Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/888EA0C4F4B111EFAC99F75C762E951A.roa
File: 888EA0C4F4B111EFAC99F75C762E951A.roa (raw, json)
Hash identifier: ZjeGPdT1sRe29U6zjCbzGiW/odaToJBFKrm0Tl9W8zc=
Subject key identifier: 68:1E:32:51:C6:DD:AA:5C:50:FC:E4:8C:C0:C6:72:C0:D6:83:91:45
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0138B4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/888EA0C4F4B111EFAC99F75C762E951A.roa
Signing time: Thu 27 Feb 2025 02:21:21 +0000
ROA not before: Thu 27 Feb 2025 02:21:17 +0000
ROA not after: Thu 19 Feb 2026 02:21:17 +0000
asID: 984
IP address blocks: 156.247.58.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80052 (0x138b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 27 02:21:17 2025 GMT
Not After : Feb 19 02:21:17 2026 GMT
Subject: CN=67bfcc21-2b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:46:56:8e:a4:d0:f2:ec:28:71:aa:eb:0f:47:
d2:7a:c5:3b:08:9c:17:76:69:ac:91:03:22:f2:21:
4e:4f:3a:a8:a8:8b:dc:ae:c7:1a:5e:f1:e3:11:5f:
38:43:69:73:00:cf:55:55:4d:04:68:b2:96:06:80:
f7:ea:bd:17:84:ad:5f:b4:6c:ac:55:ad:33:44:9c:
42:94:28:15:7c:1a:0c:02:a8:c4:59:5a:98:3a:35:
0c:43:fd:bb:29:4e:e1:23:40:a7:98:0e:7b:39:70:
c3:21:f4:04:81:2b:73:3b:b5:8f:cf:05:03:fc:d9:
94:4b:b2:17:a6:53:76:35:00:6d:38:f3:da:b5:56:
ae:4b:44:51:75:0b:8f:c5:57:40:c0:dc:bb:ed:02:
e5:f9:13:b2:38:76:36:73:c1:a9:15:6a:9c:2e:1c:
6c:ce:b1:4c:d0:3b:4d:32:f6:4f:50:72:a1:c2:88:
c7:67:c8:e0:9b:29:4d:3c:35:6b:1f:83:14:2f:7a:
0b:c6:24:c9:49:61:44:38:d9:1c:45:98:7b:20:49:
e8:70:b4:3b:82:f7:4c:0e:31:c0:39:07:d8:86:0f:
bc:13:22:38:03:c8:76:5b:08:07:b0:fe:07:e3:33:
c8:db:eb:2a:fe:b2:01:6f:f1:30:4b:9a:29:f7:02:
8f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:1E:32:51:C6:DD:AA:5C:50:FC:E4:8C:C0:C6:72:C0:D6:83:91:45
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/888EA0C4F4B111EFAC99F75C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.58.0/24
Signature Algorithm: sha256WithRSAEncryption
12:51:6f:d2:31:10:e1:14:e6:00:c1:db:cc:ad:09:16:05:8d:
09:3f:f8:a5:ae:7a:ea:58:43:e7:93:e0:59:f1:d9:04:cf:da:
79:a0:7f:0e:9c:7f:92:2e:a3:89:05:59:53:4b:1e:59:b1:78:
ab:ca:d6:2e:db:63:22:82:eb:36:d4:b3:45:13:10:4a:88:b2:
5a:26:a9:e6:33:a7:c8:ba:cd:d0:79:5c:d1:7f:d5:1f:37:73:
fb:45:b2:76:b9:d5:f4:13:2d:69:9a:15:91:f7:7c:ac:cb:ef:
6c:61:cc:89:85:eb:27:63:e1:3c:66:9e:df:49:52:b2:63:a7:
62:df:06:37:8b:89:d7:eb:6d:cb:b3:9f:d7:cd:7f:27:32:29:
19:07:8f:4c:9f:49:c9:01:8a:7f:e4:85:b9:be:2c:f2:90:3d:
49:3e:11:77:3c:84:84:06:e5:c3:98:9e:d0:bb:b1:84:fe:55:
6a:94:cd:43:de:00:4e:b8:d6:2b:8d:84:32:f2:db:4c:e6:d9:
f8:9f:0b:98:86:55:ce:02:70:dc:b1:8c:d6:6d:a5:94:e1:dc:
cd:fd:a1:e7:9f:d3:b0:ca:1c:54:51:99:37:bd:ca:e0:ac:1c:
e2:cc:ad:3b:67:c7:8c:50:0e:83:9e:ac:3b:33:56:48:2f:74:
c6:bd:8f:2b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATi0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI3MDIyMTE3WhcNMjYwMjE5MDIyMTE3WjAYMRYw
FAYDVQQDEw02N2JmY2MyMS0yYjczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmEZWjqTQ8uwocarrD0fSesU7CJwXdmmskQMi8iFOTzqoqIvcrscaXvHj
EV84Q2lzAM9VVU0EaLKWBoD36r0XhK1ftGysVa0zRJxClCgVfBoMAqjEWVqYOjUM
Q/27KU7hI0CnmA57OXDDIfQEgStzO7WPzwUD/NmUS7IXplN2NQBtOPPatVauS0RR
dQuPxVdAwNy77QLl+ROyOHY2c8GpFWqcLhxszrFM0DtNMvZPUHKhwojHZ8jgmylN
PDVrH4MUL3oLxiTJSWFEONkcRZh7IEnocLQ7gvdMDjHAOQfYhg+8EyI4A8h2WwgH
sP4H4zPI2+sq/rIBb/EwS5op9wKPLQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGge
MlHG3apcUPzkjMDGcsDWg5FFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84ODhFQTBDNEY0QjExMUVGQUM5OUY3NUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPc6MA0GCSqGSIb3DQEBCwUA
A4IBAQASUW/SMRDhFOYAwdvMrQkWBY0JP/ilrnrqWEPnk+BZ8dkEz9p5oH8OnH+S
LqOJBVlTSx5ZsXirytYu22Migus21LNFExBKiLJaJqnmM6fIus3QeVzRf9UfN3P7
RbJ2udX0Ey1pmhWR93ysy+9sYcyJhesnY+E8Zp7fSVKyY6di3wY3i4nX623Ls5/X
zX8nMikZB49Mn0nJAYp/5IW5vizykD1JPhF3PISEBuXDmJ7Qu7GE/lVqlM1D3gBO
uNYrjYQy8ttM5tn4nwuYhlXOAnDcsYzWbaWU4dzN/aHnn9OwyhxUUZk3vcrgrBzi
zK07Z8eMUA6Dnqw7M1ZIL3TGvY8r
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:30:53 2025 by rpki-client