Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5E8386D4D4B611EFA553034F762E951A.roa
File: 5E8386D4D4B611EFA553034F762E951A.roa (raw, json)
Hash identifier: W4cH+wsdT7PKS8p/gcd3u9PZX7odBm8papbUb+oGaoE=
Subject key identifier: FD:75:82:82:97:BD:30:8C:C1:92:21:F6:E6:DA:3B:09:41:7D:62:92
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01095F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5E8386D4D4B611EFA553034F762E951A.roa
Signing time: Fri 17 Jan 2025 09:35:21 +0000
ROA not before: Fri 17 Jan 2025 09:35:17 +0000
ROA not after: Sun 14 Dec 2025 09:35:17 +0000
asID: 23764
IP address blocks: 156.242.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67935 (0x1095f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 17 09:35:17 2025 GMT
Not After : Dec 14 09:35:17 2025 GMT
Subject: CN=678a2459-4564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:11:e1:bc:67:a7:8d:e0:2e:54:a9:22:75:71:
4d:95:52:ca:24:bb:6b:ba:65:9e:6a:02:48:a2:a0:
af:e1:2a:9d:38:ed:8d:be:17:e2:7f:19:02:dc:0b:
15:6e:69:39:3e:a5:60:fe:92:65:be:f1:2f:1e:17:
25:0d:18:7e:dd:9b:0d:49:fc:0d:07:22:35:e2:6c:
71:df:0f:0d:f6:c0:3e:0d:c0:94:28:f8:4f:63:76:
75:69:03:4d:ff:fc:15:35:53:e4:92:57:78:de:f9:
35:b3:9f:52:2d:bb:fa:e0:e5:1f:4a:3c:61:75:6e:
2d:eb:97:ba:72:df:59:d9:27:0d:c4:a7:ba:25:6e:
06:22:82:e7:89:17:97:4d:7e:35:2c:a8:bd:4b:65:
11:cb:e6:41:11:c2:8d:c0:2f:87:e9:6b:00:db:df:
54:98:da:61:92:7b:b1:d2:85:09:58:0e:d6:28:b0:
3f:9e:89:86:ea:d9:b4:a1:d4:55:2a:27:70:b1:6a:
64:e2:52:2b:e8:8d:0e:5b:e1:e8:2d:d9:9b:8d:a8:
12:d6:0c:4e:da:a0:ee:05:94:b6:25:06:84:59:9a:
21:06:0b:67:20:3c:21:0b:ec:5b:0a:3c:3c:0c:36:
c0:f8:30:b0:eb:6a:e1:8e:25:9f:a1:86:3b:05:d4:
c9:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:75:82:82:97:BD:30:8C:C1:92:21:F6:E6:DA:3B:09:41:7D:62:92
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5E8386D4D4B611EFA553034F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.242.4.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:ba:1b:3e:a0:13:e0:30:4c:3c:ed:e6:07:49:2b:7f:74:56:
2d:b4:53:c0:99:42:32:85:c7:05:b9:85:9c:5b:f9:67:1a:dc:
00:db:8c:8a:9f:42:86:50:11:52:df:8b:64:c4:dd:37:ae:d4:
79:68:f0:b2:a5:a4:ba:d0:cf:9a:a1:5a:b1:ce:88:06:49:df:
25:c2:72:38:38:26:10:8a:dd:11:29:be:91:49:b0:87:01:3d:
e1:56:63:a8:65:2a:f4:fe:d5:81:72:ea:6c:ac:3a:bb:88:96:
de:62:bc:54:37:f4:f6:49:ca:6c:63:15:98:c1:a1:89:6a:f5:
d8:76:bd:45:e7:45:01:12:c8:52:61:e3:10:7a:8d:a5:2d:de:
77:75:33:6f:5f:77:c7:1a:14:af:85:f6:a5:2b:0f:f4:f9:bd:
45:38:83:7c:b4:30:40:2b:ce:3b:2f:c8:62:82:25:30:4f:d3:
76:e2:ef:ac:09:ad:4d:1d:37:4f:02:d0:55:b6:e8:a2:3e:82:
58:57:8b:a2:9b:91:a9:a9:79:66:da:52:74:0f:38:65:80:e9:
41:35:4b:d8:3c:26:e4:eb:f6:1c:4a:96:73:25:94:19:46:3f:
a5:a3:c9:5b:7c:45:95:e2:6c:d5:ee:f4:b4:21:32:49:03:d4:
79:7b:a1:c3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQlfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE3MDkzNTE3WhcNMjUxMjE0MDkzNTE3WjAYMRYw
FAYDVQQDEw02NzhhMjQ1OS00NTY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyRHhvGenjeAuVKkidXFNlVLKJLtrumWeagJIoqCv4SqdOO2NvhfifxkC
3AsVbmk5PqVg/pJlvvEvHhclDRh+3ZsNSfwNByI14mxx3w8N9sA+DcCUKPhPY3Z1
aQNN//wVNVPkkld43vk1s59SLbv64OUfSjxhdW4t65e6ct9Z2ScNxKe6JW4GIoLn
iReXTX41LKi9S2URy+ZBEcKNwC+H6WsA299UmNphknux0oUJWA7WKLA/nomG6tm0
odRVKidwsWpk4lIr6I0OW+HoLdmbjagS1gxO2qDuBZS2JQaEWZohBgtnIDwhC+xb
Cjw8DDbA+DCw62rhjiWfoYY7BdTJ4QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP11
goKXvTCMwZIh9ubaOwlBfWKSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81RTgzODZENEQ0QjYxMUVGQTU1MzAzNEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPIEMA0GCSqGSIb3DQEBCwUA
A4IBAQB7uhs+oBPgMEw87eYHSSt/dFYttFPAmUIyhccFuYWcW/lnGtwA24yKn0KG
UBFS34tkxN03rtR5aPCypaS60M+aoVqxzogGSd8lwnI4OCYQit0RKb6RSbCHAT3h
VmOoZSr0/tWBcupsrDq7iJbeYrxUN/T2ScpsYxWYwaGJavXYdr1F50UBEshSYeMQ
eo2lLd53dTNvX3fHGhSvhfalKw/0+b1FOIN8tDBAK847L8higiUwT9N24u+sCa1N
HTdPAtBVtuiiPoJYV4uim5GpqXlm2lJ0DzhlgOlBNUvYPCbk6/YcSpZzJZQZRj+l
o8lbfEWV4mzV7vS0ITJJA9R5e6HD
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:58:47 2025 by rpki-client