Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/1BF80BC03B4811F0B2C785C2DAE4EC9C.roa
File: 1BF80BC03B4811F0B2C785C2DAE4EC9C.roa (raw, json)
Hash identifier: WbIYCldA9ZSQbavpjrjlddLHYKdUXSN7EQynY2LsIyc=
Subject key identifier: 81:97:29:D2:79:DC:38:53:84:FA:50:B6:55:B4:69:D9:70:9D:CB:5E
Certificate issuer: /CN=F36312D2AF/serialNumber=31BA5ACE57BF1DAFBA88DDAEF42EC8F1515E13C2
Certificate serial: 05AA
Authority key identifier: 31:BA:5A:CE:57:BF:1D:AF:BA:88:DD:AE:F4:2E:C8:F1:51:5E:13:C2
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Mbpazle_Ha-6iN2u9C7I8VFeE8I.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/1BF80BC03B4811F0B2C785C2DAE4EC9C.roa
Signing time: Tue 27 May 2025 22:15:34 +0000
ROA not before: Wed 28 May 2025 22:15:29 +0000
ROA not after: Mon 31 Dec 2035 22:15:29 +0000
asID: 37236
IP address blocks: 102.213.128.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 May 2025 07:15:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1450 (0x5aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36312D2AF, serialNumber=31BA5ACE57BF1DAFBA88DDAEF42EC8F1515E13C2
Validity
Not Before: May 28 22:15:29 2025 GMT
Not After : Dec 31 22:15:29 2035 GMT
Subject: CN=68363986-a627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:73:9a:06:30:db:a1:81:dc:ce:24:79:cb:95:
65:7b:99:73:ca:19:dd:c1:f1:b6:7b:db:27:84:36:
fc:51:76:77:b6:17:21:5f:ec:69:d1:17:bd:74:e2:
9c:01:59:52:6b:c1:5e:c6:1a:55:59:cc:df:a9:ba:
8c:56:03:b4:2b:62:13:85:bd:87:8c:27:1c:88:23:
e3:94:ea:8e:be:34:92:5c:3f:ed:fb:cf:84:18:6f:
be:86:6c:3d:20:5e:c2:42:36:4f:6a:50:74:28:03:
f2:02:bc:d2:85:f3:df:ff:f7:57:2e:35:c3:76:98:
f7:1b:63:fc:b5:76:21:38:32:da:28:75:de:34:36:
75:e1:e9:d8:14:b6:06:91:43:f8:02:67:17:f5:c8:
43:b0:32:09:82:94:ba:56:25:11:17:d5:37:d3:ca:
5c:10:f8:95:44:f5:09:00:f8:9e:72:d8:47:81:dc:
eb:e1:e7:cf:49:c0:5c:07:cc:01:fa:67:2d:7a:13:
0c:5c:71:f9:61:fc:ef:f3:d0:77:9c:6e:e9:9a:3a:
25:be:91:f4:10:96:11:ef:48:04:31:6b:be:78:3b:
fa:d9:db:ca:6e:39:b7:e6:8e:a9:36:92:ef:f0:d7:
23:e1:14:85:dc:92:4b:ff:61:6b:e1:fe:8a:01:96:
21:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:97:29:D2:79:DC:38:53:84:FA:50:B6:55:B4:69:D9:70:9D:CB:5E
X509v3 Authority Key Identifier:
keyid:31:BA:5A:CE:57:BF:1D:AF:BA:88:DD:AE:F4:2E:C8:F1:51:5E:13:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/Mbpazle_Ha-6iN2u9C7I8VFeE8I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Mbpazle_Ha-6iN2u9C7I8VFeE8I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36312D2/FFA25144F0FD11EBA85B643ED8A014CE/1BF80BC03B4811F0B2C785C2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.213.128.0/22
Signature Algorithm: sha256WithRSAEncryption
89:62:84:fa:b0:a8:b0:e7:12:31:40:f2:17:22:6b:5f:9c:69:
af:b0:d6:d9:01:b9:3a:43:1b:13:5a:73:2f:47:0a:ae:b0:53:
82:cd:c2:74:27:61:93:cb:91:7e:d7:8a:23:fc:b3:38:6e:88:
5c:69:41:3f:13:ed:a7:dd:3b:fa:b1:89:db:74:d5:e7:fa:de:
f4:82:9b:ed:d0:85:da:8b:bf:77:13:ae:ab:b9:b8:67:d5:b9:
4b:1a:35:cc:d0:8c:85:af:b0:13:c4:96:c5:27:fe:c0:23:cf:
ba:aa:3d:24:38:6d:b1:e1:89:fe:7d:89:3a:13:5d:09:05:28:
b4:33:ac:41:ca:6d:dc:e8:12:42:a4:54:6f:2d:7a:18:06:8e:
bb:a2:28:f2:8b:91:d3:b6:ce:6d:d9:91:50:29:03:fb:4c:27:
a6:a4:f2:82:4b:60:b0:8b:4b:27:e7:fc:00:eb:e8:b7:20:43:
55:04:a8:ad:3e:1c:e9:f6:45:19:8a:3f:90:21:ee:fc:60:31:
db:f5:09:e7:cb:58:95:77:96:07:3b:54:d4:44:b1:09:0d:ba:
01:22:4c:06:39:37:92:25:b2:e8:2a:e4:37:cf:71:1d:b8:97:
32:bd:43:9d:5f:81:3d:08:b5:93:8d:7c:5b:02:1e:c7:3f:27:
3a:62:e1:85
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBaowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MzEyRDJBRjExMC8GA1UEBRMoMzFCQTVBQ0U1N0JGMURBRkJBODhEREFFRjQyRUM4
RjE1MTVFMTNDMjAeFw0yNTA1MjgyMjE1MjlaFw0zNTEyMzEyMjE1MjlaMBgxFjAU
BgNVBAMTDTY4MzYzOTg2LWE2MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCsc5oGMNuhgdzOJHnLlWV7mXPKGd3B8bZ72yeENvxRdne2FyFf7GnRF710
4pwBWVJrwV7GGlVZzN+puoxWA7QrYhOFvYeMJxyII+OU6o6+NJJcP+37z4QYb76G
bD0gXsJCNk9qUHQoA/ICvNKF89//91cuNcN2mPcbY/y1diE4Mtoodd40NnXh6dgU
tgaRQ/gCZxf1yEOwMgmClLpWJREX1TfTylwQ+JVE9QkA+J5y2EeB3Ovh589JwFwH
zAH6Zy16Ewxccflh/O/z0HecbumaOiW+kfQQlhHvSAQxa754O/rZ28puObfmjqk2
ku/w1yPhFIXckkv/YWvh/ooBliElAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUgZcp
0nncOFOE+lC2VbRp2XCdy14wHwYDVR0jBBgwFoAUMbpazle/Ha+6iN2u9C7I8VFe
E8IwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjMxMkQyL0ZGQTI1MTQ0RjBGRDExRUJBODVCNjQzRUQ4QTAxNENFL01icGF6
bGVfSGEtNmlOMnU5QzdJOFZGZUU4SS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL01icGF6bGVfSGEtNmlOMnU5QzdJOFZGZUU4SS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjMxMkQyL0ZGQTI1MTQ0RjBGRDExRUJBODVCNjQzRUQ4
QTAxNENFLzFCRjgwQkMwM0I0ODExRjBCMkM3ODVDMkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm1YAwDQYJKoZIhvcNAQEL
BQADggEBAIlihPqwqLDnEjFA8hcia1+caa+w1tkBuTpDGxNacy9HCq6wU4LNwnQn
YZPLkX7XiiP8szhuiFxpQT8T7afdO/qxidt01ef63vSCm+3QhdqLv3cTrqu5uGfV
uUsaNczQjIWvsBPElsUn/sAjz7qqPSQ4bbHhif59iToTXQkFKLQzrEHKbdzoEkKk
VG8tehgGjruiKPKLkdO2zm3ZkVApA/tMJ6ak8oJLYLCLSyfn/ADr6LcgQ1UEqK0+
HOn2RRmKP5Ah7vxgMdv1CefLWJV3lgc7VNREsQkNugEiTAY5N5Ilsugq5DfPcR24
lzK9Q51fgT0ItZONfFsCHsc/Jzpi4YU=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:20:31 2025 by rpki-client