Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C9685366D7B011EE95202F89775412E6.roa
File: C9685366D7B011EE95202F89775412E6.roa (raw, json)
Hash identifier: Z95LdjQaxcPM5qm8hj6k4XnYDd0e9pDn+d4XklYuDfM=
Subject key identifier: B6:35:A1:25:A3:9B:D8:21:32:0F:C6:C3:97:5B:5F:42:7A:30:A9:9D
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1534
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C9685366D7B011EE95202F89775412E6.roa
Signing time: Fri 01 Mar 2024 09:47:59 +0000
ROA not before: Fri 01 Mar 2024 09:47:55 +0000
ROA not after: Mon 02 Mar 2026 09:47:55 +0000
asID: 834
IP address blocks: 154.16.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Apr 2024 17:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5428 (0x1534)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Mar 1 09:47:55 2024 GMT
Not After : Mar 2 09:47:55 2026 GMT
Subject: CN=65e1a44f-58a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:54:a3:be:25:bf:7b:3d:d3:44:55:e2:9e:7c:
bc:ba:4e:06:9d:39:60:e0:fb:71:68:2c:4c:7b:44:
e7:87:39:88:dc:93:00:b9:8f:00:25:61:68:30:35:
96:33:83:7f:42:30:b8:2f:dd:00:d1:c8:a7:a2:d3:
67:48:29:f5:07:71:95:80:d1:8e:5e:04:48:1d:06:
15:e0:19:b7:32:ab:36:73:be:9c:eb:13:81:f0:3e:
d1:e9:ab:63:ef:ed:83:9f:ab:a6:34:85:49:37:69:
8a:db:7c:b9:0d:5f:4a:98:07:10:67:f4:18:63:4a:
27:e9:10:be:e1:46:b9:f5:72:46:16:ad:63:16:48:
69:b3:b1:08:7b:64:9b:0f:c3:2d:cb:ec:69:3a:3c:
a1:90:6e:4e:52:a4:b1:10:1e:d7:29:33:43:1b:02:
d6:49:a6:5d:61:29:e3:e0:fe:b8:4e:47:4d:bf:90:
38:f1:c1:fb:8c:1d:63:12:07:8c:4b:e5:a0:81:a8:
40:ec:5c:5d:63:bf:9b:58:5c:dc:c5:3e:39:a4:56:
a9:65:1b:29:20:02:5c:71:c9:6a:17:92:94:72:99:
66:dd:31:28:14:17:8b:8e:d2:85:af:f1:58:96:83:
ab:1c:fd:0d:3c:08:a1:6b:b0:1b:dc:62:7e:61:e5:
2d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:35:A1:25:A3:9B:D8:21:32:0F:C6:C3:97:5B:5F:42:7A:30:A9:9D
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C9685366D7B011EE95202F89775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.220.0/24
Signature Algorithm: sha256WithRSAEncryption
01:e4:69:e6:e0:f9:a0:fb:73:94:2c:a3:15:8b:1f:5d:42:65:
f0:8a:dd:a2:8c:2d:eb:47:77:73:d5:da:51:29:0b:b0:3d:02:
ae:cf:40:f4:6a:7f:f2:92:73:f8:72:ff:92:c4:18:be:bd:fa:
bc:82:ac:ab:b0:70:76:81:4e:9b:08:27:f4:c2:61:28:ec:59:
e2:be:96:d9:4d:37:e7:93:c8:d2:90:64:c4:81:2b:06:ae:05:
41:40:5f:0c:dc:bd:1a:e9:ab:21:fc:29:13:df:1a:a4:d3:22:
45:63:d6:d7:fa:59:08:3c:a4:17:2f:26:7d:93:31:91:ca:82:
eb:02:fb:fa:13:cd:d2:af:d0:7d:d4:66:45:af:a3:36:da:5b:
67:56:72:dd:b4:04:0b:a5:5c:9f:70:68:07:47:27:22:3f:72:
14:89:6d:99:eb:34:84:e6:70:01:4d:54:46:a0:13:eb:07:47:
5d:16:e9:19:ba:0a:f9:4e:1e:e9:b3:39:a9:c1:5b:7a:fb:ce:
6d:92:07:f5:f3:55:57:74:82:b8:e6:99:0b:90:14:c0:4b:55:
6f:c5:ec:e7:00:e9:19:57:1b:c5:49:a8:2b:8b:d0:52:bf:c0:
0e:54:3c:b0:9c:53:dc:aa:1d:1a:cf:d0:cf:ba:ad:8e:6a:cf:
f8:a3:c7:a6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFTQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAzMDEwOTQ3NTVaFw0yNjAzMDIwOTQ3NTVaMBgxFjAU
BgNVBAMTDTY1ZTFhNDRmLTU4YTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCsVKO+Jb97PdNEVeKefLy6TgadOWDg+3FoLEx7ROeHOYjckwC5jwAlYWgw
NZYzg39CMLgv3QDRyKei02dIKfUHcZWA0Y5eBEgdBhXgGbcyqzZzvpzrE4HwPtHp
q2Pv7YOfq6Y0hUk3aYrbfLkNX0qYBxBn9BhjSifpEL7hRrn1ckYWrWMWSGmzsQh7
ZJsPwy3L7Gk6PKGQbk5SpLEQHtcpM0MbAtZJpl1hKePg/rhOR02/kDjxwfuMHWMS
B4xL5aCBqEDsXF1jv5tYXNzFPjmkVqllGykgAlxxyWoXkpRymWbdMSgUF4uO0oWv
8ViWg6sc/Q08CKFrsBvcYn5h5S2FAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUtjWh
JaOb2CEyD8bDl1tfQnowqZ0wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0M5Njg1MzY2RDdCMDExRUU5NTIwMkY4OTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaENwwDQYJKoZIhvcNAQEL
BQADggEBAAHkaebg+aD7c5QsoxWLH11CZfCK3aKMLetHd3PV2lEpC7A9Aq7PQPRq
f/KSc/hy/5LEGL69+ryCrKuwcHaBTpsIJ/TCYSjsWeK+ltlNN+eTyNKQZMSBKwau
BUFAXwzcvRrpqyH8KRPfGqTTIkVj1tf6WQg8pBcvJn2TMZHKgusC+/oTzdKv0H3U
ZkWvozbaW2dWct20BAulXJ9waAdHJyI/chSJbZnrNITmcAFNVEagE+sHR10W6Rm6
CvlOHumzOanBW3r7zm2SB/XzVVd0grjmmQuQFMBLVW/F7OcA6RlXG8VJqCuL0FK/
wA5UPLCcU9yqHRrP0M+6rY5qz/ijx6Y=
-----END CERTIFICATE-----
Generated at Thu Apr 18 19:49:52 2024 by rpki-client on console-ams.rpki-client.org