Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/78B605CCFF1D11EFBF711F41762E951A.roa
File: 78B605CCFF1D11EFBF711F41762E951A.roa (raw, json)
Hash identifier: XmY/BMo1pcFFWxavLpiRzdiO4xnwiOdJzDq55cQdpkE=
Subject key identifier: 71:93:2F:BD:03:70:40:77:B3:B2:FA:5F:78:8E:29:2C:9C:C6:A6:34
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014516
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/78B605CCFF1D11EFBF711F41762E951A.roa
Signing time: Wed 12 Mar 2025 08:39:12 +0000
ROA not before: Wed 12 Mar 2025 08:39:05 +0000
ROA not after: Mon 21 Apr 2025 08:39:05 +0000
asID: 14315
IP address blocks: 156.224.64.0/22 maxlen: 24
156.224.68.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83222 (0x14516)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 12 08:39:05 2025 GMT
Not After : Apr 21 08:39:05 2025 GMT
Subject: CN=67d1482f-70fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f7:30:1e:fc:f4:6f:0b:12:0c:f5:5e:0a:54:
8d:3a:05:f4:4d:4e:5d:76:39:59:c7:f8:9e:b3:73:
d2:23:af:a6:06:1c:a5:60:0d:de:a4:97:50:68:9b:
6c:13:8e:5c:cf:d2:08:09:b9:29:15:3a:8d:aa:4d:
c7:e7:86:59:09:b8:f5:a2:ac:95:6b:d6:a6:05:b7:
e9:9f:c7:ea:74:d7:37:59:25:0a:7d:3b:31:5e:94:
9b:95:ca:a6:b2:9c:b8:97:07:35:4d:f4:ac:a8:86:
af:28:68:eb:38:e6:77:43:d6:e0:46:d7:de:c2:24:
bc:2b:55:b1:22:fa:25:e9:fd:66:21:aa:7d:73:fe:
2a:aa:3c:e4:4c:e9:51:27:27:cf:6c:fc:8d:aa:33:
35:ad:73:29:d1:0e:9e:50:68:de:e0:c9:76:06:6a:
36:cb:01:60:47:35:62:a4:e3:05:4a:f5:0b:76:d0:
3f:69:41:a5:37:87:68:14:2a:1e:22:bf:3d:82:0d:
e0:79:ff:52:0e:cb:9c:57:09:38:b0:78:9f:d2:40:
5b:3b:c6:06:8d:9e:33:7d:ca:72:03:4f:dd:02:04:
c3:c3:0e:e6:22:a0:14:90:0e:3f:2d:7e:90:bc:2a:
66:98:e5:10:19:28:fa:62:27:bb:38:89:7e:24:20:
f6:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:93:2F:BD:03:70:40:77:B3:B2:FA:5F:78:8E:29:2C:9C:C6:A6:34
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/78B605CCFF1D11EFBF711F41762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.64.0/21
Signature Algorithm: sha256WithRSAEncryption
5a:35:4e:97:e7:8d:02:70:b8:63:81:29:8f:92:c2:df:80:da:
90:6a:f8:b8:86:2f:d5:5d:cc:e1:b6:90:3c:c7:df:30:86:99:
b0:8f:ac:e5:98:92:ea:e2:f8:3e:32:29:05:fd:e1:4c:33:82:
66:8f:c6:09:4c:23:20:b0:90:50:51:80:d3:10:4e:a5:e4:88:
3a:c3:0b:da:c6:15:40:9e:47:71:bc:31:10:e8:76:e7:49:6a:
92:7b:99:04:9b:25:7c:86:26:e7:4f:94:d3:68:ef:05:84:fa:
cb:61:0e:3c:2c:a1:2f:10:3d:52:53:f4:5b:46:46:60:4f:13:
db:82:21:e1:03:54:35:6a:d8:96:94:b3:ba:ec:54:4c:c2:ad:
94:f9:50:22:ed:f0:b1:12:81:b1:4c:64:70:93:ed:91:2d:fc:
44:66:e6:27:73:d2:82:72:6e:3e:87:5e:42:d7:2b:15:ab:88:
17:fa:24:12:59:08:dc:16:ed:fc:ee:26:66:c0:5e:78:96:f3:
8f:d1:f2:3a:26:65:22:cb:c3:df:32:bf:98:f0:a7:77:d5:c6:
dc:13:88:92:7c:f9:83:62:31:ce:a3:cb:50:70:af:62:93:63:
ee:50:5f:f5:a2:d9:d4:0c:71:ba:b9:8f:45:3b:f4:6f:a3:5e:
9d:61:04:4c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUUWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzEyMDgzOTA1WhcNMjUwNDIxMDgzOTA1WjAYMRYw
FAYDVQQDEw02N2QxNDgyZi03MGZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5fcwHvz0bwsSDPVeClSNOgX0TU5ddjlZx/ies3PSI6+mBhylYA3epJdQ
aJtsE45cz9IICbkpFTqNqk3H54ZZCbj1oqyVa9amBbfpn8fqdNc3WSUKfTsxXpSb
lcqmspy4lwc1TfSsqIavKGjrOOZ3Q9bgRtfewiS8K1WxIvol6f1mIap9c/4qqjzk
TOlRJyfPbPyNqjM1rXMp0Q6eUGje4Ml2Bmo2ywFgRzVipOMFSvULdtA/aUGlN4do
FCoeIr89gg3gef9SDsucVwk4sHif0kBbO8YGjZ4zfcpyA0/dAgTDww7mIqAUkA4/
LX6QvCpmmOUQGSj6Yie7OIl+JCD2TQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHGT
L70DcEB3s7L6X3iOKSycxqY0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83OEI2MDVDQ0ZGMUQxMUVGQkY3MTFGNDE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOBAMA0GCSqGSIb3DQEBCwUA
A4IBAQBaNU6X540CcLhjgSmPksLfgNqQavi4hi/VXczhtpA8x98whpmwj6zlmJLq
4vg+MikF/eFMM4Jmj8YJTCMgsJBQUYDTEE6l5Ig6wwvaxhVAnkdxvDEQ6HbnSWqS
e5kEmyV8hibnT5TTaO8FhPrLYQ48LKEvED1SU/RbRkZgTxPbgiHhA1Q1atiWlLO6
7FRMwq2U+VAi7fCxEoGxTGRwk+2RLfxEZuYnc9KCcm4+h15C1ysVq4gX+iQSWQjc
Fu387iZmwF54lvOP0fI6JmUiy8PfMr+Y8Kd31cbcE4iSfPmDYjHOo8tQcK9ik2Pu
UF/1otnUDHG6uY9FO/Rvo16dYQRM
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:22:25 2025 by rpki-client