Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CFBB0/3503D9F8D45211EFB23848B1762E951A/1FC67724DB2F11EFA180C6B7762E951A.roa
File: 1FC67724DB2F11EFA180C6B7762E951A.roa (raw, json)
Hash identifier: JHgdUdEE2ORETD1hobD1l7BrD95rRqOs+/yUcWHinV4=
Subject key identifier: FA:18:0A:27:DF:7C:CC:DF:85:E1:40:84:BD:E1:7E:E8:8F:BE:A9:41
Certificate issuer: /CN=F36CFBB0AR/serialNumber=C5C1420F50716A6B146F5DFA8E82BFD1E4DD9910
Certificate serial: 21
Authority key identifier: C5:C1:42:0F:50:71:6A:6B:14:6F:5D:FA:8E:82:BF:D1:E4:DD:99:10
Authority info access: rsync://rpki.afrinic.net/repository/arin/xcFCD1BxamsUb136joK_0eTdmRA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36CFBB0/3503D9F8D45211EFB23848B1762E951A/1FC67724DB2F11EFA180C6B7762E951A.roa
Signing time: Sat 25 Jan 2025 15:14:51 +0000
ROA not before: Sat 25 Jan 2025 15:14:46 +0000
ROA not after: Tue 31 Jan 2040 15:14:46 +0000
asID: 328215
IP address blocks: 160.226.184.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36CFBB0/3503D9F8D45211EFB23848B1762E951A/xcFCD1BxamsUb136joK_0eTdmRA.crl
rsync://rpki.afrinic.net/repository/member_repository/F36CFBB0/3503D9F8D45211EFB23848B1762E951A/xcFCD1BxamsUb136joK_0eTdmRA.mft
rsync://rpki.afrinic.net/repository/arin/xcFCD1BxamsUb136joK_0eTdmRA.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33 (0x21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36CFBB0AR
Validity
Not Before: Jan 25 15:14:46 2025 GMT
Not After : Jan 31 15:14:46 2040 GMT
Subject: CN=6794ffeb-1e0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:75:7c:d0:81:2c:bc:ce:e8:28:04:ee:c1:aa:
e5:e3:ca:1e:ef:4a:da:a8:8c:65:63:46:ad:d8:44:
46:15:2b:fa:da:c4:b9:1a:38:73:63:4a:81:58:60:
db:93:a5:51:18:19:ee:d4:1b:ed:94:43:9f:5c:60:
e5:45:dc:29:b7:3f:3d:69:86:b6:39:4a:f0:01:ff:
91:a1:40:92:3d:51:a6:1f:dc:91:be:55:f3:51:e7:
9d:12:a4:7b:bf:8e:75:01:ef:4a:bb:a5:64:10:c7:
bc:c4:33:bb:dd:7a:38:aa:86:9e:43:b4:3e:a4:bc:
80:94:56:4a:f6:79:7e:81:ac:f4:ee:88:48:74:d2:
73:c4:7c:93:2d:12:05:c4:93:b1:f0:e9:0a:25:bb:
1b:93:fa:df:61:d3:b9:8d:48:7a:4f:c4:30:33:6d:
40:34:10:f0:ac:8a:8f:3c:43:eb:8f:79:3a:90:11:
d2:8f:0b:cd:7e:fc:6b:a6:4c:ee:1b:75:c0:56:cf:
f9:58:0d:78:c8:35:f1:bb:90:a3:2d:14:47:90:5f:
61:c0:96:30:f6:1b:79:f5:2f:d7:1d:5b:79:5e:95:
7d:2a:37:e6:e3:5d:0c:68:36:35:03:46:52:b5:6f:
5a:26:20:ad:20:98:08:58:3c:9e:8a:90:7f:8b:31:
89:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:18:0A:27:DF:7C:CC:DF:85:E1:40:84:BD:E1:7E:E8:8F:BE:A9:41
X509v3 Authority Key Identifier:
keyid:C5:C1:42:0F:50:71:6A:6B:14:6F:5D:FA:8E:82:BF:D1:E4:DD:99:10
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36CFBB0/3503D9F8D45211EFB23848B1762E951A/xcFCD1BxamsUb136joK_0eTdmRA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/xcFCD1BxamsUb136joK_0eTdmRA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CFBB0/3503D9F8D45211EFB23848B1762E951A/1FC67724DB2F11EFA180C6B7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.226.184.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:a8:4c:37:ea:41:22:30:ac:d7:40:44:48:19:49:ab:39:61:
78:e7:cd:ee:f3:d7:5f:b3:b0:d2:0a:2b:e0:a4:f4:22:77:d3:
b1:04:43:e4:7a:23:5c:af:a0:f5:3c:23:f1:4d:47:e8:d7:45:
4e:91:0c:2f:68:88:db:ce:b5:80:68:31:aa:fd:38:27:e7:b1:
f9:76:a5:a8:b7:d1:ec:13:fc:14:3a:fb:4d:be:07:08:bc:fe:
14:06:14:4a:0a:70:5d:65:91:05:26:09:57:56:b5:53:d7:d4:
03:1b:a9:08:43:93:1c:3a:57:14:4d:8f:89:d5:82:0f:1c:69:
c2:e4:94:ad:75:db:09:99:a1:b2:84:59:04:f8:e2:02:f4:4c:
75:18:b9:20:82:70:3a:af:c8:9e:ea:ff:e8:28:37:1e:f6:eb:
4d:63:c1:66:fd:e1:3c:05:db:60:41:7f:e6:02:71:4c:32:d9:
b3:34:1b:b5:28:16:90:3e:b2:a5:41:1e:0b:4b:25:6a:39:18:
bd:c4:99:57:ac:e4:86:fb:07:75:91:c9:c1:50:b6:80:06:2e:
0f:9d:21:8e:c7:08:6b:9c:b1:19:ee:f3:d7:8a:eb:87:5e:c8:
64:c6:dd:82:d9:ca:63:7b:26:eb:fd:e3:31:21:60:1a:04:93:
41:2e:30:5d
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBITANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
RkJCMEFSMTEwLwYDVQQFEyhDNUMxNDIwRjUwNzE2QTZCMTQ2RjVERkE4RTgyQkZE
MUU0REQ5OTEwMB4XDTI1MDEyNTE1MTQ0NloXDTQwMDEzMTE1MTQ0NlowGDEWMBQG
A1UEAxMNNjc5NGZmZWItMWUwYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANV1fNCBLLzO6CgE7sGq5ePKHu9K2qiMZWNGrdhERhUr+trEuRo4c2NKgVhg
25OlURgZ7tQb7ZRDn1xg5UXcKbc/PWmGtjlK8AH/kaFAkj1Rph/ckb5V81HnnRKk
e7+OdQHvSrulZBDHvMQzu916OKqGnkO0PqS8gJRWSvZ5foGs9O6ISHTSc8R8ky0S
BcSTsfDpCiW7G5P632HTuY1Iek/EMDNtQDQQ8KyKjzxD6495OpAR0o8LzX78a6ZM
7ht1wFbP+VgNeMg18buQoy0UR5BfYcCWMPYbefUv1x1beV6VfSo35uNdDGg2NQNG
UrVvWiYgrSCYCFg8noqQf4sxiY0CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBT6GAon
33zM34XhQIS94X7oj76pQTAfBgNVHSMEGDAWgBTFwUIPUHFqaxRvXfqOgr/R5N2Z
EDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Q0ZCQjAvMzUwM0Q5RjhENDUyMTFFRkIyMzg0OEIxNzYyRTk1MUEveGNGQ0Qx
QnhhbXNVYjEzNmpvS18wZVRkbVJBLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
eGNGQ0QxQnhhbXNVYjEzNmpvS18wZVRkbVJBLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2Q0ZCQjAvMzUwM0Q5RjhENDUyMTFFRkIyMzg0OEIxNzYyRTk1
MUEvMUZDNjc3MjREQjJGMTFFRkExODBDNkI3NzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqDiuDANBgkqhkiG9w0BAQsFAAOC
AQEAbahMN+pBIjCs10BESBlJqzlheOfN7vPXX7Ow0gor4KT0InfTsQRD5HojXK+g
9Twj8U1H6NdFTpEML2iI2861gGgxqv04J+ex+XalqLfR7BP8FDr7Tb4HCLz+FAYU
SgpwXWWRBSYJV1a1U9fUAxupCEOTHDpXFE2PidWCDxxpwuSUrXXbCZmhsoRZBPji
AvRMdRi5IIJwOq/Inur/6Cg3HvbrTWPBZv3hPAXbYEF/5gJxTDLZszQbtSgWkD6y
pUEeC0slajkYvcSZV6zkhvsHdZHJwVC2gAYuD50hjscIa5yxGe7z14rrh17IZMbd
gtnKY3sm6/3jMSFgGgSTQS4wXQ==
-----END CERTIFICATE-----
Generated at Wed Feb 5 20:08:37 2025 by rpki-client