Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D051E1F0FD9911EFB229F04E762E951A.roa
File: D051E1F0FD9911EFB229F04E762E951A.roa (raw, json)
Hash identifier: k49TbkgeyBlZNImWkjxcFRP88+A+81KVUkArLPxJEXg=
Subject key identifier: 1E:E7:6A:93:7A:9A:75:67:A2:56:9C:D0:ED:1C:0A:DB:38:CB:B6:36
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0144B0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D051E1F0FD9911EFB229F04E762E951A.roa
Signing time: Mon 10 Mar 2025 10:24:14 +0000
ROA not before: Mon 10 Mar 2025 10:24:10 +0000
ROA not after: Tue 22 Apr 2025 10:24:10 +0000
asID: 141718
IP address blocks: 156.225.68.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83120 (0x144b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 10 10:24:10 2025 GMT
Not After : Apr 22 10:24:10 2025 GMT
Subject: CN=67cebdce-7d4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:18:47:e9:c0:63:1d:b7:08:01:a9:8c:c0:c8:
6e:39:5b:d1:aa:de:a8:6f:3f:6a:fc:a4:20:3a:af:
f0:55:f3:81:35:67:4b:91:f2:40:a2:7d:f9:bb:cd:
77:fd:60:c5:78:ff:cc:42:77:80:7f:ee:ba:b9:5c:
41:ee:3c:91:97:8a:15:4a:20:47:07:0b:87:3b:fe:
53:e4:d9:3f:82:bb:3f:7a:ea:96:dc:6c:57:c0:61:
15:fc:68:bf:f5:31:b6:e8:55:0f:d0:36:5e:6a:b6:
25:99:6c:9a:21:03:3c:be:f9:19:55:8e:b1:a5:13:
7c:e2:37:7b:43:42:bf:46:19:71:95:49:16:af:e2:
13:bb:a6:9c:6e:dd:21:54:d3:9e:88:ce:74:b9:8c:
ae:05:af:80:38:5e:08:84:c3:9c:85:75:57:fa:a5:
e1:46:8d:f4:e6:52:56:9d:ad:af:7f:7f:19:8b:84:
b9:63:7b:68:87:1f:8b:e1:3e:e7:c9:57:f1:9f:fa:
56:8e:c0:f6:57:1a:bc:65:18:8d:f2:8f:fa:48:aa:
ab:9d:ac:93:02:db:a2:a3:61:f9:44:b6:a1:19:2c:
c5:2c:cc:a4:67:ca:1b:61:1e:17:76:b1:3a:70:cb:
f9:8c:15:00:63:c8:23:1f:67:41:38:1a:7d:e1:3b:
86:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:E7:6A:93:7A:9A:75:67:A2:56:9C:D0:ED:1C:0A:DB:38:CB:B6:36
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D051E1F0FD9911EFB229F04E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.68.0/24
Signature Algorithm: sha256WithRSAEncryption
33:5f:08:1d:86:20:20:3e:4b:de:ce:92:af:29:e0:6e:a8:b5:
77:db:be:74:04:20:9b:8f:6a:20:3a:54:bb:b8:05:b4:45:69:
e2:9a:50:1c:24:be:b8:b8:22:6d:32:fe:1b:74:78:75:5c:3d:
b8:7d:8a:d4:93:93:01:a6:f7:d8:e9:41:cc:be:d9:d1:d0:45:
02:d0:87:58:35:ad:16:f7:27:42:65:fe:1e:22:2a:b1:15:1a:
1a:ea:ac:1f:07:0d:20:23:61:a9:e6:aa:f0:64:91:62:87:13:
dc:fc:e2:cc:03:52:6e:cb:7a:34:e1:81:97:27:5e:dd:75:33:
93:78:cb:9f:9f:9e:73:45:4d:2f:fe:04:a3:8b:f0:ca:61:5d:
ba:ea:76:6f:19:52:68:2f:0f:93:58:71:05:bf:16:ac:8e:83:
04:fa:47:48:10:0c:8e:d9:4d:e0:10:3a:d8:e7:90:ca:40:f6:
cc:42:7a:8a:83:3e:af:75:e8:4b:0f:86:7e:40:0b:8c:d8:c7:
29:08:80:24:92:47:29:26:f5:a1:60:cb:1e:70:b9:b2:e5:89:
78:70:1a:60:64:b1:94:6b:57:6a:79:34:26:8a:de:16:fc:0d:
eb:16:1b:15:97:86:ed:80:1c:6b:d2:2c:8f:e5:27:1b:66:fc:
9f:34:ba:19
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUSwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzEwMTAyNDEwWhcNMjUwNDIyMTAyNDEwWjAYMRYw
FAYDVQQDEw02N2NlYmRjZS03ZDRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoxhH6cBjHbcIAamMwMhuOVvRqt6obz9q/KQgOq/wVfOBNWdLkfJAon35
u813/WDFeP/MQneAf+66uVxB7jyRl4oVSiBHBwuHO/5T5Nk/grs/euqW3GxXwGEV
/Gi/9TG26FUP0DZearYlmWyaIQM8vvkZVY6xpRN84jd7Q0K/RhlxlUkWr+ITu6ac
bt0hVNOeiM50uYyuBa+AOF4IhMOchXVX+qXhRo305lJWna2vf38Zi4S5Y3tohx+L
4T7nyVfxn/pWjsD2Vxq8ZRiN8o/6SKqrnayTAtuio2H5RLahGSzFLMykZ8obYR4X
drE6cMv5jBUAY8gjH2dBOBp94TuGZQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB7n
apN6mnVnolac0O0cCts4y7Y2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMDUxRTFGMEZEOTkxMUVGQjIyOUYwNEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOFEMA0GCSqGSIb3DQEBCwUA
A4IBAQAzXwgdhiAgPkvezpKvKeBuqLV32750BCCbj2ogOlS7uAW0RWnimlAcJL64
uCJtMv4bdHh1XD24fYrUk5MBpvfY6UHMvtnR0EUC0IdYNa0W9ydCZf4eIiqxFRoa
6qwfBw0gI2Gp5qrwZJFihxPc/OLMA1Juy3o04YGXJ17ddTOTeMufn55zRU0v/gSj
i/DKYV266nZvGVJoLw+TWHEFvxasjoME+kdIEAyO2U3gEDrY55DKQPbMQnqKgz6v
dehLD4Z+QAuM2McpCIAkkkcpJvWhYMsecLmy5Yl4cBpgZLGUa1dqeTQmit4W/A3r
FhsVl4btgBxr0iyP5ScbZvyfNLoZ
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:18:03 2025 by rpki-client