Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B88F239EF5AA11EF866F6A8F762E951A.roa
File: B88F239EF5AA11EF866F6A8F762E951A.roa (raw, json)
Hash identifier: /V3oR9wzf1kF62iPGGSO5zWHiKtA28U8torb4ZMpd8w=
Subject key identifier: FD:19:A4:44:7D:E1:8B:DE:01:00:9C:88:D2:B9:2A:AD:AB:A9:28:C3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013C7D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B88F239EF5AA11EF866F6A8F762E951A.roa
Signing time: Fri 28 Feb 2025 08:05:06 +0000
ROA not before: Fri 28 Feb 2025 08:05:02 +0000
ROA not after: Thu 19 Feb 2026 08:05:02 +0000
asID: 984
IP address blocks: 156.242.37.0/24 maxlen: 24
156.242.38.0/24 maxlen: 24
156.242.39.0/24 maxlen: 24
156.242.40.0/24 maxlen: 24
156.242.41.0/24 maxlen: 24
156.242.42.0/24 maxlen: 24
156.242.43.0/24 maxlen: 24
156.242.44.0/24 maxlen: 24
156.242.45.0/24 maxlen: 24
156.242.46.0/24 maxlen: 24
156.242.47.0/24 maxlen: 24
156.242.48.0/24 maxlen: 24
156.242.49.0/24 maxlen: 24
156.242.50.0/24 maxlen: 24
156.242.51.0/24 maxlen: 24
156.242.52.0/24 maxlen: 24
156.242.53.0/24 maxlen: 24
156.242.54.0/24 maxlen: 24
156.242.55.0/24 maxlen: 24
156.242.56.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81021 (0x13c7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 28 08:05:02 2025 GMT
Not After : Feb 19 08:05:02 2026 GMT
Subject: CN=67c16e32-8c47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:47:56:26:59:a8:e9:a2:fb:03:b7:90:0e:c6:
32:51:d6:13:13:9f:30:47:79:d8:03:d4:60:33:42:
da:d3:74:de:ce:f8:fd:ea:d2:67:8f:12:aa:4d:1c:
b2:90:4b:54:a4:67:99:43:f3:83:f3:d0:f5:bc:ae:
dd:5c:2d:d2:da:ac:e0:02:ff:82:08:54:98:64:26:
8d:da:72:c7:38:72:f5:f8:fe:11:af:94:cb:92:d3:
26:12:e1:c6:b4:3c:3d:c4:16:72:9f:5f:fb:d2:fc:
22:ad:0c:d7:39:fc:17:c9:04:ba:51:ea:fc:97:ab:
a8:76:1a:2f:89:e9:5c:5f:c9:01:1f:20:8a:94:d1:
52:4b:aa:42:bd:e1:6b:ce:17:46:1a:8e:89:a8:0c:
ca:3f:3f:6c:1a:22:19:45:73:87:a5:48:a0:4f:3d:
39:d0:10:56:63:3d:66:56:2a:5f:62:5b:42:5d:08:
82:91:3c:3c:95:d7:76:23:be:18:15:bf:b5:59:8c:
c5:a3:1b:24:5e:8a:f4:59:9c:db:d8:f8:3c:57:b5:
62:ba:5e:dd:40:94:70:f0:5e:d2:ac:62:7f:85:da:
7b:cc:20:51:17:ea:4a:b4:a8:35:9a:c5:2b:e2:17:
23:57:0e:ac:7d:31:56:f6:ed:78:e6:01:25:7c:ff:
fe:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:19:A4:44:7D:E1:8B:DE:01:00:9C:88:D2:B9:2A:AD:AB:A9:28:C3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B88F239EF5AA11EF866F6A8F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.242.37.0-156.242.56.255
Signature Algorithm: sha256WithRSAEncryption
ad:a7:0f:e2:7c:ee:e6:c7:5f:99:80:64:cc:3d:ed:bd:f6:b1:
3f:65:bf:91:01:52:8c:78:72:cc:62:1f:2b:dd:06:30:64:a1:
d2:e8:80:84:d9:0e:f2:ac:cb:1b:74:04:b0:dc:cd:cd:a4:31:
a7:d7:57:86:66:68:e7:7c:da:d9:a6:5c:e5:a3:5c:d0:e5:c6:
a6:6a:6e:c8:4f:ac:99:f1:1d:28:c5:69:71:b8:7b:2a:92:82:
63:ba:d4:f3:af:6c:61:ff:1b:ed:df:ba:d6:a8:97:4b:f8:6a:
25:07:6a:1d:e4:50:ba:f4:a4:97:b4:c6:d8:14:61:c1:9b:b1:
1b:3a:87:e5:e1:2f:ae:37:51:4c:e0:f2:75:ae:0b:c3:6d:a6:
d7:96:42:46:27:0b:53:b6:54:5e:46:ad:a4:72:d1:8f:38:ce:
ea:cd:8b:3b:6d:96:be:f6:99:89:e6:0d:f4:5e:56:a2:cd:8d:
3d:11:32:33:c4:a9:11:74:ff:34:4c:13:29:f0:83:3d:e7:2d:
2a:8b:b7:fe:5c:c5:ec:57:3c:c6:76:e1:43:b8:f5:89:9f:f7:
67:86:31:0d:ee:f1:c0:6a:f9:13:d7:cb:49:d4:e7:50:8d:0a:
76:7c:51:6d:7a:a3:f5:18:e3:6c:7c:d5:94:bc:b2:51:cb:70:
d8:a2:a8:4e
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDATx9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MDgwNTAyWhcNMjYwMjE5MDgwNTAyWjAYMRYw
FAYDVQQDEw02N2MxNmUzMi04YzQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyUdWJlmo6aL7A7eQDsYyUdYTE58wR3nYA9RgM0La03Tezvj96tJnjxKq
TRyykEtUpGeZQ/OD89D1vK7dXC3S2qzgAv+CCFSYZCaN2nLHOHL1+P4Rr5TLktMm
EuHGtDw9xBZyn1/70vwirQzXOfwXyQS6Uer8l6uodhovielcX8kBHyCKlNFSS6pC
veFrzhdGGo6JqAzKPz9sGiIZRXOHpUigTz050BBWYz1mVipfYltCXQiCkTw8ldd2
I74YFb+1WYzFoxskXor0WZzb2Pg8V7Viul7dQJRw8F7SrGJ/hdp7zCBRF+pKtKg1
msUr4hcjVw6sfTFW9u145gElfP/+XQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFP0Z
pER94YveAQCciNK5Kq2rqSjDMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CODhGMjM5RUY1QUExMUVGODY2RjZBOEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACc8iUDBACc8jgwDQYJKoZI
hvcNAQELBQADggEBAK2nD+J87ubHX5mAZMw97b32sT9lv5EBUox4csxiHyvdBjBk
odLogITZDvKsyxt0BLDczc2kMafXV4ZmaOd82tmmXOWjXNDlxqZqbshPrJnxHSjF
aXG4eyqSgmO61POvbGH/G+3futaol0v4aiUHah3kULr0pJe0xtgUYcGbsRs6h+Xh
L643UUzg8nWuC8NtpteWQkYnC1O2VF5GraRy0Y84zurNizttlr72mYnmDfReVqLN
jT0RMjPEqRF0/zRMEynwgz3nLSqLt/5cxexXPMZ24UO49Ymf92eGMQ3u8cBq+RPX
y0nU51CNCnZ8UW16o/UY42x81ZS8slHLcNiiqE4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:01:09 2025 by rpki-client