Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CA28E0E0F67711EFA65B6A8F762E951A.roa
File: CA28E0E0F67711EFA65B6A8F762E951A.roa (raw, json)
Hash identifier: pWO2aWiE9R631jJUL3M81zFJys+VQ9THx2/TkpZDU1w=
Subject key identifier: 11:AE:04:10:A8:E7:EF:1B:68:DA:E4:07:9C:03:76:9C:B2:9E:C5:67
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013FB5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CA28E0E0F67711EFA65B6A8F762E951A.roa
Signing time: Sat 01 Mar 2025 08:33:02 +0000
ROA not before: Sat 01 Mar 2025 08:32:59 +0000
ROA not after: Sun 30 Mar 2025 08:32:59 +0000
asID: 203020
IP address blocks: 156.252.228.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81845 (0x13fb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 1 08:32:59 2025 GMT
Not After : Mar 30 08:32:59 2025 GMT
Subject: CN=67c2c63e-134d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e5:0f:83:51:41:53:cd:9e:66:1f:47:17:23:
8d:d1:38:84:47:5d:5d:16:8e:f7:a4:0b:5c:d4:d7:
28:66:eb:1f:e4:d5:42:0a:f5:ba:01:17:8a:6e:c5:
fc:f9:45:f1:a9:a5:f1:4e:b9:5b:04:15:a0:ca:8e:
4a:23:f5:40:a3:05:98:3f:65:85:56:c4:83:01:8a:
73:ba:03:98:93:a2:95:cf:e6:ba:af:5e:d5:30:1c:
59:e7:12:f9:b3:e9:3b:91:82:90:8c:a8:d6:88:2b:
ab:f9:9c:35:39:e9:fb:35:2d:04:2f:e6:f0:c2:54:
34:4e:b9:d5:76:f2:82:13:52:ef:c8:d3:bd:2b:87:
f4:f5:0d:c6:97:7a:16:7a:12:a2:c6:55:46:19:1c:
45:19:d6:09:eb:2b:0d:a5:9a:e7:ba:2b:42:f7:7f:
b3:02:51:d3:a1:33:43:26:0c:61:73:33:67:4f:0f:
46:ee:63:40:42:ee:04:72:7f:4d:08:d0:c0:0f:61:
f8:13:b4:b4:1a:0f:6b:33:78:c4:07:3b:d8:93:b2:
85:47:6f:04:74:99:a5:11:e7:3d:b9:6c:cb:bc:df:
4f:fe:96:a3:d3:58:0a:2a:83:f2:4f:4b:ba:66:9d:
d3:18:30:a0:3e:36:0f:66:f8:0d:3f:59:df:c7:9e:
cb:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:AE:04:10:A8:E7:EF:1B:68:DA:E4:07:9C:03:76:9C:B2:9E:C5:67
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CA28E0E0F67711EFA65B6A8F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.228.0/22
Signature Algorithm: sha256WithRSAEncryption
95:bf:57:23:8c:12:40:80:02:a2:25:a0:d2:4c:2a:d3:b5:69:
1c:eb:c6:c3:96:74:44:78:2a:a8:53:17:e1:34:88:ad:ba:94:
4b:e1:1c:8e:37:05:df:8b:c8:71:79:5b:32:38:d1:b8:02:57:
be:3a:ca:83:76:d7:c5:56:8c:13:95:8e:63:8f:80:51:dd:c9:
0c:ca:e4:29:ee:4f:aa:4d:1b:2d:2f:df:e0:18:ab:11:8a:9d:
5f:4b:53:e1:8d:dc:31:17:4b:98:21:67:0c:e5:37:42:a7:13:
b8:f9:8f:25:de:84:f4:6f:0c:37:51:c1:32:05:23:e3:dd:fa:
53:e8:5d:97:e1:a5:91:c9:33:b9:60:b0:66:8c:4d:ed:30:e3:
f4:1f:f8:32:e5:aa:58:9c:cb:93:a9:0f:03:ec:05:31:b3:7f:
fa:86:50:93:61:63:79:7e:91:63:03:62:b3:23:a8:cb:f1:81:
90:70:ea:8d:23:c8:a5:f4:05:56:bc:71:a6:f5:21:5f:77:12:
e4:c9:3b:b3:c7:b9:38:69:1d:37:9b:20:2c:93:e7:19:d9:b0:
ee:75:eb:2c:e9:19:bc:26:91:84:98:e2:a0:ca:24:4c:d4:41:
8e:39:7c:20:66:e3:01:bc:f1:24:ed:e3:29:b8:68:8b:95:02:
06:a7:f3:e0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAT+1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzAxMDgzMjU5WhcNMjUwMzMwMDgzMjU5WjAYMRYw
FAYDVQQDEw02N2MyYzYzZS0xMzRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAruUPg1FBU82eZh9HFyON0TiER11dFo73pAtc1NcoZusf5NVCCvW6AReK
bsX8+UXxqaXxTrlbBBWgyo5KI/VAowWYP2WFVsSDAYpzugOYk6KVz+a6r17VMBxZ
5xL5s+k7kYKQjKjWiCur+Zw1Oen7NS0EL+bwwlQ0TrnVdvKCE1LvyNO9K4f09Q3G
l3oWehKixlVGGRxFGdYJ6ysNpZrnuitC93+zAlHToTNDJgxhczNnTw9G7mNAQu4E
cn9NCNDAD2H4E7S0Gg9rM3jEBzvYk7KFR28EdJmlEec9uWzLvN9P/paj01gKKoPy
T0u6Zp3TGDCgPjYPZvgNP1nfx57LDQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBGu
BBCo5+8baNrkB5wDdpyynsVnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQTI4RTBFMEY2NzcxMUVGQTY1QjZBOEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPzkMA0GCSqGSIb3DQEBCwUA
A4IBAQCVv1cjjBJAgAKiJaDSTCrTtWkc68bDlnREeCqoUxfhNIitupRL4RyONwXf
i8hxeVsyONG4Ale+OsqDdtfFVowTlY5jj4BR3ckMyuQp7k+qTRstL9/gGKsRip1f
S1PhjdwxF0uYIWcM5TdCpxO4+Y8l3oT0bww3UcEyBSPj3fpT6F2X4aWRyTO5YLBm
jE3tMOP0H/gy5apYnMuTqQ8D7AUxs3/6hlCTYWN5fpFjA2KzI6jL8YGQcOqNI8il
9AVWvHGm9SFfdxLkyTuzx7k4aR03myAsk+cZ2bDudess6Rm8JpGEmOKgyiRM1EGO
OXwgZuMBvPEk7eMpuGiLlQIGp/Pg
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:09:22 2025 by rpki-client