Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA74AA445EF211EF86B8F69C762E951A.roa
File: AA74AA445EF211EF86B8F69C762E951A.roa (raw, json)
Hash identifier: CwGdqd2dDW3v2E6IoiiYc3Cj7xZElFo3Qy6KjTIl9d8=
Subject key identifier: 4D:CA:71:DC:42:67:79:80:4B:53:59:27:5D:47:F3:B8:D2:24:5F:07
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: A9F6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA74AA445EF211EF86B8F69C762E951A.roa
Signing time: Tue 20 Aug 2024 12:49:41 +0000
ROA not before: Tue 20 Aug 2024 12:49:37 +0000
ROA not after: Tue 27 May 2025 12:49:37 +0000
asID: 399077
IP address blocks: 156.251.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43510 (0xa9f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Aug 20 12:49:37 2024 GMT
Not After : May 27 12:49:37 2025 GMT
Subject: CN=66c490e5-ad97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:60:3a:b3:67:30:f6:f8:7e:55:c9:bc:80:89:
28:2e:f5:2a:dc:4e:fa:90:07:ad:b3:5e:92:9b:91:
a8:ab:28:06:64:af:2f:c3:6c:86:45:e9:e2:75:1e:
95:82:29:67:f7:7a:57:88:02:0c:cc:c5:af:57:38:
2b:9f:02:71:ac:41:a5:6b:51:a9:39:a3:0f:8d:ad:
2c:80:b4:6e:38:34:25:ee:28:b9:aa:60:b3:58:ab:
e2:68:9f:5b:a9:6a:04:b2:a4:cd:e9:96:da:4c:0b:
a4:ab:cc:8d:41:bf:81:e9:70:50:19:4d:f0:f9:a0:
9d:db:5a:4a:27:ae:4c:76:30:f4:ad:a2:4d:a0:41:
3e:4c:27:3a:33:a4:bc:e4:61:2c:5d:2f:45:93:31:
4c:b3:03:59:bc:ba:0f:0e:54:2c:7d:23:df:25:1c:
67:7b:9f:65:89:b0:5d:ab:cd:e9:dc:e0:fd:f8:2b:
3c:c1:dd:0e:31:79:88:40:19:64:64:dc:c4:84:51:
a5:b6:fa:c1:57:97:9b:9d:26:83:1e:31:d5:9d:82:
51:25:e8:e8:f4:b7:c0:ba:28:c0:67:bb:82:7f:20:
8a:0a:4a:0c:69:d7:45:05:bc:63:ee:0f:4e:b7:90:
f2:a9:38:19:1f:c3:d7:74:24:77:e5:d6:ce:a1:81:
a4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:CA:71:DC:42:67:79:80:4B:53:59:27:5D:47:F3:B8:D2:24:5F:07
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA74AA445EF211EF86B8F69C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.251.20.0/24
Signature Algorithm: sha256WithRSAEncryption
53:33:b0:b4:ca:bd:c4:ba:be:52:b0:7c:ee:ec:05:ee:d8:9e:
d3:8c:1d:d5:fa:25:c7:7d:95:c3:cb:e1:95:99:61:5e:4a:7a:
25:95:c1:78:26:49:1e:a5:ca:b2:5e:ff:3f:8d:30:a7:a6:ba:
8e:6f:79:bd:2e:c8:41:d9:94:a7:a6:e7:f6:b7:c5:1e:10:af:
e1:8a:92:22:16:0f:ef:13:f0:2b:05:f9:06:41:28:b9:dd:54:
35:1e:80:5f:b6:27:b9:de:ce:dd:1a:b7:7d:ce:29:b8:c6:6f:
2b:f4:74:76:33:55:c0:70:98:34:7f:3c:62:cc:53:54:0f:a4:
f8:7e:ce:0d:dd:b3:12:68:96:e1:d1:26:89:da:42:27:5f:5a:
2c:87:45:2e:5c:ba:50:e7:0e:a1:d7:a3:5d:4d:04:96:1c:5e:
cd:cd:9a:3f:10:f7:35:61:15:ea:1f:7c:22:c1:cd:6b:73:d0:
83:58:0f:0a:e5:1e:d7:40:b1:81:27:20:48:68:e1:56:0f:e8:
3c:a2:3f:b8:10:1f:9b:7e:98:4d:d2:ba:cd:d9:0a:b4:0e:37:
25:64:e3:57:d1:0f:a5:22:64:0a:a5:0f:bd:35:b1:59:16:85:
1e:00:49:a2:3d:51:cf:cc:e6:a0:c3:6e:bf:df:3c:40:9a:13:
7e:08:a6:e0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKn2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODIwMTI0OTM3WhcNMjUwNTI3MTI0OTM3WjAYMRYw
FAYDVQQDEw02NmM0OTBlNS1hZDk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7GA6s2cw9vh+Vcm8gIkoLvUq3E76kAets16Sm5GoqygGZK8vw2yGReni
dR6Vgiln93pXiAIMzMWvVzgrnwJxrEGla1GpOaMPja0sgLRuODQl7ii5qmCzWKvi
aJ9bqWoEsqTN6ZbaTAukq8yNQb+B6XBQGU3w+aCd21pKJ65MdjD0raJNoEE+TCc6
M6S85GEsXS9FkzFMswNZvLoPDlQsfSPfJRxne59libBdq83p3OD9+Cs8wd0OMXmI
QBlkZNzEhFGltvrBV5ebnSaDHjHVnYJRJejo9LfAuijAZ7uCfyCKCkoMaddFBbxj
7g9Ot5DyqTgZH8PXdCR35dbOoYGkeQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE3K
cdxCZ3mAS1NZJ11H87jSJF8HMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQTc0QUE0NDVFRjIxMUVGODZCOEY2OUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPsUMA0GCSqGSIb3DQEBCwUA
A4IBAQBTM7C0yr3Eur5SsHzu7AXu2J7TjB3V+iXHfZXDy+GVmWFeSnollcF4Jkke
pcqyXv8/jTCnprqOb3m9LshB2ZSnpuf2t8UeEK/hipIiFg/vE/ArBfkGQSi53VQ1
HoBftie53s7dGrd9zim4xm8r9HR2M1XAcJg0fzxizFNUD6T4fs4N3bMSaJbh0SaJ
2kInX1osh0UuXLpQ5w6h16NdTQSWHF7NzZo/EPc1YRXqH3wiwc1rc9CDWA8K5R7X
QLGBJyBIaOFWD+g8oj+4EB+bfphN0rrN2Qq0DjclZONX0Q+lImQKpQ+9NbFZFoUe
AEmiPVHPzOagw26/3zxAmhN+CKbg
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:01:09 2025 by rpki-client