Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36797C7/DEACBA2E94E011ECBFBC4E955A40D577/500F7822338211EF9ED50CA9762E951A.roa
File: 500F7822338211EF9ED50CA9762E951A.roa (raw, json)
Hash identifier: m7GN38aYXYAYyg8frJ3+546VH8z+lMP2d2CNZ9+XhfY=
Subject key identifier: 05:6D:1F:41:77:C5:97:96:34:09:5B:63:A9:5A:4F:55:94:AA:13:1F
Certificate issuer: /CN=F36797C7AF/serialNumber=F4171D4EA249CA147AB8DEC205DCB51F49988B50
Certificate serial: 038C
Authority key identifier: F4:17:1D:4E:A2:49:CA:14:7A:B8:DE:C2:05:DC:B5:1F:49:98:8B:50
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/9BcdTqJJyhR6uN7CBdy1H0mYi1A.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36797C7/DEACBA2E94E011ECBFBC4E955A40D577/500F7822338211EF9ED50CA9762E951A.roa
Signing time: Wed 26 Jun 2024 06:07:06 +0000
ROA not before: Wed 26 Jun 2024 06:07:02 +0000
ROA not after: Sun 31 Dec 2034 06:07:02 +0000
asID: 328964
IP address blocks: 102.208.204.0/23 maxlen: 24
102.217.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Jun 2024 11:25:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 908 (0x38c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36797C7AF/serialNumber=F4171D4EA249CA147AB8DEC205DCB51F49988B50
Validity
Not Before: Jun 26 06:07:02 2024 GMT
Not After : Dec 31 06:07:02 2034 GMT
Subject: CN=667bb009-8a54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:39:9b:56:96:1c:03:04:82:97:59:93:21:44:
33:93:e0:bd:19:0a:7b:72:b2:d2:f4:b6:37:a1:f1:
87:a5:74:ce:d2:60:81:ab:a5:f7:b7:19:1e:b9:82:
34:87:1b:65:93:ad:e9:e1:c7:60:41:b7:c1:44:6c:
54:24:da:47:a9:af:f2:bd:5c:da:7f:74:14:cf:9e:
28:10:d7:f4:9f:23:16:1f:5e:ec:f0:cb:35:6f:fa:
65:6a:ea:ca:16:a6:79:73:a0:2c:b5:0a:d0:fc:4d:
d3:3c:ba:9f:93:d4:aa:f4:08:ee:37:5e:67:14:ba:
6b:65:46:55:ce:07:55:57:74:e6:c2:63:ef:04:60:
89:1b:48:ba:d8:a7:e3:28:1c:28:aa:74:9a:4b:9b:
97:94:e4:ca:4a:75:0f:de:5b:a1:bf:11:ee:f8:6e:
25:94:ec:60:87:3e:b3:01:98:08:ca:01:f3:bd:07:
6a:77:7e:85:20:ad:02:26:d7:e3:34:37:9c:03:77:
85:46:44:44:57:d5:be:a2:89:25:ec:db:ae:f7:03:
9c:1f:18:a2:66:36:66:a2:4b:f7:2c:c1:c5:c3:95:
d8:4c:ce:2c:81:5d:62:a9:69:a4:b3:03:d8:c1:ce:
60:77:ed:d4:16:99:79:0e:74:af:6c:10:17:ce:3f:
01:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:6D:1F:41:77:C5:97:96:34:09:5B:63:A9:5A:4F:55:94:AA:13:1F
X509v3 Authority Key Identifier:
keyid:F4:17:1D:4E:A2:49:CA:14:7A:B8:DE:C2:05:DC:B5:1F:49:98:8B:50
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36797C7/DEACBA2E94E011ECBFBC4E955A40D577/9BcdTqJJyhR6uN7CBdy1H0mYi1A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9BcdTqJJyhR6uN7CBdy1H0mYi1A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36797C7/DEACBA2E94E011ECBFBC4E955A40D577/500F7822338211EF9ED50CA9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.208.204.0/23
102.217.253.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:82:20:20:88:40:d5:ea:ce:21:fd:7b:73:fb:e8:ac:86:ae:
cc:a4:61:61:80:24:d6:d3:77:91:3c:ed:d6:e1:15:e4:5f:17:
0d:7e:80:f8:bb:c7:87:ea:50:2b:ef:af:b6:e2:0f:d5:37:eb:
d7:14:ae:76:02:fc:ff:60:17:bf:a1:a5:88:c7:58:85:f4:c6:
db:a2:20:25:14:23:dd:77:9f:41:00:dc:23:ec:f0:27:51:06:
06:3f:f9:4c:e5:5a:fa:ae:93:24:76:95:e8:cd:d5:1b:2b:39:
b5:99:ca:41:9b:b5:03:11:7b:78:df:8e:fc:5f:e2:93:a8:b8:
0d:4f:fc:f6:80:67:9e:75:f3:80:91:2c:94:2e:cc:af:16:a6:
e4:a0:ef:80:9d:10:57:9d:ef:14:78:76:9b:67:ef:74:b2:99:
0f:98:39:18:4d:52:05:b2:e5:9c:28:f0:3d:6a:04:39:2f:57:
ac:1a:82:a6:30:c1:d3:23:c7:dc:20:e1:a2:1c:47:5b:3e:c3:
83:b3:23:e7:c0:e1:9f:b2:dd:33:51:f7:76:36:55:da:b3:fd:
5a:50:0b:ab:85:a9:53:34:33:de:2f:41:f3:94:81:59:3e:de:
18:99:ba:00:45:f6:40:1c:04:04:c6:21:d7:c1:00:fd:01:f2:
47:be:4b:90
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICA4wwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
Nzk3QzdBRjExMC8GA1UEBRMoRjQxNzFENEVBMjQ5Q0ExNDdBQjhERUMyMDVEQ0I1
MUY0OTk4OEI1MDAeFw0yNDA2MjYwNjA3MDJaFw0zNDEyMzEwNjA3MDJaMBgxFjAU
BgNVBAMTDTY2N2JiMDA5LThhNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC1OZtWlhwDBIKXWZMhRDOT4L0ZCntystL0tjeh8YeldM7SYIGrpfe3GR65
gjSHG2WTrenhx2BBt8FEbFQk2kepr/K9XNp/dBTPnigQ1/SfIxYfXuzwyzVv+mVq
6soWpnlzoCy1CtD8TdM8up+T1Kr0CO43XmcUumtlRlXOB1VXdObCY+8EYIkbSLrY
p+MoHCiqdJpLm5eU5MpKdQ/eW6G/Ee74biWU7GCHPrMBmAjKAfO9B2p3foUgrQIm
1+M0N5wDd4VGRERX1b6iiSXs2673A5wfGKJmNmaiS/cswcXDldhMziyBXWKpaaSz
A9jBzmB37dQWmXkOdK9sEBfOPwF/AgMBAAGjggKrMIICpzAdBgNVHQ4EFgQUBW0f
QXfFl5Y0CVtjqVpPVZSqEx8wHwYDVR0jBBgwFoAU9BcdTqJJyhR6uN7CBdy1H0mY
i1AwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjc5N0M3L0RFQUNCQTJFOTRFMDExRUNCRkJDNEU5NTVBNDBENTc3LzlCY2RU
cUpKeWhSNnVON0NCZHkxSDBtWWkxQS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzlCY2RUcUpKeWhSNnVON0NCZHkxSDBtWWkxQS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjc5N0M3L0RFQUNCQTJFOTRFMDExRUNCRkJDNEU5NTVB
NDBENTc3LzUwMEY3ODIyMzM4MjExRUY5RUQ1MENBOTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAFm0MwDBABm2f0wDQYJKoZI
hvcNAQELBQADggEBAKGCICCIQNXqziH9e3P76KyGrsykYWGAJNbTd5E87dbhFeRf
Fw1+gPi7x4fqUCvvr7biD9U369cUrnYC/P9gF7+hpYjHWIX0xtuiICUUI913n0EA
3CPs8CdRBgY/+UzlWvqukyR2lejN1RsrObWZykGbtQMRe3jfjvxf4pOouA1P/PaA
Z55184CRLJQuzK8WpuSg74CdEFed7xR4dptn73SymQ+YORhNUgWy5Zwo8D1qBDkv
V6wagqYwwdMjx9wg4aIcR1s+w4OzI+fA4Z+y3TNR93Y2Vdqz/VpQC6uFqVM0M94v
QfOUgVk+3hiZugBF9kAcBATGIdfBAP0B8ke+S5A=
-----END CERTIFICATE-----
Generated at Wed Jun 26 18:22:48 2024 by rpki-client on console-ams.rpki-client.org