Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3654AD1/228F5B32CF0111EE94F586B9775412E6/109DFE2AA1B411EFA5FBFA58762E951A.roa
File: 109DFE2AA1B411EFA5FBFA58762E951A.roa (raw, json)
Hash identifier: 2PmStzXI1hIqLG07Qbs1f16owUILTsg/f8cP0ZUA4FQ=
Subject key identifier: C7:A3:92:62:6C:79:B5:3E:D6:96:AE:48:EB:FC:F5:E6:BA:0F:77:7D
Certificate issuer: /CN=F3654AD1AF/serialNumber=80D435BBC77094E85B7BF3082580D127B910779E
Certificate serial: 0118
Authority key identifier: 80:D4:35:BB:C7:70:94:E8:5B:7B:F3:08:25:80:D1:27:B9:10:77:9E
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/gNQ1u8dwlOhbe_MIJYDRJ7kQd54.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3654AD1/228F5B32CF0111EE94F586B9775412E6/109DFE2AA1B411EFA5FBFA58762E951A.roa
Signing time: Wed 13 Nov 2024 11:40:22 +0000
ROA not before: Wed 13 Nov 2024 11:40:18 +0000
ROA not after: Mon 16 Nov 2026 11:40:18 +0000
asID: 328331
IP address blocks: 102.135.168.0/21 maxlen: 30
2c0f:eb78::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 19 Nov 2024 10:09:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 280 (0x118)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3654AD1AF/serialNumber=80D435BBC77094E85B7BF3082580D127B910779E
Validity
Not Before: Nov 13 11:40:18 2024 GMT
Not After : Nov 16 11:40:18 2026 GMT
Subject: CN=67349026-8a08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fd:3b:52:29:73:70:ef:0a:9c:f0:a6:bc:ae:
48:eb:9d:00:50:f2:d9:fa:57:d0:6c:f2:f3:36:2f:
c9:11:b4:07:df:a0:39:49:cd:24:a6:90:65:85:60:
a8:7d:e3:34:6c:b8:5f:59:db:5a:30:2f:8d:09:34:
10:a4:56:f1:51:dc:f8:e8:91:02:4d:a9:4b:ec:82:
ef:af:43:de:0f:e8:1b:94:52:70:1c:04:e0:48:cf:
9b:fa:4c:fb:55:91:5d:dc:5b:89:03:04:8b:3c:0f:
10:d3:3c:05:83:cb:fd:a6:e5:fd:4a:3a:72:33:8a:
da:7a:43:bc:46:28:80:a1:66:4f:1b:cc:33:86:3b:
83:2e:c7:3c:23:0f:d1:2d:77:c0:a7:69:3a:ff:60:
e8:7b:46:42:3d:e6:7e:3a:f6:b0:0f:78:de:f1:f5:
d5:fd:96:88:e8:84:06:64:0d:75:f3:14:8a:ec:ed:
95:65:40:5a:11:a4:1a:72:f7:f5:be:03:fa:e1:bd:
f8:8e:c4:fd:ff:64:d6:e4:b8:48:c5:d2:a9:a4:03:
75:22:d2:43:72:d1:55:dc:f5:ec:95:a5:9b:3e:1d:
6b:ae:e2:f5:ce:c1:a5:fd:b3:bc:76:e8:9b:98:38:
51:c4:74:4e:d7:02:fe:3b:d2:f5:6b:b5:3e:64:64:
0a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:A3:92:62:6C:79:B5:3E:D6:96:AE:48:EB:FC:F5:E6:BA:0F:77:7D
X509v3 Authority Key Identifier:
keyid:80:D4:35:BB:C7:70:94:E8:5B:7B:F3:08:25:80:D1:27:B9:10:77:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3654AD1/228F5B32CF0111EE94F586B9775412E6/gNQ1u8dwlOhbe_MIJYDRJ7kQd54.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gNQ1u8dwlOhbe_MIJYDRJ7kQd54.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3654AD1/228F5B32CF0111EE94F586B9775412E6/109DFE2AA1B411EFA5FBFA58762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.135.168.0/21
IPv6:
2c0f:eb78::/32
Signature Algorithm: sha256WithRSAEncryption
0d:35:d5:a3:e0:30:97:0a:6e:90:0b:9d:c8:0f:2b:36:1b:ff:
55:c1:bc:5d:ef:13:57:ae:0d:08:2a:f5:6a:72:88:31:d0:24:
14:ca:a4:c5:5b:52:5f:cd:32:cf:8f:34:06:2a:df:96:5e:28:
6b:34:d4:1a:30:e7:e4:a3:64:fa:5f:8b:fc:5d:cf:7d:d8:81:
dd:2f:4f:88:f0:30:70:7b:ce:ce:64:96:b8:b3:13:1c:2a:95:
6c:55:5c:c6:d9:27:89:d5:b3:08:76:2f:e0:b5:63:eb:63:60:
ca:a2:4f:3f:71:e8:9f:b2:91:c1:41:31:dc:12:6e:f1:9e:f1:
f7:ca:8d:39:19:de:8a:8b:01:66:48:18:5f:da:a8:fe:43:5e:
16:b2:ae:91:e7:c3:f8:41:e9:7a:b7:96:fb:77:7c:46:7e:6a:
87:99:0b:86:ad:fa:d0:00:01:b6:34:1a:5c:41:35:39:8e:ad:
4f:bb:65:02:7f:17:e1:7f:63:17:eb:7f:70:88:99:0b:94:cc:
97:ec:15:22:2c:30:5d:9f:d7:a2:d4:df:af:e0:ec:62:fe:1b:
6d:ba:d5:f3:e3:1b:a3:e1:4e:9f:97:f5:d9:ce:ff:09:7a:36:
28:0c:73:c8:30:18:4d:fe:bd:be:7a:ae:62:11:b0:22:0f:bf:
9d:66:2a:91
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICARgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NTRBRDFBRjExMC8GA1UEBRMoODBENDM1QkJDNzcwOTRFODVCN0JGMzA4MjU4MEQx
MjdCOTEwNzc5RTAeFw0yNDExMTMxMTQwMThaFw0yNjExMTYxMTQwMThaMBgxFjAU
BgNVBAMTDTY3MzQ5MDI2LThhMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9/TtSKXNw7wqc8Ka8rkjrnQBQ8tn6V9Bs8vM2L8kRtAffoDlJzSSmkGWF
YKh94zRsuF9Z21owL40JNBCkVvFR3PjokQJNqUvsgu+vQ94P6BuUUnAcBOBIz5v6
TPtVkV3cW4kDBIs8DxDTPAWDy/2m5f1KOnIzitp6Q7xGKIChZk8bzDOGO4Muxzwj
D9Etd8CnaTr/YOh7RkI95n469rAPeN7x9dX9lojohAZkDXXzFIrs7ZVlQFoRpBpy
9/W+A/rhvfiOxP3/ZNbkuEjF0qmkA3Ui0kNy0VXc9eyVpZs+HWuu4vXOwaX9s7x2
6JuYOFHEdE7XAv470vVrtT5kZArdAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUx6OS
Ymx5tT7Wlq5I6/z15roPd30wHwYDVR0jBBgwFoAUgNQ1u8dwlOhbe/MIJYDRJ7kQ
d54wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU0QUQxLzIyOEY1QjMyQ0YwMTExRUU5NEY1ODZCOTc3NTQxMkU2L2dOUTF1
OGR3bE9oYmVfTUlKWURSSjdrUWQ1NC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2dOUTF1OGR3bE9oYmVfTUlKWURSSjdrUWQ1NC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjU0QUQxLzIyOEY1QjMyQ0YwMTExRUU5NEY1ODZCOTc3
NTQxMkU2LzEwOURGRTJBQTFCNDExRUZBNUZCRkE1ODc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBANmh6gwDQQCAAIwBwMFACwP
63gwDQYJKoZIhvcNAQELBQADggEBAA011aPgMJcKbpALncgPKzYb/1XBvF3vE1eu
DQgq9WpyiDHQJBTKpMVbUl/NMs+PNAYq35ZeKGs01Bow5+SjZPpfi/xdz33Ygd0v
T4jwMHB7zs5klrizExwqlWxVXMbZJ4nVswh2L+C1Y+tjYMqiTz9x6J+ykcFBMdwS
bvGe8ffKjTkZ3oqLAWZIGF/aqP5DXhayrpHnw/hB6Xq3lvt3fEZ+aoeZC4at+tAA
AbY0GlxBNTmOrU+7ZQJ/F+F/Yxfrf3CImQuUzJfsFSIsMF2f16LU36/g7GL+G226
1fPjG6PhTp+X9dnO/wl6NigMc8gwGE3+vb56rmIRsCIPv51mKpE=
-----END CERTIFICATE-----
Generated at Tue Nov 19 13:17:34 2024 by rpki-client on console-fra.rpki-client.org