Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/338B9A72D7B211EEB6DDA38B775412E6.roa
File: 338B9A72D7B211EEB6DDA38B775412E6.roa (raw, json)
Hash identifier: 1TBQ/xmgbhZ1wB69cVPVnRGSxIYLH+fCh+TtwlqU+Us=
Subject key identifier: CD:B6:2D:F1:25:05:4C:F8:FD:0C:EB:64:00:D2:A9:22:C7:21:20:7C
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1542
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/338B9A72D7B211EEB6DDA38B775412E6.roa
Signing time: Fri 01 Mar 2024 09:58:06 +0000
ROA not before: Fri 01 Mar 2024 09:58:03 +0000
ROA not after: Mon 02 Mar 2026 09:58:03 +0000
asID: 834
IP address blocks: 154.16.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Apr 2024 18:02:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5442 (0x1542)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Mar 1 09:58:03 2024 GMT
Not After : Mar 2 09:58:03 2026 GMT
Subject: CN=65e1a6ae-57ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:37:6e:9b:f8:f1:2b:2e:1a:92:09:4c:9d:44:
a4:85:ec:14:d4:25:f8:f6:0d:50:d8:22:62:c3:99:
5c:4d:0c:45:ee:39:8b:3b:a7:fe:ef:5b:07:f8:73:
37:7b:d4:f8:98:b5:7b:95:7c:72:e2:0e:bd:96:6b:
f3:5d:a9:e4:e6:5c:31:24:72:82:8d:a5:9a:5d:77:
c7:ab:17:a0:ce:ef:28:c5:cf:82:e3:f6:84:08:6d:
17:28:60:0a:ed:67:23:9e:25:03:8d:2c:0f:08:c0:
40:c7:8b:63:c6:6a:1b:d9:5f:3b:b2:ca:7e:ea:7e:
6f:dd:8e:42:25:4e:38:cf:4a:aa:de:1f:ca:97:32:
91:3f:8d:63:2b:e8:91:d3:3d:0b:9d:88:89:b4:a0:
79:2c:b4:bf:d4:66:93:05:52:2b:79:a9:88:78:00:
fc:34:23:e4:f0:15:10:df:31:21:4f:29:62:ba:27:
56:ad:d4:98:02:54:9a:a8:d5:bb:63:7f:6c:71:71:
99:dd:dc:a1:56:6c:59:5c:e4:9e:03:7d:e6:6e:54:
f2:17:b0:24:3e:b5:79:89:f7:f5:db:fa:e9:52:70:
6e:b4:6b:57:7b:38:d9:41:a9:b9:41:b1:6b:3f:41:
60:86:72:a5:ad:72:dc:c4:4c:8f:c5:76:00:ee:6e:
0a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:B6:2D:F1:25:05:4C:F8:FD:0C:EB:64:00:D2:A9:22:C7:21:20:7C
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/338B9A72D7B211EEB6DDA38B775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.154.0/24
Signature Algorithm: sha256WithRSAEncryption
79:a5:54:3e:ec:3a:c8:7a:cc:f3:29:e2:41:3b:cc:45:2d:7d:
e0:c0:1e:ad:f9:b5:b2:06:d9:e2:3f:20:33:e0:8a:5d:53:27:
e4:f2:ca:b5:da:51:e9:d0:a9:c0:8c:6d:20:f6:2b:91:32:f5:
f8:71:8f:31:57:ef:1d:66:13:a6:a2:a8:27:50:ae:47:60:ab:
d3:8d:1f:5a:0c:d9:b4:da:ad:cf:57:06:cf:3b:43:85:b9:92:
dc:31:93:1a:08:81:b8:84:d1:d4:a1:be:be:60:74:8f:7f:d1:
41:cd:cf:f9:e6:88:cd:d4:ad:72:d3:d7:06:ca:63:7e:e1:3d:
0f:2c:35:88:97:a0:76:4d:e1:76:23:21:7d:e6:a8:a7:23:4b:
65:8d:fc:18:3f:10:3d:54:d0:93:4c:8b:b9:48:03:1e:0b:a3:
a7:36:75:10:37:98:89:0d:bc:42:97:04:5f:a2:e2:73:14:74:
f9:58:58:7c:ef:76:c1:63:9c:b3:12:6f:4e:bb:51:1d:33:da:
de:aa:ab:08:b4:6a:6e:d6:81:c0:a4:81:0a:8e:cb:0e:c4:2c:
d2:f6:82:7d:c3:21:30:e5:4b:3d:50:21:f7:df:1e:0a:85:f1:
25:c2:84:48:1b:1f:81:8a:2d:07:76:38:5c:ac:c1:c1:49:65:
62:8d:75:f3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFUIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAzMDEwOTU4MDNaFw0yNjAzMDIwOTU4MDNaMBgxFjAU
BgNVBAMTDTY1ZTFhNmFlLTU3ZWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCuN26b+PErLhqSCUydRKSF7BTUJfj2DVDYImLDmVxNDEXuOYs7p/7vWwf4
czd71PiYtXuVfHLiDr2Wa/NdqeTmXDEkcoKNpZpdd8erF6DO7yjFz4Lj9oQIbRco
YArtZyOeJQONLA8IwEDHi2PGahvZXzuyyn7qfm/djkIlTjjPSqreH8qXMpE/jWMr
6JHTPQudiIm0oHkstL/UZpMFUit5qYh4APw0I+TwFRDfMSFPKWK6J1at1JgCVJqo
1btjf2xxcZnd3KFWbFlc5J4DfeZuVPIXsCQ+tXmJ9/Xb+ulScG60a1d7ONlBqblB
sWs/QWCGcqWtctzETI/FdgDubgpZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUzbYt
8SUFTPj9DOtkANKpIschIHwwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzMzOEI5QTcyRDdCMjExRUVCNkREQTM4Qjc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEJowDQYJKoZIhvcNAQEL
BQADggEBAHmlVD7sOsh6zPMp4kE7zEUtfeDAHq35tbIG2eI/IDPgil1TJ+TyyrXa
UenQqcCMbSD2K5Ey9fhxjzFX7x1mE6aiqCdQrkdgq9ONH1oM2bTarc9XBs87Q4W5
ktwxkxoIgbiE0dShvr5gdI9/0UHNz/nmiM3UrXLT1wbKY37hPQ8sNYiXoHZN4XYj
IX3mqKcjS2WN/Bg/ED1U0JNMi7lIAx4Lo6c2dRA3mIkNvEKXBF+i4nMUdPlYWHzv
dsFjnLMSb067UR0z2t6qqwi0am7WgcCkgQqOyw7ELNL2gn3DITDlSz1QIfffHgqF
8SXChEgbH4GKLQd2OFyswcFJZWKNdfM=
-----END CERTIFICATE-----
Generated at Tue Apr 23 22:12:08 2024 by rpki-client on console-ams.rpki-client.org