Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86731A6CF45811EFA8960172762E951A.roa
File: 86731A6CF45811EFA8960172762E951A.roa (raw, json)
Hash identifier: FtIoxKh9W7HE/2QTMTB+FpNr/nJ+QzkTdULGSbzY35o=
Subject key identifier: 22:64:2D:6D:87:B5:5D:92:E4:F6:CC:FE:CB:A8:62:44:CC:88:EE:77
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013467
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86731A6CF45811EFA8960172762E951A.roa
Signing time: Wed 26 Feb 2025 15:44:12 +0000
ROA not before: Wed 26 Feb 2025 15:43:46 +0000
ROA not after: Thu 19 Feb 2026 15:43:46 +0000
asID: 984
IP address blocks: 156.252.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78951 (0x13467)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 15:43:46 2025 GMT
Not After : Feb 19 15:43:46 2026 GMT
Subject: CN=67bf36cc-1443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3f:09:f5:01:d4:48:71:9a:fd:ce:0f:d1:95:
08:b6:a1:eb:e7:0b:35:9c:db:3c:9f:a3:1c:89:54:
63:a0:7d:40:95:99:79:73:df:7e:39:1c:83:7f:67:
ca:e6:90:86:9e:96:ad:0d:a7:56:a3:c0:c8:09:7a:
b2:c2:0b:45:c3:4a:70:8d:d8:d6:b4:1e:a8:ac:ce:
11:51:71:e1:35:a2:6a:94:b0:ed:c7:98:81:16:ca:
49:01:9e:84:43:88:b4:7b:8e:3a:a9:fb:ba:e7:f7:
c2:d4:d8:63:6c:1f:99:cc:41:13:7c:59:77:33:c5:
92:f0:97:61:cf:fd:35:8f:b5:eb:dc:df:69:4d:5b:
16:33:81:d4:6d:57:0f:79:74:fc:70:b7:03:61:b4:
e8:74:5a:43:15:3e:72:25:4b:2c:c4:8e:39:60:08:
eb:cb:ca:7c:99:b3:d2:e6:57:01:a4:8c:68:64:d5:
9d:f7:6c:8a:66:72:88:74:00:d5:78:69:92:a2:d2:
d7:49:2a:da:d3:3f:de:61:fe:37:15:ff:81:52:92:
e6:6d:28:a9:ae:86:9b:2a:28:5b:b8:3c:5c:38:67:
50:14:41:d3:cd:73:d7:e1:d0:7c:d8:34:ca:21:27:
31:e2:13:16:44:5f:2c:35:36:77:e8:66:6c:0a:93:
b2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:64:2D:6D:87:B5:5D:92:E4:F6:CC:FE:CB:A8:62:44:CC:88:EE:77
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86731A6CF45811EFA8960172762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.220.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:21:ee:59:a7:1a:9b:0b:17:35:ef:bc:06:0c:76:4d:bc:6d:
dd:40:29:96:04:be:23:eb:97:89:88:47:8e:9d:20:6c:99:18:
10:46:f1:1a:c0:fc:d9:64:df:f6:db:e7:46:35:50:60:f2:10:
26:d6:54:ff:ba:5f:41:63:04:e4:a8:d4:f5:37:50:ff:e8:7f:
e8:22:2b:76:df:ce:4b:96:2a:a3:c6:8e:b5:8b:7b:3b:a2:be:
1d:ea:0d:df:5c:20:10:6c:99:9b:76:23:a3:4a:64:66:38:10:
c3:4b:34:96:46:cf:14:72:6c:5d:f8:39:54:40:d8:9d:58:73:
7b:83:05:6b:26:38:2f:ce:91:fb:60:ad:f7:93:9d:01:2f:71:
ab:b6:07:72:75:87:6c:75:b1:93:3e:a2:2f:23:9a:e7:ac:61:
a2:c5:4f:81:3c:f3:84:38:b3:d7:4c:60:e3:d2:e0:93:a4:3c:
8c:5c:ba:43:60:d8:c3:b4:e8:7e:d3:85:9b:50:c6:7f:f3:2f:
b7:27:b9:f6:96:3b:c8:c7:00:e6:9a:b0:8b:61:66:01:59:e1:
f4:7e:eb:2d:30:a4:0b:6b:a8:92:ab:e3:0b:c9:9c:55:23:85:
1b:b9:84:ff:95:f7:2e:48:6d:f5:ad:2b:75:fc:f1:43:c8:9b:
79:85:56:a5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATRnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTU0MzQ2WhcNMjYwMjE5MTU0MzQ2WjAYMRYw
FAYDVQQDEw02N2JmMzZjYy0xNDQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvT8J9QHUSHGa/c4P0ZUItqHr5ws1nNs8n6MciVRjoH1AlZl5c99+ORyD
f2fK5pCGnpatDadWo8DICXqywgtFw0pwjdjWtB6orM4RUXHhNaJqlLDtx5iBFspJ
AZ6EQ4i0e446qfu65/fC1NhjbB+ZzEETfFl3M8WS8Jdhz/01j7Xr3N9pTVsWM4HU
bVcPeXT8cLcDYbTodFpDFT5yJUssxI45YAjry8p8mbPS5lcBpIxoZNWd92yKZnKI
dADVeGmSotLXSSra0z/eYf43Ff+BUpLmbSiproabKihbuDxcOGdQFEHTzXPX4dB8
2DTKIScx4hMWRF8sNTZ36GZsCpOyhwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCJk
LW2HtV2S5PbM/suoYkTMiO53MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NjczMUE2Q0Y0NTgxMUVGQTg5NjAxNzI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPzcMA0GCSqGSIb3DQEBCwUA
A4IBAQAtIe5ZpxqbCxc177wGDHZNvG3dQCmWBL4j65eJiEeOnSBsmRgQRvEawPzZ
ZN/22+dGNVBg8hAm1lT/ul9BYwTkqNT1N1D/6H/oIit2385Lliqjxo61i3s7or4d
6g3fXCAQbJmbdiOjSmRmOBDDSzSWRs8Ucmxd+DlUQNidWHN7gwVrJjgvzpH7YK33
k50BL3GrtgdydYdsdbGTPqIvI5rnrGGixU+BPPOEOLPXTGDj0uCTpDyMXLpDYNjD
tOh+04WbUMZ/8y+3J7n2ljvIxwDmmrCLYWYBWeH0fustMKQLa6iSq+MLyZxVI4Ub
uYT/lfcuSG31rSt1/PFDyJt5hVal
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:25:01 2025 by rpki-client