Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36797C7/DEACBA2E94E011ECBFBC4E955A40D577/4346FE38ABB711EE8177A3C1775412E6.roa
File: 4346FE38ABB711EE8177A3C1775412E6.roa (raw, json)
Hash identifier: ca9HINn6f5zOBnB3yyO+APFpzePQrv+fgwrP7Xk8cH4=
Subject key identifier: 52:35:07:14:F0:01:42:F7:46:B6:03:01:E5:DA:33:AF:D2:4C:6A:E4
Certificate issuer: /CN=F36797C7AF/serialNumber=F4171D4EA249CA147AB8DEC205DCB51F49988B50
Certificate serial: 02D1
Authority key identifier: F4:17:1D:4E:A2:49:CA:14:7A:B8:DE:C2:05:DC:B5:1F:49:98:8B:50
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/9BcdTqJJyhR6uN7CBdy1H0mYi1A.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36797C7/DEACBA2E94E011ECBFBC4E955A40D577/4346FE38ABB711EE8177A3C1775412E6.roa
Signing time: Fri 05 Jan 2024 10:43:29 +0000
ROA not before: Fri 05 Jan 2024 10:43:26 +0000
ROA not after: Fri 31 Mar 2034 10:43:26 +0000
asID: 328964
IP address blocks: 102.217.253.0/24 maxlen: 29
2c0f:4880::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 19 Jun 2024 10:24:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 721 (0x2d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36797C7AF/serialNumber=F4171D4EA249CA147AB8DEC205DCB51F49988B50
Validity
Not Before: Jan 5 10:43:26 2024 GMT
Not After : Mar 31 10:43:26 2034 GMT
Subject: CN=6597dd51-7c1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:89:d7:44:5b:7f:2f:d9:9a:92:a3:4e:41:93:
46:b1:db:d1:cf:16:43:93:bb:fd:5f:b0:d2:1d:5f:
d9:8e:ad:39:21:be:50:2b:a6:2e:03:25:8d:37:0f:
a1:3f:a6:82:8b:f7:a4:af:1f:7c:ed:01:6a:e2:9d:
5d:4a:ea:eb:64:da:84:72:df:b6:7e:9b:dd:09:d0:
67:e7:e6:f2:fa:81:ba:2e:7a:7d:ec:5e:00:e9:8b:
43:cc:8c:5e:65:9c:4e:6c:41:f4:42:c3:f0:74:09:
bc:de:7c:a4:19:03:d5:24:d8:4d:68:39:83:d7:9e:
aa:a5:a1:5b:15:02:15:fb:fa:88:84:b0:5e:22:cc:
44:39:1f:a0:d4:cb:fd:23:17:33:f1:cc:5f:53:28:
ff:eb:87:ce:90:33:54:47:12:9e:cd:b9:d4:3c:91:
3b:c1:92:2b:44:d5:94:f0:a6:62:1a:b0:e0:ed:94:
94:41:f4:3c:85:41:86:73:2e:1f:1e:c9:81:ca:4c:
7d:76:3e:d7:38:6c:34:e0:8c:e5:0d:d4:b3:95:12:
84:8f:2a:e3:03:31:ad:1e:0a:4c:6f:fb:f8:70:86:
f8:28:11:5f:13:e0:d2:5c:07:97:3a:34:62:84:0f:
ed:04:96:cb:83:bc:32:87:1a:9f:53:bf:42:0b:4f:
57:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:35:07:14:F0:01:42:F7:46:B6:03:01:E5:DA:33:AF:D2:4C:6A:E4
X509v3 Authority Key Identifier:
keyid:F4:17:1D:4E:A2:49:CA:14:7A:B8:DE:C2:05:DC:B5:1F:49:98:8B:50
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36797C7/DEACBA2E94E011ECBFBC4E955A40D577/9BcdTqJJyhR6uN7CBdy1H0mYi1A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9BcdTqJJyhR6uN7CBdy1H0mYi1A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36797C7/DEACBA2E94E011ECBFBC4E955A40D577/4346FE38ABB711EE8177A3C1775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.217.253.0/24
IPv6:
2c0f:4880::/32
Signature Algorithm: sha256WithRSAEncryption
95:8b:74:0b:fc:b3:d2:d6:68:e6:59:fe:14:95:02:3e:7b:01:
3b:2e:66:68:26:82:f1:46:61:f2:a3:41:12:8b:f9:48:4d:13:
cb:17:b2:20:6d:f0:e1:79:65:20:30:d0:8b:ab:b2:06:c7:8e:
98:fa:70:a0:08:ab:54:a8:a4:9b:68:7c:41:33:da:40:10:15:
97:76:07:c4:3f:01:28:e7:1b:54:85:4f:f2:48:1e:c5:b6:95:
ca:80:61:95:13:84:e1:91:4c:3b:e9:f5:d4:ca:8f:b6:cb:20:
b6:c5:dc:79:a3:52:cc:c1:9a:f6:ab:5a:77:4a:41:1c:e5:63:
b2:cd:2f:ea:32:2d:62:9d:f6:3a:b9:df:bc:b2:88:2e:cf:47:
0f:e5:bf:6f:df:a8:c9:bf:ef:56:ea:b6:78:d4:29:4c:d7:0d:
32:a1:fc:74:9a:2b:63:7e:79:68:17:ae:7f:65:df:7c:db:22:
f0:1e:9c:7f:f2:60:68:ef:d5:60:cf:62:93:7a:7a:ee:f1:3b:
b5:d7:a0:e0:11:c6:da:ad:80:c4:0b:ad:8e:8a:1a:4b:49:48:
63:86:02:f1:ac:f9:ee:5e:9f:ca:74:d5:30:ef:17:7b:49:83:
26:c7:62:76:c0:83:04:93:7c:3c:6a:5f:fb:0b:37:db:9f:f1:
73:18:b9:03
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAtEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
Nzk3QzdBRjExMC8GA1UEBRMoRjQxNzFENEVBMjQ5Q0ExNDdBQjhERUMyMDVEQ0I1
MUY0OTk4OEI1MDAeFw0yNDAxMDUxMDQzMjZaFw0zNDAzMzExMDQzMjZaMBgxFjAU
BgNVBAMTDTY1OTdkZDUxLTdjMWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDPiddEW38v2ZqSo05Bk0ax29HPFkOTu/1fsNIdX9mOrTkhvlArpi4DJY03
D6E/poKL96SvH3ztAWrinV1K6utk2oRy37Z+m90J0Gfn5vL6gbouen3sXgDpi0PM
jF5lnE5sQfRCw/B0CbzefKQZA9Uk2E1oOYPXnqqloVsVAhX7+oiEsF4izEQ5H6DU
y/0jFzPxzF9TKP/rh86QM1RHEp7NudQ8kTvBkitE1ZTwpmIasODtlJRB9DyFQYZz
Lh8eyYHKTH12Ptc4bDTgjOUN1LOVEoSPKuMDMa0eCkxv+/hwhvgoEV8T4NJcB5c6
NGKED+0ElsuDvDKHGp9Tv0ILT1efAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUUjUH
FPABQvdGtgMB5dozr9JMauQwHwYDVR0jBBgwFoAU9BcdTqJJyhR6uN7CBdy1H0mY
i1AwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjc5N0M3L0RFQUNCQTJFOTRFMDExRUNCRkJDNEU5NTVBNDBENTc3LzlCY2RU
cUpKeWhSNnVON0NCZHkxSDBtWWkxQS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzlCY2RUcUpKeWhSNnVON0NCZHkxSDBtWWkxQS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjc5N0M3L0RFQUNCQTJFOTRFMDExRUNCRkJDNEU5NTVB
NDBENTc3LzQzNDZGRTM4QUJCNzExRUU4MTc3QTNDMTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBABm2f0wDQQCAAIwBwMFACwP
SIAwDQYJKoZIhvcNAQELBQADggEBAJWLdAv8s9LWaOZZ/hSVAj57ATsuZmgmgvFG
YfKjQRKL+UhNE8sXsiBt8OF5ZSAw0IursgbHjpj6cKAIq1SopJtofEEz2kAQFZd2
B8Q/ASjnG1SFT/JIHsW2lcqAYZUThOGRTDvp9dTKj7bLILbF3HmjUszBmvarWndK
QRzlY7LNL+oyLWKd9jq537yyiC7PRw/lv2/fqMm/71bqtnjUKUzXDTKh/HSaK2N+
eWgXrn9l33zbIvAenH/yYGjv1WDPYpN6eu7xO7XXoOARxtqtgMQLrY6KGktJSGOG
AvGs+e5en8p01TDvF3tJgybHYnbAgwSTfDxqX/sLN9uf8XMYuQM=
-----END CERTIFICATE-----
Generated at Wed Jun 19 16:25:57 2024 by rpki-client on console-ams.rpki-client.org