Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8D4C5DB68E8411EEB181B1DF7D84E21B.roa
File: 8D4C5DB68E8411EEB181B1DF7D84E21B.roa (raw, json)
Hash identifier: 2XnniFLx3pc90kbr1ywxm400962wkgx7WwyZ3TIbff0=
Subject key identifier: 29:D3:97:1E:D0:37:94:E6:A0:64:DB:4F:E8:25:E4:D3:C6:40:39:AE
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 13AE
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8D4C5DB68E8411EEB181B1DF7D84E21B.roa
Signing time: Wed 29 Nov 2023 06:57:25 +0000
ROA not before: Wed 29 Nov 2023 06:57:22 +0000
ROA not after: Sat 29 Nov 2025 06:57:22 +0000
asID: 3356
IP address blocks: 154.16.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jul 2024 05:37:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5038 (0x13ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Nov 29 06:57:22 2023 GMT
Not After : Nov 29 06:57:22 2025 GMT
Subject: CN=6566e0d5-2134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ca:b3:1d:00:f3:1a:b7:c0:07:81:db:89:d6:
06:55:df:e5:31:34:e1:71:56:5a:05:37:a3:76:d0:
a3:0b:a4:81:83:47:d4:14:c7:2d:23:39:40:86:8c:
29:47:9f:5e:4d:c1:95:9c:e8:14:5c:71:a8:70:b2:
a8:84:a9:b3:4a:db:61:3b:c2:3b:f1:de:92:d5:e9:
4f:b9:cd:13:9b:6c:a8:e6:f5:85:25:52:4f:35:9c:
61:f8:31:ee:ad:dd:b3:66:b1:81:08:48:9b:cf:80:
e9:69:f2:70:c1:4f:15:5f:32:a7:f4:78:1c:31:43:
5e:39:03:be:01:c0:3b:f8:48:75:f6:59:2f:d9:5a:
35:f2:39:1f:ad:e1:69:28:48:dd:95:36:4a:c7:cb:
9d:0e:89:bc:f5:84:1e:4b:be:18:ad:f5:c0:bc:ee:
dd:98:31:f6:f3:e6:93:16:ed:1c:fa:b5:b8:99:f7:
d5:93:00:25:99:15:f1:34:3f:fc:a4:10:ad:61:75:
08:8f:f9:7e:61:89:d1:e5:c5:5c:13:dc:e5:b9:fa:
32:d8:e2:3d:55:57:e8:fe:5d:17:b4:0a:4a:13:e4:
8e:e1:0a:f5:a9:30:38:62:e6:05:23:dc:c3:17:1b:
e5:0d:60:3e:af:20:19:88:1f:1f:f4:7c:0f:a6:88:
cd:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:D3:97:1E:D0:37:94:E6:A0:64:DB:4F:E8:25:E4:D3:C6:40:39:AE
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8D4C5DB68E8411EEB181B1DF7D84E21B.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.153.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:a6:9c:9a:34:2c:c9:15:d9:df:07:99:de:72:69:84:e5:14:
12:67:b8:f0:bc:f6:82:16:33:13:32:c2:09:80:13:dd:24:4b:
a0:80:40:bd:41:2f:06:47:c9:c6:91:65:e4:51:fd:f4:97:e6:
5c:25:1c:e1:48:1f:93:cc:7c:a1:be:81:f2:b0:e8:28:89:f2:
07:fa:26:28:70:90:a2:eb:b5:df:18:d4:60:0d:9e:47:8d:1a:
a5:4a:b4:70:0c:41:1a:a8:8a:7e:46:af:d1:74:13:a1:5f:5e:
0d:90:cb:a8:6e:8d:30:e9:9d:b9:21:35:d7:f6:d5:d9:31:c5:
77:09:22:d0:42:1f:d5:95:33:b5:3b:95:29:17:9f:e3:6d:f6:
a6:be:e8:e4:12:87:2d:7f:5d:62:0f:a1:35:d5:c5:0f:86:6c:
6a:cd:4e:30:1d:e8:5c:55:06:48:4d:61:f1:c9:f1:9d:21:d4:
03:b8:40:d3:37:84:ee:d5:08:8c:a7:e0:44:09:9f:3a:22:e3:
44:cf:0a:66:e0:45:91:11:25:c0:46:9b:85:fb:28:9f:4e:bc:
59:2f:5f:c2:1d:6f:62:0b:1b:9c:7a:37:e8:2d:26:b2:50:72:
a6:3e:e6:10:99:40:24:62:e8:23:35:92:ba:30:1f:f1:3d:76:
56:e6:7c:c6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE64wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzExMjkwNjU3MjJaFw0yNTExMjkwNjU3MjJaMBgxFjAU
BgNVBAMTDTY1NjZlMGQ1LTIxMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCyyrMdAPMat8AHgduJ1gZV3+UxNOFxVloFN6N20KMLpIGDR9QUxy0jOUCG
jClHn15NwZWc6BRccahwsqiEqbNK22E7wjvx3pLV6U+5zRObbKjm9YUlUk81nGH4
Me6t3bNmsYEISJvPgOlp8nDBTxVfMqf0eBwxQ145A74BwDv4SHX2WS/ZWjXyOR+t
4WkoSN2VNkrHy50Oibz1hB5Lvhit9cC87t2YMfbz5pMW7Rz6tbiZ99WTACWZFfE0
P/ykEK1hdQiP+X5hidHlxVwT3OW5+jLY4j1VV+j+XRe0CkoT5I7hCvWpMDhi5gUj
3MMXG+UNYD6vIBmIHx/0fA+miM1FAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUKdOX
HtA3lOagZNtP6CXk08ZAOa4wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzhENEM1REI2OEU4NDExRUVCMTgxQjFERjdEODRFMjFCLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEJkwDQYJKoZIhvcNAQEL
BQADggEBAGumnJo0LMkV2d8Hmd5yaYTlFBJnuPC89oIWMxMywgmAE90kS6CAQL1B
LwZHycaRZeRR/fSX5lwlHOFIH5PMfKG+gfKw6CiJ8gf6JihwkKLrtd8Y1GANnkeN
GqVKtHAMQRqoin5Gr9F0E6FfXg2Qy6hujTDpnbkhNdf21dkxxXcJItBCH9WVM7U7
lSkXn+Nt9qa+6OQShy1/XWIPoTXVxQ+GbGrNTjAd6FxVBkhNYfHJ8Z0h1AO4QNM3
hO7VCIyn4EQJnzoi40TPCmbgRZERJcBGm4X7KJ9OvFkvX8Idb2ILG5x6N+gtJrJQ
cqY+5hCZQCRi6CM1krowH/E9dlbmfMY=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:59:13 2025 by rpki-client