Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C7E88682F5DC11EF90DA5967762E951A.roa
File: C7E88682F5DC11EF90DA5967762E951A.roa (raw, json)
Hash identifier: 0vQAQBp3BwVN+yccUHqvjVJa/roQbiZaX/O1qRQTKx4=
Subject key identifier: 85:10:C0:17:66:96:AE:CD:E5:15:14:5B:35:B1:A7:FE:81:6E:8C:CF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013E1C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C7E88682F5DC11EF90DA5967762E951A.roa
Signing time: Fri 28 Feb 2025 14:03:27 +0000
ROA not before: Fri 28 Feb 2025 14:03:23 +0000
ROA not after: Sun 13 Apr 2025 14:03:23 +0000
asID: 138915
IP address blocks: 156.244.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81436 (0x13e1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 28 14:03:23 2025 GMT
Not After : Apr 13 14:03:23 2025 GMT
Subject: CN=67c1c22f-ba62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c2:44:0d:d9:07:4c:9d:81:4c:77:0a:85:9a:
a8:f6:ec:a7:05:76:11:2e:9c:54:a5:c6:ec:cf:56:
b6:05:2f:90:7a:59:ad:bd:96:96:24:18:6d:4c:31:
03:87:bf:2a:73:44:48:64:27:1a:7a:f8:0f:df:a1:
b2:ca:03:22:1b:b3:20:4d:b5:a1:fc:a2:a5:74:05:
72:7b:c2:ec:a9:5b:36:c8:c3:24:4e:eb:c7:99:51:
bd:e7:6e:44:8f:1e:a8:2e:d7:8b:b5:ea:62:de:a4:
31:c3:dc:2f:08:0d:f3:9d:d2:6a:f9:e8:ed:81:fe:
70:4b:53:13:db:7f:e1:5e:1c:05:c0:60:dd:ab:77:
a6:e7:27:3e:5b:b1:86:60:db:f9:92:7d:af:b1:31:
bc:49:32:c4:08:66:49:da:d8:de:fb:ab:42:72:28:
38:07:df:f2:25:d0:a7:ae:bf:12:db:bf:77:04:90:
10:e6:dd:37:a6:a8:c1:ba:a4:0c:4f:3a:f0:50:29:
35:ef:3b:4a:7f:8a:ed:cd:a1:38:e8:45:48:d6:bc:
fe:54:c1:d8:e6:2a:11:74:65:47:43:92:40:68:b5:
12:cd:e1:c0:8c:4f:a9:e6:92:fd:39:9b:2f:bb:9d:
10:47:f9:1a:00:ee:fa:0b:1c:12:c1:70:ac:48:d5:
d6:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:10:C0:17:66:96:AE:CD:E5:15:14:5B:35:B1:A7:FE:81:6E:8C:CF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C7E88682F5DC11EF90DA5967762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.35.0/24
Signature Algorithm: sha256WithRSAEncryption
34:3d:4e:3e:69:e9:2f:e7:36:1b:1c:21:ae:be:2e:b7:9d:1f:
d7:c8:3e:2e:ad:96:22:a4:4b:11:05:a6:28:1d:42:48:27:2c:
09:5e:79:48:24:f3:52:24:e3:ee:cb:91:7a:82:b2:9b:c6:9c:
aa:0e:c7:d8:fd:69:8a:cf:d4:f4:27:bf:ae:88:e5:b4:93:4a:
91:4e:43:70:ca:40:e3:35:1e:e0:7e:8d:2a:87:a6:4d:fe:6e:
6f:0e:81:d7:4f:d5:ce:e1:9c:cc:ed:a6:e0:bb:46:8b:86:c4:
90:1d:06:af:df:59:0d:9c:90:3a:a7:44:53:b3:1e:80:d4:72:
56:b5:dc:c7:81:36:77:6b:9b:22:49:7f:42:ad:90:79:cb:9a:
8b:c5:16:64:7a:1d:ec:09:f6:f4:5e:a2:8a:13:10:43:66:a3:
fe:62:bd:74:c2:ae:53:36:9f:7a:03:31:67:7f:c6:5f:6a:66:
60:ee:a8:cc:7c:1b:f1:4d:14:38:ab:b3:ae:97:1e:87:13:a1:
a3:70:8d:91:aa:24:65:f9:ee:d7:08:6f:b6:85:2f:d9:0d:fa:
ad:02:38:d0:10:c3:fc:ec:e9:7d:52:e9:e9:c5:ee:b7:4a:a3:
8f:1a:9e:6e:38:65:87:89:c1:fc:a7:9f:e3:57:8d:80:de:23:
65:3b:6b:29
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAT4cMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MTQwMzIzWhcNMjUwNDEzMTQwMzIzWjAYMRYw
FAYDVQQDEw02N2MxYzIyZi1iYTYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz8JEDdkHTJ2BTHcKhZqo9uynBXYRLpxUpcbsz1a2BS+QelmtvZaWJBht
TDEDh78qc0RIZCcaevgP36GyygMiG7MgTbWh/KKldAVye8LsqVs2yMMkTuvHmVG9
525Ejx6oLteLtepi3qQxw9wvCA3zndJq+ejtgf5wS1MT23/hXhwFwGDdq3em5yc+
W7GGYNv5kn2vsTG8STLECGZJ2tje+6tCcig4B9/yJdCnrr8S2793BJAQ5t03pqjB
uqQMTzrwUCk17ztKf4rtzaE46EVI1rz+VMHY5ioRdGVHQ5JAaLUSzeHAjE+p5pL9
OZsvu50QR/kaAO76CxwSwXCsSNXWJQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIUQ
wBdmlq7N5RUUWzWxp/6BbozPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DN0U4ODY4MkY1REMxMUVGOTBEQTU5Njc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPQjMA0GCSqGSIb3DQEBCwUA
A4IBAQA0PU4+aekv5zYbHCGuvi63nR/XyD4urZYipEsRBaYoHUJIJywJXnlIJPNS
JOPuy5F6grKbxpyqDsfY/WmKz9T0J7+uiOW0k0qRTkNwykDjNR7gfo0qh6ZN/m5v
DoHXT9XO4ZzM7abgu0aLhsSQHQav31kNnJA6p0RTsx6A1HJWtdzHgTZ3a5siSX9C
rZB5y5qLxRZkeh3sCfb0XqKKExBDZqP+Yr10wq5TNp96AzFnf8ZfamZg7qjMfBvx
TRQ4q7Oulx6HE6GjcI2RqiRl+e7XCG+2hS/ZDfqtAjjQEMP87Ol9Uunpxe63SqOP
Gp5uOGWHicH8p5/jV42A3iNlO2sp
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:03:34 2025 by rpki-client