Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3656BB8/D79EEB94891C11EEAF65C7604AD9E6FC/AD01405E3EB511EF99EDE38C762E951A.roa
File: AD01405E3EB511EF99EDE38C762E951A.roa (raw, json)
Hash identifier: iINWV1kE/PYKXTspj/C2/PaLY36pPb0lJLpZxTU1E4o=
Subject key identifier: A0:84:D7:87:D4:50:B8:CE:5C:A1:44:A1:E0:46:EF:5B:DA:19:9F:77
Certificate issuer: /CN=F3656BB8AF/serialNumber=F67066439ACD9EAFD4899FC68C6075C70CE39AD5
Certificate serial: 0100
Authority key identifier: F6:70:66:43:9A:CD:9E:AF:D4:89:9F:C6:8C:60:75:C7:0C:E3:9A:D5
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/9nBmQ5rNnq_UiZ_GjGB1xwzjmtU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3656BB8/D79EEB94891C11EEAF65C7604AD9E6FC/AD01405E3EB511EF99EDE38C762E951A.roa
Signing time: Wed 10 Jul 2024 12:12:29 +0000
ROA not before: Wed 10 Jul 2024 12:12:25 +0000
ROA not after: Mon 10 Jul 2034 12:12:25 +0000
asID: 14618
IP address blocks: 2001:43ff:d000::/49 maxlen: 49
Validation: Failed, certificate revoked on Thu 11 Jul 2024 09:08:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 256 (0x100)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3656BB8AF
Validity
Not Before: Jul 10 12:12:25 2024 GMT
Not After : Jul 10 12:12:25 2034 GMT
Subject: CN=668e7aac-627f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:23:ac:a9:36:17:58:f1:53:94:07:78:a6:db:
bb:df:82:02:cb:08:98:a4:2d:e3:31:3e:fb:f4:2d:
14:92:77:bf:da:36:1f:38:a6:6c:23:68:bf:90:4c:
a6:46:48:8c:d0:cb:b3:db:8b:f3:27:65:eb:57:2d:
a3:cf:31:fb:62:c1:2f:f6:1d:51:26:0c:9d:6d:7d:
9c:90:ee:6a:3f:3c:cf:a1:85:aa:17:b9:0c:d3:61:
c3:37:eb:ed:3c:e3:05:96:2d:eb:f8:50:71:c2:46:
e9:10:3c:e5:0f:ff:9b:9c:0c:ee:b4:2a:7e:2a:71:
7d:08:a1:2a:58:13:d0:4b:73:f5:d9:1d:62:da:bb:
9d:ec:37:b0:9d:16:00:1b:94:03:d4:78:fd:59:72:
a3:84:17:4c:87:c5:63:41:77:1c:b5:46:41:0e:0a:
e7:09:d3:2f:b1:36:be:46:05:7b:0e:f7:cc:7e:0d:
9a:f5:82:bb:38:93:2f:ed:2b:fe:a1:c4:0d:60:ba:
c0:bc:8a:e6:0f:92:5e:5e:0d:0c:38:73:ad:c7:2d:
a6:49:4d:1c:79:35:76:42:c9:72:be:82:ab:52:e1:
b9:30:9d:3f:30:0b:c9:3d:42:6a:a0:c3:11:0f:d9:
df:a4:fd:e8:4e:80:fe:32:b4:aa:0c:44:0c:ae:5f:
0e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:84:D7:87:D4:50:B8:CE:5C:A1:44:A1:E0:46:EF:5B:DA:19:9F:77
X509v3 Authority Key Identifier:
keyid:F6:70:66:43:9A:CD:9E:AF:D4:89:9F:C6:8C:60:75:C7:0C:E3:9A:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3656BB8/D79EEB94891C11EEAF65C7604AD9E6FC/9nBmQ5rNnq_UiZ_GjGB1xwzjmtU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9nBmQ5rNnq_UiZ_GjGB1xwzjmtU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3656BB8/D79EEB94891C11EEAF65C7604AD9E6FC/AD01405E3EB511EF99EDE38C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:43ff:d000::/49
Signature Algorithm: sha256WithRSAEncryption
77:a0:e7:e0:ca:f2:ea:c7:62:56:59:dc:d4:ff:88:7b:23:a8:
1d:b0:84:29:92:e9:fd:6f:a7:29:49:53:6d:67:9a:31:08:92:
c5:61:7a:1f:52:f6:66:55:31:cc:dd:29:de:eb:e8:8d:59:a3:
98:4d:22:7d:37:dc:9b:82:d2:31:5d:0f:9e:50:63:b5:eb:f3:
49:86:03:6c:74:aa:1f:bb:91:b0:35:fb:4a:89:13:7a:6f:2d:
85:0b:de:59:29:cf:cc:4f:d9:54:43:f7:3d:47:95:48:2a:61:
be:7d:49:37:2e:81:8d:e0:45:0b:eb:dd:a3:35:7a:e3:0e:5c:
19:0e:1e:45:79:0a:cc:3f:5d:a1:53:c1:a6:03:f1:28:1e:6a:
20:65:92:5d:bc:32:4c:90:f4:fd:4c:e0:33:4d:7c:df:83:1a:
6e:54:7b:a0:3a:d6:14:a4:e9:1f:a7:b2:44:13:c4:87:29:a5:
0c:93:64:0b:27:5f:b0:33:4d:71:87:e6:8a:bc:79:a1:b1:51:
a8:ad:dd:7a:1c:83:f9:16:e3:43:67:cb:39:ef:4c:e1:09:6b:
3c:6d:3e:a1:19:63:ce:30:00:77:a9:05:3d:6a:4e:cf:85:d4:
95:b9:c9:8a:45:aa:db:98:54:aa:69:02:c7:f1:5f:cb:94:9e:
26:c9:f3:31
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICAQAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NTZCQjhBRjExMC8GA1UEBRMoRjY3MDY2NDM5QUNEOUVBRkQ0ODk5RkM2OEM2MDc1
QzcwQ0UzOUFENTAeFw0yNDA3MTAxMjEyMjVaFw0zNDA3MTAxMjEyMjVaMBgxFjAU
BgNVBAMTDTY2OGU3YWFjLTYyN2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDMI6ypNhdY8VOUB3im27vfggLLCJikLeMxPvv0LRSSd7/aNh84pmwjaL+Q
TKZGSIzQy7Pbi/MnZetXLaPPMftiwS/2HVEmDJ1tfZyQ7mo/PM+hhaoXuQzTYcM3
6+084wWWLev4UHHCRukQPOUP/5ucDO60Kn4qcX0IoSpYE9BLc/XZHWLau53sN7Cd
FgAblAPUeP1ZcqOEF0yHxWNBdxy1RkEOCucJ0y+xNr5GBXsO98x+DZr1grs4ky/t
K/6hxA1gusC8iuYPkl5eDQw4c63HLaZJTRx5NXZCyXK+gqtS4bkwnT8wC8k9Qmqg
wxEP2d+k/ehOgP4ytKoMRAyuXw5dAgMBAAGjggKpMIICpTAdBgNVHQ4EFgQUoITX
h9RQuM5coUSh4EbvW9oZn3cwHwYDVR0jBBgwFoAU9nBmQ5rNnq/UiZ/GjGB1xwzj
mtUwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU2QkI4L0Q3OUVFQjk0ODkxQzExRUVBRjY1Qzc2MDRBRDlFNkZDLzluQm1R
NXJObnFfVWlaX0dqR0IxeHd6am10VS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzluQm1RNXJObnFfVWlaX0dqR0IxeHd6am10VS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjU2QkI4L0Q3OUVFQjk0ODkxQzExRUVBRjY1Qzc2MDRB
RDlFNkZDL0FEMDE0MDVFM0VCNTExRUY5OUVERTM4Qzc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIwYIKwYBBQUHAQcBAf8EFDASMBAEAgACMAoDCAcgAUP/0AAAMA0GCSqGSIb3
DQEBCwUAA4IBAQB3oOfgyvLqx2JWWdzU/4h7I6gdsIQpkun9b6cpSVNtZ5oxCJLF
YXofUvZmVTHM3Sne6+iNWaOYTSJ9N9ybgtIxXQ+eUGO16/NJhgNsdKofu5GwNftK
iRN6by2FC95ZKc/MT9lUQ/c9R5VIKmG+fUk3LoGN4EUL692jNXrjDlwZDh5FeQrM
P12hU8GmA/EoHmogZZJdvDJMkPT9TOAzTXzfgxpuVHugOtYUpOkfp7JEE8SHKaUM
k2QLJ1+wM01xh+aKvHmhsVGord16HIP5FuNDZ8s570zhCWs8bT6hGWPOMAB3qQU9
ak7PhdSVucmKRarbmFSqaQLH8V/LlJ4myfMx
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:33:14 2025 by rpki-client