Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4197FAA20AAD11EE95FF3A614AD9E6FC.roa
File: 4197FAA20AAD11EE95FF3A614AD9E6FC.roa (raw, json)
Hash identifier: 1s4FiaNJb23VA9fHxGLF7UM2oerj00RqVqd7xqGDBvI=
Subject key identifier: 09:34:96:2C:D9:F1:E3:07:68:42:C1:E4:CC:13:2E:1E:6D:17:4D:91
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 0F5B
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4197FAA20AAD11EE95FF3A614AD9E6FC.roa
Signing time: Wed 14 Jun 2023 12:16:14 +0000
ROA not before: Wed 14 Jun 2023 12:16:09 +0000
ROA not after: Thu 12 Jun 2025 12:16:09 +0000
asID: 141968
IP address blocks: 154.16.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Jul 2023 00:08:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3931 (0xf5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Jun 14 12:16:09 2023 GMT
Not After : Jun 12 12:16:09 2025 GMT
Subject: CN=6489af8e-6906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:d7:58:82:c1:a1:05:8b:94:c8:0c:b9:6a:93:
81:69:41:61:ce:1c:7c:0c:8a:67:00:7c:3b:ab:ce:
10:ae:d1:2f:52:51:f0:c1:ee:f8:50:05:df:0a:90:
ce:e3:48:a3:89:33:b9:fe:4c:5a:e8:dd:88:fc:1c:
91:3c:84:fc:1e:11:81:79:19:ae:45:d1:7b:a3:08:
21:39:f5:c9:b9:01:3e:20:19:f0:77:90:2f:4c:7e:
67:70:ce:f7:1a:d3:cd:9c:7a:04:d2:c2:33:68:cd:
d5:0f:9a:a4:80:32:ef:c6:8d:8c:97:4e:26:50:3d:
a8:d6:61:ea:9d:29:52:26:b5:ea:e3:e4:e0:96:bf:
06:a1:e5:83:da:ef:a1:27:41:5f:f4:6a:79:01:52:
d7:2d:f0:4e:71:86:ef:e1:2f:9a:b2:e7:fe:71:d7:
9c:95:b7:2f:81:7d:b9:bc:ba:7b:02:16:a6:17:86:
c6:a8:41:a7:4d:b5:7e:60:6e:8f:ca:40:f2:7b:53:
16:18:6c:44:e7:0d:40:3a:f4:f2:2e:20:fb:12:68:
f0:e9:22:b7:da:f9:1e:bc:77:32:cc:ad:0f:ea:9a:
0a:92:72:90:4d:76:fd:8d:7d:f4:42:99:80:2f:6a:
f2:dd:e3:e3:04:d8:78:53:0e:b4:6d:af:db:9f:a8:
96:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:34:96:2C:D9:F1:E3:07:68:42:C1:E4:CC:13:2E:1E:6D:17:4D:91
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4197FAA20AAD11EE95FF3A614AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.89.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:62:f0:3b:29:6a:e3:f5:84:6a:96:b0:e8:11:29:07:e7:d2:
27:47:50:a0:db:a1:83:14:76:6f:da:13:d1:12:46:2a:21:91:
93:3e:36:13:44:6e:6e:e5:f6:88:42:bd:b0:96:e5:c2:11:f1:
f9:ef:76:d2:c5:8d:89:b2:53:64:c5:8b:f1:00:99:9d:07:12:
33:26:fa:50:e6:77:9a:ac:ce:7e:19:ee:3b:b8:0b:39:86:aa:
7a:3a:52:b1:a7:d4:d7:e3:b5:2d:67:2a:f4:b2:03:c6:a6:f8:
6c:02:6b:e3:ba:49:ba:25:74:3f:1a:bd:3e:6c:89:61:91:2c:
b2:27:f7:41:17:4e:aa:49:f2:85:94:99:6f:1b:44:6b:1b:4f:
80:87:35:c0:22:7a:1b:b7:df:78:c1:bb:6e:6e:1a:32:c3:98:
88:01:2d:19:61:26:f3:a0:c6:7e:e1:3d:60:f8:cf:0a:52:9b:
ea:46:b7:c5:44:e7:20:fb:06:50:55:20:21:8c:82:30:4b:0e:
64:8f:b1:a5:28:2d:28:f9:8e:90:03:ca:08:34:9f:a1:d9:b1:
cb:a2:85:d9:29:aa:1a:3b:39:b0:80:8e:8d:e3:b6:f4:36:06:
74:92:22:ac:41:7c:1b:95:76:81:5f:fb:c7:f5:9c:5b:b6:73:
61:91:22:be
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICD1swDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA2MTQxMjE2MDlaFw0yNTA2MTIxMjE2MDlaMBgxFjAU
BgNVBAMTDTY0ODlhZjhlLTY5MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDz11iCwaEFi5TIDLlqk4FpQWHOHHwMimcAfDurzhCu0S9SUfDB7vhQBd8K
kM7jSKOJM7n+TFro3Yj8HJE8hPweEYF5Ga5F0XujCCE59cm5AT4gGfB3kC9Mfmdw
zvca082cegTSwjNozdUPmqSAMu/GjYyXTiZQPajWYeqdKVImterj5OCWvwah5YPa
76EnQV/0ankBUtct8E5xhu/hL5qy5/5x15yVty+Bfbm8unsCFqYXhsaoQadNtX5g
bo/KQPJ7UxYYbETnDUA69PIuIPsSaPDpIrfa+R68dzLMrQ/qmgqScpBNdv2NffRC
mYAvavLd4+ME2HhTDrRtr9ufqJZZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUCTSW
LNnx4wdoQsHkzBMuHm0XTZEwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzQxOTdGQUEyMEFBRDExRUU5NUZGM0E2MTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEFkwDQYJKoZIhvcNAQEL
BQADggEBAKli8DspauP1hGqWsOgRKQfn0idHUKDboYMUdm/aE9ESRiohkZM+NhNE
bm7l9ohCvbCW5cIR8fnvdtLFjYmyU2TFi/EAmZ0HEjMm+lDmd5qszn4Z7ju4CzmG
qno6UrGn1NfjtS1nKvSyA8am+GwCa+O6SboldD8avT5siWGRLLIn90EXTqpJ8oWU
mW8bRGsbT4CHNcAiehu333jBu25uGjLDmIgBLRlhJvOgxn7hPWD4zwpSm+pGt8VE
5yD7BlBVICGMgjBLDmSPsaUoLSj5jpADygg0n6HZscuihdkpqho7ObCAjo3jtvQ2
BnSSIqxBfBuVdoFf+8f1nFu2c2GRIr4=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:56:14 2025 by rpki-client