Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3BEB59904B1D11EE8A68B33C4AD9E6FC.roa
File: 3BEB59904B1D11EE8A68B33C4AD9E6FC.roa (raw, json)
Hash identifier: woovFmI/kLaSJwO7hRekO0BMuBBYpgqxHbRW7W7IoHY=
Subject key identifier: D7:4E:ED:9D:21:78:5A:9A:B7:DD:DA:96:A7:B3:83:13:F5:E4:68:6C
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 11F3
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3BEB59904B1D11EE8A68B33C4AD9E6FC.roa
Signing time: Mon 04 Sep 2023 12:19:03 +0000
ROA not before: Mon 04 Sep 2023 12:18:59 +0000
ROA not after: Sat 06 Sep 2025 12:18:59 +0000
asID: 209242
IP address blocks: 154.16.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 May 2024 05:15:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4595 (0x11f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Sep 4 12:18:59 2023 GMT
Not After : Sep 6 12:18:59 2025 GMT
Subject: CN=64f5cb37-4541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:21:5f:17:d8:fa:fa:ce:4a:0c:a7:14:e8:fd:
28:42:8e:d1:b1:59:aa:ab:ef:90:81:54:04:7a:dd:
96:1f:1e:83:d3:b0:6e:4e:2b:7e:b4:4a:42:a4:f9:
8a:93:9b:26:7c:1b:7c:ae:11:75:6c:05:07:99:bb:
b9:4e:87:4f:be:e6:f5:3f:7b:0c:37:ef:26:c0:b1:
34:43:70:e8:fc:f9:67:94:77:82:f6:56:62:25:41:
5a:7f:11:e0:fa:b8:8e:06:86:25:c2:8d:0b:ba:98:
df:c2:ff:0c:77:76:2e:ed:4b:36:5c:e8:c2:e8:96:
98:87:c4:b2:35:4f:85:31:ed:94:a8:23:5f:a4:5b:
50:80:d4:d4:f9:cf:c5:88:51:61:5b:7b:00:f9:35:
3c:90:c2:60:9e:d9:cd:09:9b:22:a8:4e:31:be:db:
2c:a1:c5:23:6e:34:0f:98:96:33:70:9d:54:2d:fe:
2a:08:e0:96:fa:d4:e3:c4:72:e2:94:14:b4:9b:6d:
62:7e:ac:01:6f:f8:7a:79:2a:05:c4:04:89:02:0a:
7c:ef:e8:7a:c5:d1:78:96:b2:01:f5:74:24:cf:0e:
05:3d:13:bd:ec:4a:a0:66:5b:4c:35:29:2d:28:84:
72:ae:69:3b:b9:a0:d6:3a:bd:0d:1d:4a:91:d4:7c:
3f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:4E:ED:9D:21:78:5A:9A:B7:DD:DA:96:A7:B3:83:13:F5:E4:68:6C
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3BEB59904B1D11EE8A68B33C4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.94.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:62:32:a0:40:97:9b:db:97:95:c3:f3:b3:e5:dd:2c:9c:b1:
21:e1:ce:f2:a1:eb:04:73:c5:9a:30:f0:73:8c:4b:32:15:ca:
b1:a0:04:f4:a8:76:50:bd:f9:1e:e1:05:7b:09:af:cd:3a:fc:
89:de:8c:a7:40:2c:6b:e8:af:f5:f7:5a:f7:bf:24:60:04:4a:
d5:cc:62:07:3d:8e:86:b5:5d:57:ed:a3:5a:c3:bf:bd:d5:a8:
0e:b3:7d:c5:3d:ee:19:03:f3:d3:ba:53:33:e6:15:3a:30:c7:
52:f5:4d:6f:9b:d2:be:6a:35:7a:5d:bd:a5:87:a5:b9:4a:8d:
4a:8c:2d:7e:8d:6b:15:3c:b8:29:b4:51:e2:d0:65:aa:eb:a8:
a0:ac:f4:dd:88:f8:3e:ac:8b:3e:8f:e1:de:0c:ad:7d:40:86:
e5:33:6f:f2:86:3d:37:90:d8:ea:5d:13:e0:b4:a7:c7:a5:2a:
8d:8f:c9:df:9f:28:83:4e:50:21:46:ed:b4:a4:be:ea:b4:07:
7b:5b:fa:e0:88:7c:9d:7f:2a:7e:11:7e:b8:ff:f1:d0:db:55:
a3:6f:5e:bd:3e:fe:f4:54:63:64:f7:bb:9d:0e:39:dd:29:23:
3c:d0:1f:55:7f:a8:b8:ae:85:0d:d7:b0:24:9d:67:2b:77:7a:
74:7c:41:d4
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEfMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA5MDQxMjE4NTlaFw0yNTA5MDYxMjE4NTlaMBgxFjAU
BgNVBAMTDTY0ZjVjYjM3LTQ1NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCgIV8X2Pr6zkoMpxTo/ShCjtGxWaqr75CBVAR63ZYfHoPTsG5OK360SkKk
+YqTmyZ8G3yuEXVsBQeZu7lOh0++5vU/eww37ybAsTRDcOj8+WeUd4L2VmIlQVp/
EeD6uI4GhiXCjQu6mN/C/wx3di7tSzZc6MLolpiHxLI1T4Ux7ZSoI1+kW1CA1NT5
z8WIUWFbewD5NTyQwmCe2c0JmyKoTjG+2yyhxSNuNA+YljNwnVQt/ioI4Jb61OPE
cuKUFLSbbWJ+rAFv+Hp5KgXEBIkCCnzv6HrF0XiWsgH1dCTPDgU9E73sSqBmW0w1
KS0ohHKuaTu5oNY6vQ0dSpHUfD83AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU107t
nSF4Wpq33dqWp7ODE/XkaGwwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzNCRUI1OTkwNEIxRDExRUU4QTY4QjMzQzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEF4wDQYJKoZIhvcNAQEL
BQADggEBALRiMqBAl5vbl5XD87Pl3SycsSHhzvKh6wRzxZow8HOMSzIVyrGgBPSo
dlC9+R7hBXsJr806/InejKdALGvor/X3Wve/JGAEStXMYgc9joa1XVfto1rDv73V
qA6zfcU97hkD89O6UzPmFTowx1L1TW+b0r5qNXpdvaWHpblKjUqMLX6NaxU8uCm0
UeLQZarrqKCs9N2I+D6siz6P4d4MrX1AhuUzb/KGPTeQ2OpdE+C0p8elKo2Pyd+f
KINOUCFG7bSkvuq0B3tb+uCIfJ1/Kn4Rfrj/8dDbVaNvXr0+/vRUY2T3u50OOd0p
IzzQH1V/qLiuhQ3XsCSdZyt3enR8QdQ=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:49:27 2025 by rpki-client