Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3F5E1430D7B011EE94E96F88775412E6.roa
File: 3F5E1430D7B011EE94E96F88775412E6.roa (raw, json)
Hash identifier: eHskftWX9ssR5ZTdEEV6Dgx4gdjZx7hIn7B/0QeI5jY=
Subject key identifier: F8:27:85:33:30:6A:35:84:7E:1C:82:55:FF:5B:74:FD:44:DC:AA:32
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 152A
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3F5E1430D7B011EE94E96F88775412E6.roa
Signing time: Fri 01 Mar 2024 09:44:07 +0000
ROA not before: Fri 01 Mar 2024 09:44:04 +0000
ROA not after: Mon 02 Mar 2026 09:44:04 +0000
asID: 834
IP address blocks: 154.16.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 10:17:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5418 (0x152a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Mar 1 09:44:04 2024 GMT
Not After : Mar 2 09:44:04 2026 GMT
Subject: CN=65e1a367-70af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:36:de:19:fa:4b:a6:a1:6e:dd:c1:6b:29:b0:
25:0d:72:55:47:e2:08:2a:58:22:de:03:e5:6f:dd:
46:ec:24:89:80:a4:df:d4:44:1c:b7:78:f7:35:4f:
d0:19:06:a1:a6:bf:9e:83:b4:d5:db:f1:a9:cb:67:
71:5d:24:7f:74:66:88:35:3d:d0:44:b1:ff:f0:18:
f8:2c:7a:69:0b:81:80:a8:cd:09:d1:1c:ea:0f:6b:
9c:41:f8:17:8f:49:05:5a:e7:15:dc:86:07:78:12:
6f:4f:45:f8:61:aa:58:0d:30:a2:30:64:80:1b:2d:
68:3f:b0:dc:de:36:2e:59:c6:85:ce:e9:5c:a7:e4:
2f:cf:b9:48:36:c3:93:d1:ce:60:3a:19:02:f7:74:
89:87:b9:36:f8:db:f0:2e:0f:ac:68:c9:fa:ed:85:
d6:a7:4b:55:1c:b5:4b:ef:45:1a:5a:55:e3:de:52:
3f:fb:4c:b7:3e:f6:c5:24:af:24:fb:0f:f5:25:af:
42:c9:be:0b:28:bc:da:8d:1a:aa:2f:26:63:69:42:
19:2e:8f:90:89:3e:45:d9:2c:94:0b:55:6f:3c:03:
50:de:82:d5:e4:c8:bc:cf:87:e4:5a:12:74:3c:22:
98:fb:a0:ed:da:d0:ad:ea:00:d1:1c:b1:8d:13:9d:
2d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:27:85:33:30:6A:35:84:7E:1C:82:55:FF:5B:74:FD:44:DC:AA:32
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3F5E1430D7B011EE94E96F88775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.166.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:68:28:a9:8d:87:40:46:59:50:12:c8:32:c1:10:f3:71:06:
17:72:a1:09:d1:b6:66:aa:93:81:89:9d:9c:58:b6:66:ef:e8:
4f:88:15:45:d4:bb:ea:df:7f:eb:11:c9:b3:13:dc:8d:0b:70:
d2:f7:00:be:fa:c7:43:1a:66:44:65:03:22:d8:bd:0f:3c:57:
40:74:0d:d2:b0:a1:ec:c4:1e:85:94:6e:57:c9:b6:92:cd:e6:
7e:02:96:c4:04:c6:ea:c9:97:74:d7:d3:ce:c6:c9:94:e6:25:
c6:20:00:70:9e:bb:8f:41:90:3a:1f:b2:73:eb:db:77:61:9c:
9e:8a:57:91:e5:7b:86:6d:9c:74:f1:dd:7f:ca:b3:fa:03:85:
4b:9e:63:4d:1f:db:5d:74:35:1e:c0:9c:b1:cd:2e:b1:8d:d2:
32:84:97:e3:09:2b:4e:f3:37:6f:5e:36:36:f9:41:83:49:d6:
6d:17:0b:e4:42:a8:98:81:b3:ce:c3:da:01:58:c5:dc:53:0e:
c4:b0:82:0d:dc:9b:06:22:fb:dc:51:ff:61:47:14:4b:6d:17:
a5:37:92:6c:b1:8c:f1:6e:f4:e2:a2:1d:46:a9:0b:15:e2:77:
ad:96:bc:51:60:92:cd:01:9c:74:3d:00:e5:3b:4d:e8:11:5f:
99:6b:d2:42
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFSowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAzMDEwOTQ0MDRaFw0yNjAzMDIwOTQ0MDRaMBgxFjAU
BgNVBAMTDTY1ZTFhMzY3LTcwYWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCXNt4Z+kumoW7dwWspsCUNclVH4ggqWCLeA+Vv3UbsJImApN/URBy3ePc1
T9AZBqGmv56DtNXb8anLZ3FdJH90Zog1PdBEsf/wGPgsemkLgYCozQnRHOoPa5xB
+BePSQVa5xXchgd4Em9PRfhhqlgNMKIwZIAbLWg/sNzeNi5ZxoXO6Vyn5C/PuUg2
w5PRzmA6GQL3dImHuTb42/AuD6xoyfrthdanS1UctUvvRRpaVePeUj/7TLc+9sUk
ryT7D/Ulr0LJvgsovNqNGqovJmNpQhkuj5CJPkXZLJQLVW88A1DegtXkyLzPh+Ra
EnQ8Ipj7oO3a0K3qANEcsY0TnS0VAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU+CeF
MzBqNYR+HIJV/1t0/UTcqjIwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzNGNUUxNDMwRDdCMDExRUU5NEU5NkY4ODc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEKYwDQYJKoZIhvcNAQEL
BQADggEBAHxoKKmNh0BGWVASyDLBEPNxBhdyoQnRtmaqk4GJnZxYtmbv6E+IFUXU
u+rff+sRybMT3I0LcNL3AL76x0MaZkRlAyLYvQ88V0B0DdKwoezEHoWUblfJtpLN
5n4ClsQExurJl3TX087GyZTmJcYgAHCeu49BkDofsnPr23dhnJ6KV5Hle4ZtnHTx
3X/Ks/oDhUueY00f2110NR7AnLHNLrGN0jKEl+MJK07zN29eNjb5QYNJ1m0XC+RC
qJiBs87D2gFYxdxTDsSwgg3cmwYi+9xR/2FHFEttF6U3kmyxjPFu9OKiHUapCxXi
d62WvFFgks0BnHQ9AOU7TegRX5lr0kI=
-----END CERTIFICATE-----
Generated at Tue Apr 16 14:06:33 2024 by rpki-client on console-ams.rpki-client.org