Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6EF3E29AFF2011EFB7396555762E951A.roa
File: 6EF3E29AFF2011EFB7396555762E951A.roa (raw, json)
Hash identifier: HyZVz8oytJxZokUPP0iyhqzSCfGfQWFl+B8xVQRi1Ds=
Subject key identifier: 40:A8:A8:39:D2:13:86:4F:26:36:F6:00:5F:3B:4A:D4:C8:57:FF:94
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014520
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6EF3E29AFF2011EFB7396555762E951A.roa
Signing time: Wed 12 Mar 2025 09:00:24 +0000
ROA not before: Wed 12 Mar 2025 09:00:20 +0000
ROA not after: Thu 24 Apr 2025 09:00:20 +0000
asID: 400619
IP address blocks: 156.239.24.0/21 maxlen: 24
156.239.32.0/20 maxlen: 24
156.239.48.0/22 maxlen: 24
156.239.52.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83232 (0x14520)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 12 09:00:20 2025 GMT
Not After : Apr 24 09:00:20 2025 GMT
Subject: CN=67d14d28-9485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d9:e3:55:2b:b6:ab:17:bf:dc:7b:b9:6f:eb:
4f:6f:ac:67:2e:f0:e1:38:4f:9a:85:8a:75:7a:28:
0e:da:c6:2a:ed:27:b6:ea:ac:f0:61:0c:4e:ea:c1:
3c:3c:99:bf:ac:35:7c:65:a1:94:9b:3f:d2:d5:63:
3f:83:e6:66:f0:1b:54:6d:7d:bd:31:7f:e7:e7:59:
0a:24:0b:1f:f8:ce:7f:8a:b3:6e:cd:4e:09:cf:03:
7f:a0:68:dd:6b:4d:a4:3c:65:7d:48:65:a7:21:a2:
67:b0:06:ef:86:db:37:1c:42:7c:a9:27:83:9b:c0:
34:3f:2f:9e:6e:de:b7:9d:20:05:ef:dd:3d:e2:5e:
e9:cf:16:e8:76:71:2b:30:f8:7f:68:91:cf:ba:c8:
c6:71:70:ec:38:b5:f5:ab:84:e9:38:33:ee:56:e0:
1b:a5:cb:d2:45:32:bc:14:ea:3d:83:e1:a8:3c:af:
ec:f3:ae:f9:9c:2f:8f:41:f9:6d:7c:a7:4b:49:69:
0d:ac:32:82:9c:b8:e9:3f:e7:7b:a8:65:0a:f5:30:
67:2d:ec:07:22:bb:b5:25:b5:17:92:19:d7:78:bd:
2c:61:17:bd:80:ce:6c:e0:05:bd:31:f5:bd:5a:72:
a3:79:4b:a2:42:68:f9:3c:31:7d:42:5d:d7:58:2b:
f1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A8:A8:39:D2:13:86:4F:26:36:F6:00:5F:3B:4A:D4:C8:57:FF:94
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6EF3E29AFF2011EFB7396555762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.24.0-156.239.53.255
Signature Algorithm: sha256WithRSAEncryption
b7:ad:d5:1f:22:a0:ea:0b:64:0b:1d:fc:8e:85:96:bc:63:c0:
d6:0f:5c:6c:96:7a:a4:f8:25:0d:3b:c6:2c:ef:2c:56:6a:ef:
e5:55:07:cc:2c:07:04:22:8d:cb:62:e8:2c:00:cf:a5:25:8a:
75:4e:b5:96:47:77:fe:f8:62:a6:76:9f:0a:c2:41:d9:ce:2e:
7f:0c:78:fb:19:b3:cc:37:2a:56:8b:c0:ba:f5:3f:c5:c1:1c:
df:f1:06:ba:87:1e:94:ce:d6:af:3a:55:c1:46:1b:c2:68:88:
b3:58:cb:ca:df:a5:00:2a:c5:41:21:c9:c9:a8:58:e1:1c:f4:
5d:66:63:f9:58:c3:56:37:95:8d:a2:c0:f8:61:a8:65:54:b4:
42:49:12:52:a0:82:63:7d:dc:aa:78:46:77:34:65:e7:14:3f:
bc:d3:03:fd:c2:58:d7:e0:8b:9d:17:4c:33:e7:9a:ac:c4:32:
a6:1b:c6:10:15:2a:99:bb:2e:6a:ea:1b:4f:ca:3b:32:fc:57:
c9:c1:c2:1f:a6:4c:4b:74:54:12:53:ad:60:71:5f:4e:15:6f:
2c:c1:e9:45:9a:b2:82:5f:e3:ef:92:a1:7a:ba:14:8a:3d:3d:
3f:65:e9:e0:de:22:d7:fd:7e:2f:5b:d3:07:2d:e2:9e:5d:02:
f2:f7:24:28
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAUUgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzEyMDkwMDIwWhcNMjUwNDI0MDkwMDIwWjAYMRYw
FAYDVQQDEw02N2QxNGQyOC05NDg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAk9njVSu2qxe/3Hu5b+tPb6xnLvDhOE+ahYp1eigO2sYq7Se26qzwYQxO
6sE8PJm/rDV8ZaGUmz/S1WM/g+Zm8BtUbX29MX/n51kKJAsf+M5/irNuzU4JzwN/
oGjda02kPGV9SGWnIaJnsAbvhts3HEJ8qSeDm8A0Py+ebt63nSAF79094l7pzxbo
dnErMPh/aJHPusjGcXDsOLX1q4TpODPuVuAbpcvSRTK8FOo9g+GoPK/s8675nC+P
QfltfKdLSWkNrDKCnLjpP+d7qGUK9TBnLewHIru1JbUXkhnXeL0sYRe9gM5s4AW9
MfW9WnKjeUuiQmj5PDF9Ql3XWCvx+wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFECo
qDnSE4ZPJjb2AF87StTIV/+UMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82RUYzRTI5QUZGMjAxMUVGQjczOTY1NTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOc7xgDBAGc7zQwDQYJKoZI
hvcNAQELBQADggEBALet1R8ioOoLZAsd/I6FlrxjwNYPXGyWeqT4JQ07xizvLFZq
7+VVB8wsBwQijcti6CwAz6UlinVOtZZHd/74YqZ2nwrCQdnOLn8MePsZs8w3KlaL
wLr1P8XBHN/xBrqHHpTO1q86VcFGG8JoiLNYy8rfpQAqxUEhycmoWOEc9F1mY/lY
w1Y3lY2iwPhhqGVUtEJJElKggmN93Kp4Rnc0ZecUP7zTA/3CWNfgi50XTDPnmqzE
MqYbxhAVKpm7LmrqG0/KOzL8V8nBwh+mTEt0VBJTrWBxX04VbyzB6UWasoJf4++S
oXq6FIo9PT9l6eDeItf9fi9b0wct4p5dAvL3JCg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:01:13 2025 by rpki-client