Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3D2CFC70A7D711EE9B1DF1A1775412E6.roa
File: 3D2CFC70A7D711EE9B1DF1A1775412E6.roa (raw, json)
Hash identifier: ZpkFF7X8E+YNLRox0WYHY8bAO2q6thqKSYLu87paIOM=
Subject key identifier: B3:A7:BD:7C:D1:7D:A0:2F:D9:D2:90:6C:ED:04:7B:4D:BC:39:8A:24
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1430
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3D2CFC70A7D711EE9B1DF1A1775412E6.roa
Signing time: Sun 31 Dec 2023 12:22:18 +0000
ROA not before: Sun 31 Dec 2023 12:22:15 +0000
ROA not after: Fri 05 Dec 2025 12:22:15 +0000
asID: 3356
IP address blocks: 154.16.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Apr 2024 10:23:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5168 (0x1430)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Dec 31 12:22:15 2023 GMT
Not After : Dec 5 12:22:15 2025 GMT
Subject: CN=65915cfa-f31b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:30:8c:f8:98:b0:78:d9:21:b3:28:5a:b6:20:
aa:e8:af:15:77:61:df:b3:34:c1:dc:f2:31:97:64:
f5:54:f5:67:8b:71:40:dc:3b:62:21:a9:da:16:8d:
8d:3b:be:10:f9:a7:91:17:af:51:13:2a:ae:44:00:
7d:bf:41:81:f7:0b:a6:43:a5:b5:f5:1b:cd:80:00:
53:da:32:6e:89:f4:37:c8:2e:34:93:c7:e5:03:90:
ec:88:c3:9b:42:33:59:83:ff:48:2c:d7:fd:a7:e4:
c1:5d:c3:39:93:a2:c4:ea:1a:50:f7:6d:b2:47:b3:
21:88:40:9a:22:5b:10:a4:43:22:65:b0:2a:71:60:
d4:af:88:03:ca:b0:fa:a5:99:76:cc:1a:af:50:a3:
4f:a2:57:b3:34:b8:cb:80:0c:93:92:c9:03:4d:ac:
ee:f9:71:35:0d:5f:eb:44:90:30:bb:a8:b7:83:4e:
0c:ee:81:7f:05:65:26:e8:4a:55:5c:db:d4:c8:bc:
56:75:2c:ac:56:07:b8:9a:91:78:42:d9:4d:cb:97:
dd:48:04:39:6b:01:d4:e9:62:60:cc:47:e2:57:47:
3a:6b:e3:ee:44:aa:60:8c:13:90:68:95:7f:26:18:
cd:7d:c1:bb:78:b0:56:0e:71:20:a0:81:e1:b8:9d:
d1:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:A7:BD:7C:D1:7D:A0:2F:D9:D2:90:6C:ED:04:7B:4D:BC:39:8A:24
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3D2CFC70A7D711EE9B1DF1A1775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.240.0/24
Signature Algorithm: sha256WithRSAEncryption
72:f4:87:c9:35:6f:d9:8d:d0:34:6d:77:fb:92:a0:2d:02:82:
c2:f2:eb:9c:99:13:0c:18:5c:f2:ff:d9:c6:95:fb:41:dd:57:
cc:17:a3:0f:06:45:1a:8f:b0:9b:67:ec:a5:f4:d5:a7:35:1b:
cb:1a:ed:5c:e1:8b:1c:74:d0:ec:0e:cb:e3:aa:79:90:24:77:
3d:93:38:d3:ab:c8:be:fe:b6:cc:20:73:83:07:0c:1f:cb:08:
cc:06:3e:d2:cc:f0:21:86:86:bf:9f:3b:5d:6b:68:e8:dc:78:
c1:aa:57:ed:c8:2f:f5:dc:04:96:b5:c8:79:17:be:7c:64:7a:
3f:f0:d6:a6:9d:ff:f8:52:3d:04:93:92:a4:16:5b:d0:35:5d:
d3:0e:3b:1d:dd:b5:68:19:3d:3e:a7:b0:78:73:e9:46:ac:3d:
77:b2:cb:11:5a:99:5d:ce:46:76:84:27:e6:19:7e:de:bf:d5:
2c:18:36:a2:79:0c:1a:ae:cb:46:15:37:d9:fd:9b:e1:74:23:
e0:30:da:11:be:00:47:9e:38:c9:72:81:03:bf:9f:74:d0:18:
4e:a8:ca:01:41:88:74:f7:88:ef:00:ca:ab:40:0e:60:0f:55:
aa:5d:4b:61:b8:24:7e:00:8d:fa:43:7a:c1:56:97:a5:36:76:
9e:45:5a:75
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFDAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzEyMzExMjIyMTVaFw0yNTEyMDUxMjIyMTVaMBgxFjAU
BgNVBAMTDTY1OTE1Y2ZhLWYzMWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDnMIz4mLB42SGzKFq2IKrorxV3Yd+zNMHc8jGXZPVU9WeLcUDcO2IhqdoW
jY07vhD5p5EXr1ETKq5EAH2/QYH3C6ZDpbX1G82AAFPaMm6J9DfILjSTx+UDkOyI
w5tCM1mD/0gs1/2n5MFdwzmTosTqGlD3bbJHsyGIQJoiWxCkQyJlsCpxYNSviAPK
sPqlmXbMGq9Qo0+iV7M0uMuADJOSyQNNrO75cTUNX+tEkDC7qLeDTgzugX8FZSbo
SlVc29TIvFZ1LKxWB7iakXhC2U3Ll91IBDlrAdTpYmDMR+JXRzpr4+5EqmCME5Bo
lX8mGM19wbt4sFYOcSCggeG4ndHfAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUs6e9
fNF9oC/Z0pBs7QR7Tbw5iiQwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzNEMkNGQzcwQTdENzExRUU5QjFERjFBMTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEPAwDQYJKoZIhvcNAQEL
BQADggEBAHL0h8k1b9mN0DRtd/uSoC0CgsLy65yZEwwYXPL/2caV+0HdV8wXow8G
RRqPsJtn7KX01ac1G8sa7Vzhixx00OwOy+OqeZAkdz2TONOryL7+tswgc4MHDB/L
CMwGPtLM8CGGhr+fO11raOjceMGqV+3IL/XcBJa1yHkXvnxkej/w1qad//hSPQST
kqQWW9A1XdMOOx3dtWgZPT6nsHhz6UasPXeyyxFamV3ORnaEJ+YZft6/1SwYNqJ5
DBquy0YVN9n9m+F0I+Aw2hG+AEeeOMlygQO/n3TQGE6oygFBiHT3iO8AyqtADmAP
VapdS2G4JH4AjfpDesFWl6U2dp5FWnU=
-----END CERTIFICATE-----
Generated at Mon Apr 15 14:34:11 2024 by rpki-client on console-ams.rpki-client.org