Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3663E7A/83620BEE9C5F11EB9C696121F8AEA228/DDEBB6FA9C5F11EBA689FE21F8AEA228.roa
File: DDEBB6FA9C5F11EBA689FE21F8AEA228.roa (raw, json)
Hash identifier: IFf3sogvAtqBt9rn3pz/C/5BQVKudvpgWKkykwRksBg=
Subject key identifier: C3:A2:5D:DF:16:FB:B8:9B:75:C8:33:A4:8C:94:43:CD:CC:3A:CE:58
Certificate issuer: /CN=F3663E7AAF/serialNumber=24753CA915E4EC2D2ECB9865B90DD5ED0EFF0562
Certificate serial: 04
Authority key identifier: 24:75:3C:A9:15:E4:EC:2D:2E:CB:98:65:B9:0D:D5:ED:0E:FF:05:62
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JHU8qRXk7C0uy5hluQ3V7Q7_BWI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3663E7A/83620BEE9C5F11EB9C696121F8AEA228/DDEBB6FA9C5F11EBA689FE21F8AEA228.roa
Signing time: Tue 13 Apr 2021 13:55:12 +0000
ROA not before: Tue 13 Apr 2021 13:55:08 +0000
ROA not after: Sun 13 Apr 2031 13:55:08 +0000
asID: 328819
IP address blocks: 102.220.113.0/24 maxlen: 24
102.220.114.0/24 maxlen: 24
102.220.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3663E7A/83620BEE9C5F11EB9C696121F8AEA228/JHU8qRXk7C0uy5hluQ3V7Q7_BWI.crl
rsync://rpki.afrinic.net/repository/member_repository/F3663E7A/83620BEE9C5F11EB9C696121F8AEA228/JHU8qRXk7C0uy5hluQ3V7Q7_BWI.mft
rsync://rpki.afrinic.net/repository/afrinic/JHU8qRXk7C0uy5hluQ3V7Q7_BWI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3663E7AAF/serialNumber=24753CA915E4EC2D2ECB9865B90DD5ED0EFF0562
Validity
Not Before: Apr 13 13:55:08 2021 GMT
Not After : Apr 13 13:55:08 2031 GMT
Subject: CN=6075a2c0-3a9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:50:2f:6a:30:a1:64:64:4a:b7:d0:ac:86:3e:
7b:89:80:1e:b1:e0:b4:ea:9e:76:6d:d8:1d:db:2a:
ed:c4:12:c0:54:1c:cd:a8:0d:1a:ad:6f:6e:cd:de:
00:21:22:80:46:26:50:5b:a9:bf:e0:3b:f1:4f:06:
37:c6:ef:94:af:09:53:d2:d4:5d:c2:0b:9c:f6:06:
bc:45:6a:8b:f5:6b:ab:e7:2a:21:b7:2e:8e:f2:08:
eb:10:6d:b8:d6:58:cb:b8:b7:90:76:1f:11:85:e3:
40:dc:f1:cc:01:c3:70:d5:6f:55:e1:8f:4b:33:87:
76:8d:cc:a7:b0:71:06:5c:36:73:38:4b:65:e8:e6:
c5:8d:f7:64:e6:1f:d8:aa:11:60:a4:87:73:d2:b6:
a9:ec:be:17:46:1e:43:a5:9f:63:62:db:b1:4f:6e:
d6:22:fa:10:b1:44:dd:6a:7b:80:31:a7:15:cc:00:
42:ee:6c:6c:b1:79:df:da:b3:f9:b9:30:30:f6:67:
83:39:59:1d:93:9a:0e:2e:0e:94:53:34:a8:9e:b8:
25:86:e1:88:bf:9a:b3:26:43:6d:f3:42:3a:52:34:
f4:95:90:d2:2c:ac:fd:4a:de:13:e3:6e:cd:ed:89:
5a:8c:49:c3:e0:a1:26:56:e7:09:38:64:67:a6:44:
63:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:A2:5D:DF:16:FB:B8:9B:75:C8:33:A4:8C:94:43:CD:CC:3A:CE:58
X509v3 Authority Key Identifier:
keyid:24:75:3C:A9:15:E4:EC:2D:2E:CB:98:65:B9:0D:D5:ED:0E:FF:05:62
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3663E7A/83620BEE9C5F11EB9C696121F8AEA228/JHU8qRXk7C0uy5hluQ3V7Q7_BWI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JHU8qRXk7C0uy5hluQ3V7Q7_BWI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3663E7A/83620BEE9C5F11EB9C696121F8AEA228/DDEBB6FA9C5F11EBA689FE21F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.220.113.0-102.220.115.255
Signature Algorithm: sha256WithRSAEncryption
5f:f7:55:01:d1:88:ba:33:df:99:91:32:ab:a1:b9:ce:b4:3e:
32:73:80:99:d9:bb:74:f3:09:34:e6:27:ad:b9:0d:87:3a:58:
c8:cb:7c:3b:d3:ef:dc:9f:12:92:88:66:0f:b4:a0:dd:f0:37:
7c:0e:03:5a:ab:ac:0a:9b:c0:43:ba:13:52:87:3a:db:dc:26:
71:4f:65:8e:75:de:f3:fe:3f:37:4b:75:08:45:25:c5:0e:7a:
83:6b:51:70:4d:bd:02:e3:f9:57:d2:50:96:95:22:e9:13:4b:
7a:c5:43:b3:3a:9c:3d:53:fa:59:f5:b9:4b:eb:4f:ce:83:bf:
4a:6a:42:ac:27:23:86:ae:e4:72:c9:5b:63:c9:01:12:2b:33:
a3:07:39:a8:d1:a9:84:4f:ff:bd:a5:cc:64:93:c9:a8:37:1e:
28:a7:1c:43:fc:a9:32:26:c1:f3:93:b2:c1:3f:ac:26:2a:08:
45:61:24:08:3f:b8:97:f6:bc:52:9a:0c:38:ed:de:74:3a:ae:
c1:87:39:f6:56:7d:b0:a6:16:fd:b7:59:bb:c9:68:15:1f:58:
ad:65:e0:aa:e9:60:ad:6e:a1:13:d2:ce:9a:c4:b8:2c:95:ac:
be:fc:9b:cb:d0:87:11:d9:d1:76:8b:96:4f:97:87:a8:5e:d9:
0c:a8:bd:ab
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
M0U3QUFGMTEwLwYDVQQFEygyNDc1M0NBOTE1RTRFQzJEMkVDQjk4NjVCOTBERDVF
RDBFRkYwNTYyMB4XDTIxMDQxMzEzNTUwOFoXDTMxMDQxMzEzNTUwOFowGDEWMBQG
A1UEAxMNNjA3NWEyYzAtM2E5ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJQL2owoWRkSrfQrIY+e4mAHrHgtOqedm3YHdsq7cQSwFQczagNGq1vbs3e
ACEigEYmUFupv+A78U8GN8bvlK8JU9LUXcILnPYGvEVqi/Vrq+cqIbcujvII6xBt
uNZYy7i3kHYfEYXjQNzxzAHDcNVvVeGPSzOHdo3Mp7BxBlw2czhLZejmxY33ZOYf
2KoRYKSHc9K2qey+F0YeQ6WfY2LbsU9u1iL6ELFE3Wp7gDGnFcwAQu5sbLF539qz
+bkwMPZngzlZHZOaDi4OlFM0qJ64JYbhiL+asyZDbfNCOlI09JWQ0iys/UreE+Nu
ze2JWoxJw+ChJlbnCThkZ6ZEY98CAwEAAaOCAq0wggKpMB0GA1UdDgQWBBTDol3f
Fvu4m3XIM6SMlEPNzDrOWDAfBgNVHSMEGDAWgBQkdTypFeTsLS7LmGW5DdXtDv8F
YjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjNFN0EvODM2MjBCRUU5QzVGMTFFQjlDNjk2MTIxRjhBRUEyMjgvSkhVOHFS
WGs3QzB1eTVobHVRM1Y3UTdfQldJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSkhVOHFSWGs3QzB1eTVobHVRM1Y3UTdfQldJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NjNFN0EvODM2MjBCRUU5QzVGMTFFQjlDNjk2MTIxRjhB
RUEyMjgvRERFQkI2RkE5QzVGMTFFQkE2ODlGRTIxRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAZtxxAwQCZtxwMA0GCSqG
SIb3DQEBCwUAA4IBAQBf91UB0Yi6M9+ZkTKrobnOtD4yc4CZ2bt08wk05ietuQ2H
OljIy3w70+/cnxKSiGYPtKDd8Dd8DgNaq6wKm8BDuhNShzrb3CZxT2WOdd7z/j83
S3UIRSXFDnqDa1FwTb0C4/lX0lCWlSLpE0t6xUOzOpw9U/pZ9blL60/Og79KakKs
JyOGruRyyVtjyQESKzOjBzmo0amET/+9pcxkk8moNx4opxxD/KkyJsHzk7LBP6wm
KghFYSQIP7iX9rxSmgw47d50Oq7Bhzn2Vn2wphb9t1m7yWgVH1itZeCq6WCtbqET
0s6axLgslay+/JvL0IcR2dF2i5ZPl4eoXtkMqL2r
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:41 2024 by rpki-client on console-ams.rpki-client.org