Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86CDCF8AF45211EF8CA3A947762E951A.roa
File: 86CDCF8AF45211EF8CA3A947762E951A.roa (raw, json)
Hash identifier: OVPPs1MsQxG3oJzIKin7uGkjLzpsyVWBM/eXTyMoFJE=
Subject key identifier: 6B:CA:AB:2B:C5:B4:36:77:60:86:1C:43:4B:BA:1E:03:A3:DA:58:C2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01340A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86CDCF8AF45211EF8CA3A947762E951A.roa
Signing time: Wed 26 Feb 2025 15:01:16 +0000
ROA not before: Wed 26 Feb 2025 15:01:12 +0000
ROA not after: Thu 19 Feb 2026 15:01:12 +0000
asID: 984
IP address blocks: 156.252.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78858 (0x1340a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 15:01:12 2025 GMT
Not After : Feb 19 15:01:12 2026 GMT
Subject: CN=67bf2cbc-2d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c8:e6:a8:6f:a9:8b:d2:04:4a:c4:9a:f7:b4:
b2:10:59:71:66:e6:ca:69:fc:80:2a:aa:6f:77:0c:
aa:a1:9a:49:79:43:1a:21:52:fc:f4:66:72:a0:01:
e4:de:33:ef:78:0f:e9:18:0f:a6:e5:00:5d:53:01:
be:77:34:15:cf:38:fd:80:ff:05:32:c2:e1:a6:21:
c2:f6:0e:7e:c4:c3:eb:8d:61:39:c7:38:9d:68:22:
4a:57:aa:71:69:93:46:1b:05:9b:a8:ca:4f:dd:92:
10:b7:78:1d:4f:53:44:15:fd:9a:4c:8f:e0:61:9d:
b8:a7:38:c0:30:54:de:82:e8:33:f5:2d:d5:6c:79:
36:e5:af:61:d0:93:14:e5:d6:ef:c7:d3:85:fc:e7:
29:00:84:c1:78:14:33:a0:bc:60:46:4f:dc:f9:8d:
72:99:ec:18:24:d5:13:4d:36:4e:ea:f5:85:4b:b9:
99:82:7c:79:36:f8:70:8f:e9:d9:b5:0c:75:14:4c:
65:7d:b8:30:33:99:6f:ca:36:92:a7:df:e9:02:d7:
c8:88:62:d4:2d:11:7e:83:9b:ad:9e:46:a6:17:8e:
e7:9c:5a:d9:a8:93:9e:c1:10:d3:0a:6f:12:5a:3d:
fe:2c:cc:4a:8f:93:73:ec:76:79:b4:77:bf:16:30:
c9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:CA:AB:2B:C5:B4:36:77:60:86:1C:43:4B:BA:1E:03:A3:DA:58:C2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86CDCF8AF45211EF8CA3A947762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.204.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:f1:2f:0e:bd:b6:b0:d5:b7:40:44:c8:90:0b:bf:79:3d:c2:
c2:92:c2:33:e2:d6:5a:39:53:37:88:86:ea:aa:4d:e1:37:d6:
ef:4f:69:ec:b6:bb:18:f8:7d:7a:93:4c:bc:a3:49:cf:da:38:
ed:3d:37:43:c4:42:b8:ce:da:c4:90:f3:b4:1d:e4:2a:95:f4:
de:37:90:17:00:d0:c3:c3:13:5e:68:6c:56:c7:0d:bc:c7:98:
7e:eb:c7:40:6d:49:15:f4:4a:4b:10:c6:ff:b3:c6:43:61:55:
a6:7b:a9:1f:ba:f4:78:24:80:b2:31:18:e4:ae:02:07:45:2c:
6c:ad:4c:28:bc:ad:35:d9:ea:9a:52:35:97:43:fa:82:a5:19:
aa:ba:0c:36:6e:97:70:a2:0f:7f:10:f8:2f:7c:af:4e:84:6b:
c0:88:dc:15:f2:f3:32:dd:9e:12:29:6a:40:c6:95:5f:31:33:
8e:88:bd:97:dc:b6:28:57:9a:33:ae:57:01:ee:66:13:4c:b8:
fc:e6:46:d4:43:e2:05:e4:26:ff:68:49:d5:f7:a8:56:b8:69:
f7:49:0c:d2:c3:0e:30:12:ff:04:58:5b:3c:ba:63:21:20:7c:
ef:cd:19:e4:b5:b4:78:e6:c3:1a:aa:56:27:c3:84:8f:76:f5:
3a:7c:b2:22
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATQKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTUwMTEyWhcNMjYwMjE5MTUwMTEyWjAYMRYw
FAYDVQQDEw02N2JmMmNiYy0yZDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo8jmqG+pi9IESsSa97SyEFlxZubKafyAKqpvdwyqoZpJeUMaIVL89GZy
oAHk3jPveA/pGA+m5QBdUwG+dzQVzzj9gP8FMsLhpiHC9g5+xMPrjWE5xzidaCJK
V6pxaZNGGwWbqMpP3ZIQt3gdT1NEFf2aTI/gYZ24pzjAMFTegugz9S3VbHk25a9h
0JMU5dbvx9OF/OcpAITBeBQzoLxgRk/c+Y1ymewYJNUTTTZO6vWFS7mZgnx5Nvhw
j+nZtQx1FExlfbgwM5lvyjaSp9/pAtfIiGLULRF+g5utnkamF47nnFrZqJOewRDT
Cm8SWj3+LMxKj5Nz7HZ5tHe/FjDJQQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGvK
qyvFtDZ3YIYcQ0u6HgOj2ljCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NkNEQ0Y4QUY0NTIxMUVGOENBM0E5NDc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPzMMA0GCSqGSIb3DQEBCwUA
A4IBAQAL8S8Ovbaw1bdARMiQC795PcLCksIz4tZaOVM3iIbqqk3hN9bvT2nstrsY
+H16k0y8o0nP2jjtPTdDxEK4ztrEkPO0HeQqlfTeN5AXANDDwxNeaGxWxw28x5h+
68dAbUkV9EpLEMb/s8ZDYVWme6kfuvR4JICyMRjkrgIHRSxsrUwovK012eqaUjWX
Q/qCpRmqugw2bpdwog9/EPgvfK9OhGvAiNwV8vMy3Z4SKWpAxpVfMTOOiL2X3LYo
V5ozrlcB7mYTTLj85kbUQ+IF5Cb/aEnV96hWuGn3SQzSww4wEv8EWFs8umMhIHzv
zRnktbR45sMaqlYnw4SPdvU6fLIi
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:04 2025 by rpki-client