Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/394E3BA0639411EE95A027424AD9E6FC.roa
File: 394E3BA0639411EE95A027424AD9E6FC.roa (raw, json)
Hash identifier: LJjpAQvDxiKIfdqxOpUi0BDiGmuTGsPiXyjjwJ8S3JQ=
Subject key identifier: CE:B2:B9:71:F3:5D:AD:FB:04:95:C6:85:B7:F6:D4:74:A2:25:B0:F0
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 12B1
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/394E3BA0639411EE95A027424AD9E6FC.roa
Signing time: Thu 05 Oct 2023 15:31:16 +0000
ROA not before: Thu 05 Oct 2023 15:31:13 +0000
ROA not after: Sat 04 Oct 2025 15:31:13 +0000
asID: 834
IP address blocks: 154.16.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Nov 2023 06:56:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4785 (0x12b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Oct 5 15:31:13 2023 GMT
Not After : Oct 4 15:31:13 2025 GMT
Subject: CN=651ed6c4-fd22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ba:c4:5d:65:f4:38:1a:95:43:ae:68:d4:13:
5c:92:8a:e1:20:60:1d:a6:33:39:85:d6:7a:82:e8:
3f:ab:b8:ca:da:44:ea:6f:30:52:20:0b:83:bb:39:
ca:41:89:78:8c:d6:57:21:4c:33:bd:90:fa:dd:08:
76:5b:0d:9b:80:53:c7:4e:b4:ea:76:e9:6f:eb:88:
24:35:c0:73:c9:8c:fa:c9:24:15:90:ac:3d:d5:1a:
7b:1b:f2:f0:0f:d6:37:85:9f:0b:40:b2:b2:d2:ca:
6f:c5:78:95:d8:33:e0:6b:45:7c:82:ac:e0:22:b4:
01:73:f5:82:51:0a:c0:9a:50:af:6f:bf:68:66:7e:
42:24:cc:ef:9c:54:f7:bb:24:dc:9a:d0:22:7c:e9:
71:dc:6e:5e:31:a1:a6:63:db:9c:e8:01:4a:6f:0d:
95:ff:d2:78:2e:67:30:cd:3a:a6:86:86:dd:a0:3d:
7e:d9:96:b2:98:6b:d6:cc:b2:f3:99:04:18:00:32:
fe:a1:88:ed:20:70:3a:53:52:56:d6:e7:b3:bf:c5:
8a:5e:03:72:45:e6:53:d0:4e:fe:e4:dd:ec:0b:83:
45:27:7f:32:0d:00:58:d4:25:71:c2:43:2b:4c:a3:
08:1c:9b:0a:bd:9e:06:a5:51:a2:f5:8a:82:68:2a:
49:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B2:B9:71:F3:5D:AD:FB:04:95:C6:85:B7:F6:D4:74:A2:25:B0:F0
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/394E3BA0639411EE95A027424AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.153.0/24
Signature Algorithm: sha256WithRSAEncryption
17:03:cb:2d:ef:01:9e:e9:b4:f2:8a:3a:79:9b:c7:0b:8b:0b:
b1:91:c6:1d:cc:15:55:5d:27:8e:9f:90:30:ed:d1:34:19:c6:
13:86:e1:ee:3e:ef:4b:08:95:0d:4d:58:2d:84:ea:f5:8c:29:
9b:b0:af:01:ac:d2:a7:c7:c7:23:a5:9e:b3:f5:bf:b5:61:46:
51:d3:1e:c6:c4:85:f3:77:ea:2b:37:41:30:af:ee:3d:84:12:
c1:00:5b:0b:39:75:36:64:20:65:5b:b2:48:49:d0:9f:88:d6:
84:ea:fa:10:71:9e:8d:26:77:7c:9c:57:95:e6:e7:33:c3:d7:
7f:c7:08:73:f5:b9:09:e6:9a:a9:2d:10:b6:18:da:7d:b0:5a:
41:1b:50:f8:4d:16:ce:c4:1d:18:92:b5:60:6e:25:b6:48:1c:
9d:12:44:14:ca:26:55:65:17:5b:de:59:a4:24:d3:65:8f:5d:
ec:54:8a:ff:32:05:d6:9d:9a:21:83:72:93:55:dc:73:a8:c2:
24:61:fc:9a:d3:90:9f:d7:bf:2a:2e:e7:b8:a4:85:46:fd:85:
e5:23:87:ba:08:8e:37:4b:6b:6f:f1:ec:73:fc:53:e2:07:22:
ad:d5:39:a6:b7:07:e9:53:cb:69:88:8a:cc:61:80:78:74:1e:
75:e5:a1:c4
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICErEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzEwMDUxNTMxMTNaFw0yNTEwMDQxNTMxMTNaMBgxFjAU
BgNVBAMTDTY1MWVkNmM0LWZkMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDTusRdZfQ4GpVDrmjUE1ySiuEgYB2mMzmF1nqC6D+ruMraROpvMFIgC4O7
OcpBiXiM1lchTDO9kPrdCHZbDZuAU8dOtOp26W/riCQ1wHPJjPrJJBWQrD3VGnsb
8vAP1jeFnwtAsrLSym/FeJXYM+BrRXyCrOAitAFz9YJRCsCaUK9vv2hmfkIkzO+c
VPe7JNya0CJ86XHcbl4xoaZj25zoAUpvDZX/0nguZzDNOqaGht2gPX7ZlrKYa9bM
svOZBBgAMv6hiO0gcDpTUlbW57O/xYpeA3JF5lPQTv7k3ewLg0UnfzINAFjUJXHC
QytMowgcmwq9ngalUaL1ioJoKknrAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUzrK5
cfNdrfsElcaFt/bUdKIlsPAwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzM5NEUzQkEwNjM5NDExRUU5NUEwMjc0MjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEJkwDQYJKoZIhvcNAQEL
BQADggEBABcDyy3vAZ7ptPKKOnmbxwuLC7GRxh3MFVVdJ46fkDDt0TQZxhOG4e4+
70sIlQ1NWC2E6vWMKZuwrwGs0qfHxyOlnrP1v7VhRlHTHsbEhfN36is3QTCv7j2E
EsEAWws5dTZkIGVbskhJ0J+I1oTq+hBxno0md3ycV5Xm5zPD13/HCHP1uQnmmqkt
ELYY2n2wWkEbUPhNFs7EHRiStWBuJbZIHJ0SRBTKJlVlF1veWaQk02WPXexUiv8y
BdadmiGDcpNV3HOowiRh/JrTkJ/Xvyou57ikhUb9heUjh7oIjjdLa2/x7HP8U+IH
Iq3VOaa3B+lTy2mIisxhgHh0HnXlocQ=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:57:07 2025 by rpki-client