Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36251E0/397067ECE53111EEAC6D67C1775412E6/2ED9B21AE53211EE99B3E5C5775412E6.roa
File: 2ED9B21AE53211EE99B3E5C5775412E6.roa (raw, json)
Hash identifier: X95eCwHeH8KrOZRhQ8WSDDTzq/BOzeZiUidwXxNbx6I=
Subject key identifier: 5F:0C:A1:1E:46:F5:CA:22:4D:68:69:3E:5C:76:71:B8:91:BF:43:B8
Certificate issuer: /CN=F36251E0AF/serialNumber=EFB7AA8EF96C13AAADC8476FBDDE9F3277FCD56D
Certificate serial: 02
Authority key identifier: EF:B7:AA:8E:F9:6C:13:AA:AD:C8:47:6F:BD:DE:9F:32:77:FC:D5:6D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/77eqjvlsE6qtyEdvvd6fMnf81W0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36251E0/397067ECE53111EEAC6D67C1775412E6/2ED9B21AE53211EE99B3E5C5775412E6.roa
Signing time: Mon 18 Mar 2024 14:16:59 +0000
ROA not before: Mon 18 Mar 2024 14:16:56 +0000
ROA not after: Fri 31 Mar 2034 14:16:56 +0000
asID: 329411
IP address blocks: 102.209.136.0/22 maxlen: 22
2c0f:3040::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 21 Apr 2024 06:46:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36251E0AF
Validity
Not Before: Mar 18 14:16:56 2024 GMT
Not After : Mar 31 14:16:56 2034 GMT
Subject: CN=65f84cdb-b1ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:bd:7e:af:ae:ce:b6:2c:31:3b:5f:ea:89:65:
26:b4:c9:07:c6:85:eb:a7:d5:d8:4b:30:90:62:86:
63:bb:7a:83:39:82:16:08:4f:13:85:90:2b:a4:14:
56:9a:21:5b:5d:05:fb:e8:c1:6a:fe:b7:f4:e4:36:
78:d9:6f:ce:ba:7d:5f:41:3f:18:c0:f2:73:7d:41:
cd:a4:6f:cf:49:64:13:a1:3e:75:b8:8b:3f:b4:00:
93:bc:59:87:c6:0c:6c:14:03:07:18:61:11:f5:04:
c5:30:da:e4:c2:13:1b:28:15:1d:de:44:c8:8d:75:
03:c8:92:df:79:72:02:c5:f7:76:fc:7d:37:cb:43:
4e:2c:91:58:e2:a0:aa:56:6c:6e:0d:d0:d6:64:35:
96:75:d3:f9:81:80:97:a1:0f:13:1d:14:f5:0a:98:
09:4e:d5:4f:8e:da:50:68:f3:b6:f0:ec:c7:9f:6a:
c3:bd:d8:85:9a:65:8c:71:a6:77:39:6b:fd:a8:36:
33:95:5c:08:5a:79:00:89:05:09:eb:5c:65:78:d5:
78:be:ca:a2:72:0d:19:23:16:39:89:07:3b:5e:db:
47:18:99:6b:e7:b1:92:00:07:21:9c:7d:06:9c:db:
9f:f2:1f:1a:02:e8:03:15:7f:06:f5:04:d0:14:0c:
5f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:0C:A1:1E:46:F5:CA:22:4D:68:69:3E:5C:76:71:B8:91:BF:43:B8
X509v3 Authority Key Identifier:
keyid:EF:B7:AA:8E:F9:6C:13:AA:AD:C8:47:6F:BD:DE:9F:32:77:FC:D5:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36251E0/397067ECE53111EEAC6D67C1775412E6/77eqjvlsE6qtyEdvvd6fMnf81W0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/77eqjvlsE6qtyEdvvd6fMnf81W0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36251E0/397067ECE53111EEAC6D67C1775412E6/2ED9B21AE53211EE99B3E5C5775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.209.136.0/22
IPv6:
2c0f:3040::/32
Signature Algorithm: sha256WithRSAEncryption
d0:64:aa:22:a5:d8:1c:18:8a:20:7b:d2:60:e7:ea:3a:84:d1:
94:51:66:0b:40:4b:8f:56:4b:fe:6a:76:96:a3:96:1e:a1:c4:
bd:81:47:02:0e:56:0b:2b:de:56:0f:32:4d:24:c2:ed:34:ba:
d3:7b:9c:d7:8a:3e:b8:e1:7d:47:3a:ba:c8:b2:67:dd:6b:c5:
01:a3:d6:75:1a:cc:0b:f3:e9:80:cb:31:8a:c9:8a:f7:ee:86:
a4:a2:66:46:44:81:0a:09:5d:86:82:ae:46:94:25:8f:fa:1c:
dd:38:35:d8:d7:c0:42:89:41:aa:b1:30:4f:ed:cc:60:c1:bb:
f2:2b:23:61:d2:a5:a6:b8:cb:58:4b:4c:4a:b5:d3:41:33:10:
d8:f1:44:4c:d8:c4:cf:64:f6:af:8d:be:28:ca:80:d2:ab:c1:
59:85:21:72:88:fa:2f:df:3f:6a:67:4d:5a:17:71:76:89:5f:
2e:ec:79:7f:b1:4f:75:77:f9:cc:f7:0c:36:18:2b:77:0c:a5:
a2:f6:88:09:29:74:7f:3f:82:ac:7b:e1:ed:31:5b:a5:4e:41:
aa:8e:aa:74:74:3d:15:b3:a2:6c:60:fd:f8:b9:d0:68:55:b9:
ec:4f:bb:c7:ad:ea:12:9c:34:3f:f6:f2:a8:50:6e:38:5f:6e:
33:5b:fb:5d
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
NTFFMEFGMTEwLwYDVQQFEyhFRkI3QUE4RUY5NkMxM0FBQURDODQ3NkZCRERFOUYz
Mjc3RkNENTZEMB4XDTI0MDMxODE0MTY1NloXDTM0MDMzMTE0MTY1NlowGDEWMBQG
A1UEAxMNNjVmODRjZGItYjFhZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKS9fq+uzrYsMTtf6ollJrTJB8aF66fV2EswkGKGY7t6gzmCFghPE4WQK6QU
VpohW10F++jBav639OQ2eNlvzrp9X0E/GMDyc31BzaRvz0lkE6E+dbiLP7QAk7xZ
h8YMbBQDBxhhEfUExTDa5MITGygVHd5EyI11A8iS33lyAsX3dvx9N8tDTiyRWOKg
qlZsbg3Q1mQ1lnXT+YGAl6EPEx0U9QqYCU7VT47aUGjztvDsx59qw73YhZpljHGm
dzlr/ag2M5VcCFp5AIkFCetcZXjVeL7KonINGSMWOYkHO17bRxiZa+exkgAHIZx9
Bpzbn/IfGgLoAxV/BvUE0BQMX9UCAwEAAaOCArQwggKwMB0GA1UdDgQWBBRfDKEe
RvXKIk1oaT5cdnG4kb9DuDAfBgNVHSMEGDAWgBTvt6qO+WwTqq3IR2+93p8yd/zV
bTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjUxRTAvMzk3MDY3RUNFNTMxMTFFRUFDNkQ2N0MxNzc1NDEyRTYvNzdlcWp2
bHNFNnF0eUVkdnZkNmZNbmY4MVcwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNzdlcWp2bHNFNnF0eUVkdnZkNmZNbmY4MVcwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MjUxRTAvMzk3MDY3RUNFNTMxMTFFRUFDNkQ2N0MxNzc1
NDEyRTYvMkVEOUIyMUFFNTMyMTFFRTk5QjNFNUM1Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbRiDANBAIAAjAHAwUALA8w
QDANBgkqhkiG9w0BAQsFAAOCAQEA0GSqIqXYHBiKIHvSYOfqOoTRlFFmC0BLj1ZL
/mp2lqOWHqHEvYFHAg5WCyveVg8yTSTC7TS603uc14o+uOF9Rzq6yLJn3WvFAaPW
dRrMC/PpgMsxismK9+6GpKJmRkSBCgldhoKuRpQlj/oc3Tg12NfAQolBqrEwT+3M
YMG78isjYdKlprjLWEtMSrXTQTMQ2PFETNjEz2T2r42+KMqA0qvBWYUhcoj6L98/
amdNWhdxdolfLux5f7FPdXf5zPcMNhgrdwylovaICSl0fz+CrHvh7TFbpU5Bqo6q
dHQ9FbOibGD9+LnQaFW57E+7x63qEpw0P/byqFBuOF9uM1v7XQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:46:06 2025 by rpki-client