Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4C70C5B0B43D11EDA3170FAAF1222468.roa
File: 4C70C5B0B43D11EDA3170FAAF1222468.roa (raw, json)
Hash identifier: QA2WXq1GAzgiuPruCCfMIoWxtEyo1fAZqUOzcu5jeGc=
Subject key identifier: 2A:9D:18:60:EA:BF:9C:A3:1A:CD:ED:E7:4E:FF:17:B0:48:DB:FF:71
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 0C0B
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4C70C5B0B43D11EDA3170FAAF1222468.roa
Signing time: Fri 24 Feb 2023 12:18:09 +0000
ROA not before: Fri 24 Feb 2023 12:18:05 +0000
ROA not after: Sat 22 Feb 2025 12:18:05 +0000
asID: 61317
IP address blocks: 154.16.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 May 2023 16:28:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3083 (0xc0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Feb 24 12:18:05 2023 GMT
Not After : Feb 22 12:18:05 2025 GMT
Subject: CN=63f8ab01-01e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f7:bd:54:4b:26:2d:72:24:37:74:75:98:f1:
7f:cb:2c:34:46:1e:54:62:07:1d:14:6d:7d:e5:c1:
a8:33:da:06:0f:8a:22:06:7e:3a:34:1d:20:4c:61:
f2:02:9a:4b:33:c7:ad:3a:71:17:01:22:04:aa:4d:
4e:79:69:70:60:7a:5e:1b:ae:92:42:b0:a9:f1:40:
22:99:5f:7f:8a:c0:5a:91:bb:60:3b:e9:49:59:b0:
2b:51:65:05:cc:2b:3b:a5:23:d3:3a:6c:ee:47:d8:
0b:c2:29:67:40:03:fa:f9:0b:bf:47:86:52:b0:d4:
e3:9a:48:c2:51:4b:05:63:bc:a0:a2:56:51:db:1a:
29:a6:79:bb:4f:96:49:99:95:74:c0:97:d4:be:f4:
8e:7a:dd:4b:ed:c0:f5:dd:28:a2:c3:a1:20:96:96:
bc:ab:7d:e2:e6:e4:65:ac:8c:9e:dc:94:f1:97:a2:
23:00:f4:df:7d:b9:01:ce:e2:fe:31:d6:4d:58:8e:
3c:70:da:36:05:fb:44:cc:2f:c4:a8:2d:8c:31:37:
ff:47:f6:ac:f9:35:0d:6e:af:e0:5f:0b:14:e6:ce:
ac:0c:5f:91:1a:09:06:2a:20:3b:3a:0e:c3:87:9d:
5a:e9:90:9a:c4:ac:d7:4b:5b:b5:10:37:17:60:53:
3e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:9D:18:60:EA:BF:9C:A3:1A:CD:ED:E7:4E:FF:17:B0:48:DB:FF:71
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4C70C5B0B43D11EDA3170FAAF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.43.0/24
Signature Algorithm: sha256WithRSAEncryption
46:b3:1e:7d:02:a6:bd:4a:08:31:25:8d:32:9f:54:2d:bf:51:
8c:88:62:50:79:57:57:82:41:f8:0f:0c:61:89:c9:8f:8d:50:
63:f4:30:11:ec:d3:96:6d:12:71:12:ba:aa:67:05:ea:3d:30:
6a:62:f9:59:96:87:ab:b2:6b:ff:05:2c:2e:2b:ef:2c:62:4b:
56:bf:0b:f3:7a:02:64:f1:4e:23:00:1c:c4:01:00:28:e4:d9:
3f:9a:42:aa:69:f0:3a:b1:c4:60:c1:d4:99:c9:69:4e:c3:60:
f7:94:88:9c:a2:99:19:bb:77:35:ec:b1:af:70:77:ea:09:64:
94:f5:42:89:2c:0b:44:f7:bd:f4:fe:26:73:24:45:ab:45:21:
b3:75:90:46:19:f4:f4:3f:1e:20:83:44:59:75:f0:a7:97:85:
ca:9b:4c:99:a4:fa:b2:95:e9:e6:6c:be:a2:8f:63:96:5f:65:
bb:64:bc:a1:0e:aa:76:02:e0:85:fc:ae:9e:e4:39:58:c1:47:
da:ae:e5:43:5e:88:ba:a8:af:46:7c:ab:73:2c:c7:e5:b3:38:
25:8d:eb:6a:9f:b5:2e:c3:c5:9b:ad:60:ab:a3:2b:59:1c:2a:
b8:1e:b9:44:d0:bd:73:47:fc:d4:47:07:45:5b:ac:2d:f4:59:
b7:f3:4a:7c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDAswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAyMjQxMjE4MDVaFw0yNTAyMjIxMjE4MDVaMBgxFjAU
BgNVBAMMDTYzZjhhYjAxLTAxZTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCr971USyYtciQ3dHWY8X/LLDRGHlRiBx0UbX3lwagz2gYPiiIGfjo0HSBM
YfICmkszx606cRcBIgSqTU55aXBgel4brpJCsKnxQCKZX3+KwFqRu2A76UlZsCtR
ZQXMKzulI9M6bO5H2AvCKWdAA/r5C79HhlKw1OOaSMJRSwVjvKCiVlHbGimmebtP
lkmZlXTAl9S+9I563UvtwPXdKKLDoSCWlryrfeLm5GWsjJ7clPGXoiMA9N99uQHO
4v4x1k1Yjjxw2jYF+0TML8SoLYwxN/9H9qz5NQ1ur+BfCxTmzqwMX5EaCQYqIDs6
DsOHnVrpkJrErNdLW7UQNxdgUz4NAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUKp0Y
YOq/nKMaze3nTv8XsEjb/3EwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzRDNzBDNUIwQjQzRDExRURBMzE3MEZBQUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaECswDQYJKoZIhvcNAQEL
BQADggEBAEazHn0Cpr1KCDEljTKfVC2/UYyIYlB5V1eCQfgPDGGJyY+NUGP0MBHs
05ZtEnESuqpnBeo9MGpi+VmWh6uya/8FLC4r7yxiS1a/C/N6AmTxTiMAHMQBACjk
2T+aQqpp8DqxxGDB1JnJaU7DYPeUiJyimRm7dzXssa9wd+oJZJT1QoksC0T3vfT+
JnMkRatFIbN1kEYZ9PQ/HiCDRFl18KeXhcqbTJmk+rKV6eZsvqKPY5ZfZbtkvKEO
qnYC4IX8rp7kOVjBR9qu5UNeiLqor0Z8q3Msx+WzOCWN62qftS7DxZutYKujK1kc
KrgeuUTQvXNH/NRHB0VbrC30WbfzSnw=
-----END CERTIFICATE-----
Generated at Wed Feb 5 15:03:24 2025 by rpki-client