Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/6478A92ED7B011EEB3DC9888775412E6.roa
File: 6478A92ED7B011EEB3DC9888775412E6.roa (raw, json)
Hash identifier: 5JdvquzBJ9VieynJ4+PPnNZq0IxGPM+/qkmjS4hv+lc=
Subject key identifier: 05:69:24:17:51:61:F1:4E:21:0C:FC:71:F0:D6:2E:BD:D0:26:5C:FB
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 152C
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/6478A92ED7B011EEB3DC9888775412E6.roa
Signing time: Fri 01 Mar 2024 09:45:09 +0000
ROA not before: Fri 01 Mar 2024 09:45:06 +0000
ROA not after: Mon 02 Mar 2026 09:45:06 +0000
asID: 834
IP address blocks: 154.16.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 17:09:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5420 (0x152c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Mar 1 09:45:06 2024 GMT
Not After : Mar 2 09:45:06 2026 GMT
Subject: CN=65e1a3a5-cd11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:54:22:1a:1a:82:06:2d:9b:59:24:50:8d:12:
a4:07:63:0a:ca:27:5a:04:3f:13:b9:6d:36:69:86:
4e:f6:9a:af:c7:26:80:b3:4c:53:67:ec:9b:2f:c3:
76:07:4c:7c:55:6f:cf:3a:26:13:07:4e:c5:74:b8:
41:02:2d:dd:79:39:c6:e3:1a:a9:be:b5:70:18:34:
43:28:d4:09:0e:d0:c0:3a:d4:0e:24:1a:27:1c:19:
d8:70:1a:4d:47:94:b1:85:5a:22:71:50:3f:3f:29:
a0:e8:cf:f3:87:cb:7c:04:c8:2f:dc:a3:0e:d0:f1:
dd:ab:50:9f:af:33:cc:e8:c3:22:03:2a:c7:bc:fa:
c3:51:0b:52:b8:c3:68:f9:fb:72:e6:4d:ff:1e:b0:
d2:72:20:01:82:4b:ee:98:f3:38:e1:9d:94:29:b9:
e3:01:00:b7:78:29:cc:c9:4a:26:c2:2d:e7:be:39:
4a:d1:9b:39:aa:3d:02:0c:f5:78:50:3b:2a:7f:4d:
a7:38:eb:4b:ea:c9:37:08:4f:8e:22:0f:c7:1c:97:
72:67:67:a6:01:7c:a0:da:4f:d9:46:32:64:4b:9b:
72:b4:2a:83:67:1c:80:24:e9:ef:c0:a8:df:61:b6:
fd:d2:d4:cc:d9:d5:ae:d8:0e:c2:c6:9e:e3:09:66:
00:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:69:24:17:51:61:F1:4E:21:0C:FC:71:F0:D6:2E:BD:D0:26:5C:FB
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/6478A92ED7B011EEB3DC9888775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.72.0/24
Signature Algorithm: sha256WithRSAEncryption
54:63:5a:75:33:33:23:56:b8:18:2c:e5:d0:b0:7d:e4:ec:3f:
c9:04:24:86:97:5a:20:fc:80:b7:ba:3b:f7:44:33:f1:52:0b:
b0:8b:b5:58:86:96:8b:4d:be:1f:c9:57:f0:b4:87:f8:dd:0c:
95:e2:49:04:39:85:0b:95:1d:78:f1:c5:fa:7c:c7:de:52:1a:
72:e1:c4:b6:34:4b:74:b5:7b:16:5e:3a:73:e2:c1:26:85:ec:
e4:b1:7a:f2:94:a0:25:f9:c4:7d:b9:30:38:51:1b:31:34:07:
6a:38:60:20:f2:74:46:65:85:bb:e6:dd:e0:4c:ae:cf:35:3c:
08:e6:d3:0f:90:43:52:39:06:32:04:63:03:3d:d4:40:c1:c4:
7e:7d:cf:73:27:58:b7:2a:de:2c:e9:9b:6e:88:69:3d:b6:36:
a1:fb:11:7a:ff:d0:c5:c8:dc:45:f0:77:4e:ab:a1:21:c1:33:
80:de:ca:30:c9:9f:df:09:9b:0b:c8:af:90:4d:a1:6b:a0:27:
a9:bd:fd:37:da:f5:58:f4:d4:20:c6:6f:c4:ed:33:88:84:12:
f5:43:c7:e9:ac:c9:4a:b3:0c:31:8a:c6:a1:47:63:17:60:f5:
35:84:65:d0:c8:10:69:2b:ee:b3:ab:7a:68:d6:98:1e:34:1c:
cc:ef:cd:be
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFSwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAzMDEwOTQ1MDZaFw0yNjAzMDIwOTQ1MDZaMBgxFjAU
BgNVBAMTDTY1ZTFhM2E1LWNkMTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDYVCIaGoIGLZtZJFCNEqQHYwrKJ1oEPxO5bTZphk72mq/HJoCzTFNn7Jsv
w3YHTHxVb886JhMHTsV0uEECLd15OcbjGqm+tXAYNEMo1AkO0MA61A4kGiccGdhw
Gk1HlLGFWiJxUD8/KaDoz/OHy3wEyC/cow7Q8d2rUJ+vM8zowyIDKse8+sNRC1K4
w2j5+3LmTf8esNJyIAGCS+6Y8zjhnZQpueMBALd4KczJSibCLee+OUrRmzmqPQIM
9XhQOyp/Tac460vqyTcIT44iD8ccl3JnZ6YBfKDaT9lGMmRLm3K0KoNnHIAk6e/A
qN9htv3S1MzZ1a7YDsLGnuMJZgB7AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUBWkk
F1Fh8U4hDPxx8NYuvdAmXPswHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzY0NzhBOTJFRDdCMDExRUVCM0RDOTg4ODc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEEgwDQYJKoZIhvcNAQEL
BQADggEBAFRjWnUzMyNWuBgs5dCwfeTsP8kEJIaXWiD8gLe6O/dEM/FSC7CLtViG
lotNvh/JV/C0h/jdDJXiSQQ5hQuVHXjxxfp8x95SGnLhxLY0S3S1exZeOnPiwSaF
7OSxevKUoCX5xH25MDhRGzE0B2o4YCDydEZlhbvm3eBMrs81PAjm0w+QQ1I5BjIE
YwM91EDBxH59z3MnWLcq3izpm26IaT22NqH7EXr/0MXI3EXwd06roSHBM4DeyjDJ
n98JmwvIr5BNoWugJ6m9/Tfa9Vj01CDGb8TtM4iEEvVDx+msyUqzDDGKxqFHYxdg
9TWEZdDIEGkr7rOremjWmB40HMzvzb4=
-----END CERTIFICATE-----
Generated at Tue Apr 16 22:05:09 2024 by rpki-client on console-ams.rpki-client.org