Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/89C20BD6FFE211ED978D20304AD9E6FC.roa
File: 89C20BD6FFE211ED978D20304AD9E6FC.roa (raw, json)
Hash identifier: W6tZEbhjjECE32ZWIM4ilXfEaZqHGDS1xp0mXm0REck=
Subject key identifier: D4:62:1B:57:5D:A9:D9:22:AB:CD:F0:3B:C6:05:E8:02:25:69:7B:1B
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 0E4C
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/89C20BD6FFE211ED978D20304AD9E6FC.roa
Signing time: Wed 31 May 2023 18:39:56 +0000
ROA not before: Wed 31 May 2023 18:39:52 +0000
ROA not after: Sat 31 May 2025 18:39:52 +0000
asID: 834
IP address blocks: 154.16.53.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Jun 2023 06:26:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3660 (0xe4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: May 31 18:39:52 2023 GMT
Not After : May 31 18:39:52 2025 GMT
Subject: CN=6477947c-dcb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:61:11:0d:74:c1:db:c4:b2:21:be:e3:b8:55:
c3:d4:32:38:02:82:46:52:f7:6d:22:3d:17:ae:c9:
0a:14:50:0a:22:ed:e9:60:66:4c:5f:99:be:46:4a:
f2:64:da:00:15:92:aa:30:56:60:6e:a9:ff:68:54:
c7:7d:7c:c9:ac:8c:6c:18:f9:9f:52:55:86:25:d1:
21:3f:6e:ef:43:34:c6:75:d3:f2:af:d2:b3:b4:ee:
c5:f2:3e:9a:fb:51:b0:ff:25:8c:e0:f6:03:b6:6f:
6d:1b:bd:39:88:f8:31:19:73:78:11:0c:1c:17:2c:
8f:ea:d3:ea:1f:de:1f:55:87:1c:12:83:d7:92:2d:
3f:b6:25:e6:59:36:9e:2e:69:2c:59:6a:37:6a:4f:
ec:fe:30:68:a1:5c:c9:79:3f:af:92:96:39:41:a2:
b1:3d:7b:b2:58:bc:7c:55:fe:a5:08:31:a8:80:d4:
66:ad:75:55:04:86:72:32:19:f6:32:f4:09:f1:85:
5f:68:15:d9:bd:30:f6:cb:75:3a:b1:61:48:b1:80:
3e:37:af:bc:d2:af:e8:20:04:b8:b3:85:32:75:4a:
f7:b6:7f:dd:0a:74:2d:47:a8:0f:48:e0:28:4e:02:
dd:b7:f3:46:3d:5c:f0:2b:96:19:5b:db:ab:d2:a4:
8b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:62:1B:57:5D:A9:D9:22:AB:CD:F0:3B:C6:05:E8:02:25:69:7B:1B
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/89C20BD6FFE211ED978D20304AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.53.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:80:d6:11:d8:a1:6e:a1:78:51:45:ac:f2:27:71:ed:1a:e5:
ab:06:a3:8b:eb:93:81:70:97:ab:70:be:d5:1e:87:69:08:3f:
17:af:45:f3:1d:f6:3c:fb:5e:a6:dd:25:8a:d3:ae:78:89:a9:
68:73:07:08:33:0f:36:e2:b4:d9:a3:ae:d4:cb:64:6f:94:5a:
79:73:c9:a1:fa:2c:2c:9d:dd:80:be:9d:71:e4:a6:e5:d8:a6:
12:84:5f:75:2f:37:54:0a:4a:33:44:35:ce:9e:a5:5e:3d:d7:
c3:a0:bd:51:4d:58:89:f8:b0:32:2b:0b:c3:4a:05:11:9d:37:
ef:d3:40:a4:2a:1b:1f:f4:b0:5b:6d:51:c5:26:65:57:29:f9:
b6:27:19:a4:f2:90:d5:2f:d7:db:06:f6:af:7e:a2:27:f4:b1:
3e:d5:b1:3e:e8:82:32:99:96:c3:da:0a:86:72:3f:a6:18:25:
94:19:24:ff:14:46:75:a8:45:fc:bc:26:32:25:2a:14:80:9e:
71:00:66:61:79:6e:86:1a:05:3f:b3:b3:f7:f1:85:25:06:99:
79:f6:2d:11:cf:b4:eb:3a:42:35:0c:c9:fd:5f:c8:60:01:f4:
f8:b2:6e:ae:97:55:dd:93:fa:ee:5b:3f:df:a5:ed:80:74:4c:
2a:0d:42:a1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDkwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA1MzExODM5NTJaFw0yNTA1MzExODM5NTJaMBgxFjAU
BgNVBAMTDTY0Nzc5NDdjLWRjYjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDAYRENdMHbxLIhvuO4VcPUMjgCgkZS920iPReuyQoUUAoi7elgZkxfmb5G
SvJk2gAVkqowVmBuqf9oVMd9fMmsjGwY+Z9SVYYl0SE/bu9DNMZ10/Kv0rO07sXy
Ppr7UbD/JYzg9gO2b20bvTmI+DEZc3gRDBwXLI/q0+of3h9VhxwSg9eSLT+2JeZZ
Np4uaSxZajdqT+z+MGihXMl5P6+SljlBorE9e7JYvHxV/qUIMaiA1GatdVUEhnIy
GfYy9AnxhV9oFdm9MPbLdTqxYUixgD43r7zSr+ggBLizhTJ1Sve2f90KdC1HqA9I
4ChOAt2380Y9XPArlhlb26vSpIuhAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU1GIb
V12p2SKrzfA7xgXoAiVpexswHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4Lzg5QzIwQkQ2RkZFMjExRUQ5NzhEMjAzMDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEDUwDQYJKoZIhvcNAQEL
BQADggEBAB6A1hHYoW6heFFFrPInce0a5asGo4vrk4Fwl6twvtUeh2kIPxevRfMd
9jz7XqbdJYrTrniJqWhzBwgzDzbitNmjrtTLZG+UWnlzyaH6LCyd3YC+nXHkpuXY
phKEX3UvN1QKSjNENc6epV4918OgvVFNWIn4sDIrC8NKBRGdN+/TQKQqGx/0sFtt
UcUmZVcp+bYnGaTykNUv19sG9q9+oif0sT7VsT7ogjKZlsPaCoZyP6YYJZQZJP8U
RnWoRfy8JjIlKhSAnnEAZmF5boYaBT+zs/fxhSUGmXn2LRHPtOs6QjUMyf1fyGAB
9Piybq6XVd2T+u5bP9+l7YB0TCoNQqE=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:53:28 2025 by rpki-client