:1F:A6:7B:B3:FA:1F:71
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014777
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5DE13A7E070011F0BF222084762E951A.roa
Signing time: Sat 22 Mar 2025 09:31:00 +0000
ROA not before: Sat 22 Mar 2025 09:30:57 +0000
ROA not after: Wed 02 Apr 2025 09:30:57 +0000
asID: 39600
IP address blocks: 156.237.109.0/24 maxlen: 24
156.237.110.0/24 maxlen: 24
156.237.111.0/24 maxlen: 24
156.237.117.0/24 maxlen: 24
156.237.118.0/24 maxlen: 24
156.237.119.0/24 maxlen: 24
156.237.120.0/24 maxlen: 24
156.237.121.0/24 maxlen: 24
156.237.122.0/24 maxlen: 24
156.237.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83831 (0x14777)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 22 09:30:57 2025 GMT
Not After : Apr 2 09:30:57 2025 GMT
Subject: CN=67de8354-ee8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e3:56:7c:8a:c5:03:d7:69:66:74:f1:ad:c8:
91:ef:72:8d:9a:58:64:3a:0e:5f:3f:c0:4a:2c:27:
33:e8:30:56:e8:b1:01:8e:38:83:e9:15:57:b0:8c:
d7:69:61:05:96:93:ff:02:4e:63:d4:f8:3c:f8:2a:
06:ac:60:b3:fd:3b:19:e6:8b:08:a4:81:b2:5d:b4:
f8:a1:ed:5b:55:9d:8c:87:97:9d:86:12:98:56:e0:
33:b1:32:07:87:25:b6:7e:58:53:e8:a5:52:09:ea:
72:51:0e:8f:be:23:69:06:46:0e:e8:f0:f7:f2:bb:
b2:db:4a:1e:f5:40:73:00:18:8b:3d:8d:11:f1:c9:
c2:d0:02:91:79:13:ae:53:f6:45:6d:55:88:3b:f7:
9b:14:0b:2a:ce:66:2b:9e:fd:e9:72:e3:be:d0:2a:
91:fc:95:ea:82:25:f0:fc:ea:32:49:a6:f1:7e:d2:
b9:7e:fa:9c:64:c6:c6:d9:2a:4b:13:39:99:85:0a:
81:1f:c9:b2:09:bc:42:97:2c:80:8d:2e:a0:2b:55:
43:29:60:6b:d0:6b:81:cd:1e:e5:f7:07:30:d7:d0:
87:9b:21:14:2e:46:ec:74:6f:e5:a3:43:0a:2b:58:
b9:01:da:bf:3e:55:22:e7:f7:ec:46:93:79:5d:97:
da:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:5B:B0:3E:C6:2E:39:2A:E7:EF:45:59:3B:1F:A6:7B:B3:FA:1F:71
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5DE13A7E070011F0BF222084762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.109.0-156.237.111.255
156.237.117.0-156.237.123.255
Signature Algorithm: sha256WithRSAEncryption
00:c6:1b:b1:45:9f:e6:c4:27:62:97:d9:68:70:a2:f3:e6:2e:
05:aa:9d:73:b5:ff:d8:1c:d0:fd:b6:d8:9c:2b:9c:7b:58:ad:
54:0e:79:8e:cc:ee:22:3e:bc:b4:c2:b9:1f:06:32:46:3a:3f:
9f:b3:80:e6:6d:b5:0f:10:a0:a1:c5:54:dd:b6:ff:93:18:6a:
bf:9c:22:9f:41:56:b7:ac:ce:d3:2f:d3:c5:59:8a:c5:1a:34:
58:08:54:7d:61:76:1f:76:ba:fe:ff:e4:fc:72:f6:34:96:fa:
94:57:16:e3:e3:0b:9f:fb:1b:b1:2e:88:59:7d:11:d0:1e:ae:
f8:27:a0:3b:d2:a1:77:f6:23:e7:06:54:26:e8:ab:fc:c8:4b:
74:f1:db:c0:b2:fa:6f:f0:30:4f:41:81:b6:e8:a2:84:24:e3:
81:ed:76:50:47:cf:d6:ca:65:a7:68:b0:d6:ec:9e:98:27:be:
68:c1:38:a8:2e:51:0a:3f:81:35:b5:8c:91:11:70:79:04:f9:
ed:8e:c7:bc:47:ca:f7:03:6f:6d:d4:07:c5:6f:fe:5e:d7:4f:
06:29:3a:35:89:2f:1a:e4:5f:e9:e1:f6:83:45:c5:6b:49:35:
cc:c0:c4:e2:e8:4f:d5:9c:7c:08:a0:bd:d4:9a:a1:e4:20:06:
90:a5:a7:47
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIDAUd3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzIyMDkzMDU3WhcNMjUwNDAyMDkzMDU3WjAYMRYw
FAYDVQQDEw02N2RlODM1NC1lZThkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0uNWfIrFA9dpZnTxrciR73KNmlhkOg5fP8BKLCcz6DBW6LEBjjiD6RVX
sIzXaWEFlpP/Ak5j1Pg8+CoGrGCz/TsZ5osIpIGyXbT4oe1bVZ2Mh5edhhKYVuAz
sTIHhyW2flhT6KVSCepyUQ6PviNpBkYO6PD38ruy20oe9UBzABiLPY0R8cnC0AKR
eROuU/ZFbVWIO/ebFAsqzmYrnv3pcuO+0CqR/JXqgiXw/OoySabxftK5fvqcZMbG
2SpLEzmZhQqBH8myCbxClyyAjS6gK1VDKWBr0GuBzR7l9wcw19CHmyEULkbsdG/l
o0MKK1i5Adq/PlUi5/fsRpN5XZfaVwIDAQABo4ICuDCCArQwHQYDVR0OBBYEFOxb
sD7GLjkq5+9FWTsfpnuz+h9xMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81REUxM0E3RTA3MDAxMUYwQkYyMjIwODQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBACc7W0DBASc7WAwDAMEAJzt
dQMEApzteDANBgkqhkiG9w0BAQsFAAOCAQEAAMYbsUWf5sQnYpfZaHCi8+YuBaqd
c7X/2BzQ/bbYnCuce1itVA55jszuIj68tMK5HwYyRjo/n7OA5m21DxCgocVU3bb/
kxhqv5win0FWt6zO0y/TxVmKxRo0WAhUfWF2H3a6/v/k/HL2NJb6lFcW4+MLn/sb
sS6IWX0R0B6u+CegO9Khd/Yj5wZUJuir/MhLdPHbwLL6b/AwT0GBtuiihCTjge12
UEfP1splp2iw1uyemCe+aME4qC5RCj+BNbWMkRFweQT57Y7HvEfK9wNvbdQHxW/+
XtdPBik6NYkvGuRf6eH2g0XFa0k1zMDE4uhP1Zx8CKC91Jqh5CAGkKWnRw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:39:43 2025 by rpki-client