Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/921E85F03D7411EE9F1A0F494AD9E6FC.roa
File: 921E85F03D7411EE9F1A0F494AD9E6FC.roa (raw, json)
Hash identifier: KMLw5ifCKSzZUWkH71ij4Pr59Xg+ALKR+yN80Mh9Ci4=
Subject key identifier: 17:4D:83:A8:19:F0:1A:D8:0C:7D:C7:0C:AE:AE:E2:B3:13:FE:A6:D8
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1181
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/921E85F03D7411EE9F1A0F494AD9E6FC.roa
Signing time: Fri 18 Aug 2023 03:08:57 +0000
ROA not before: Fri 18 Aug 2023 03:08:54 +0000
ROA not after: Mon 18 Aug 2025 03:08:54 +0000
asID: 834
IP address blocks: 154.16.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Nov 2023 11:14:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4481 (0x1181)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Aug 18 03:08:54 2023 GMT
Not After : Aug 18 03:08:54 2025 GMT
Subject: CN=64dee0c9-dc81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:85:42:19:e3:14:e9:81:69:96:af:1f:e5:57:
df:6b:19:23:0e:8b:1b:40:38:69:d2:ff:94:55:1e:
85:73:6c:8f:d6:54:d0:15:77:a8:ae:6f:2c:ac:a8:
e0:f3:b5:54:3f:58:3e:7a:05:cd:f5:d9:10:39:25:
17:f5:de:11:82:5e:a2:68:dd:75:19:b7:17:9b:94:
68:cc:ba:e0:5f:1c:d3:d7:c2:90:2d:72:61:57:82:
21:0e:42:85:6d:b4:8f:e3:40:7e:02:da:0c:13:6b:
71:7b:9e:4d:2a:9a:fc:38:0d:44:39:d9:30:e7:0a:
d8:7b:5e:6d:74:b3:16:e8:18:94:a2:3b:39:b4:c6:
cf:6b:e0:de:5b:94:a2:bf:14:32:fa:07:00:a1:37:
99:79:a8:78:85:b2:e2:7b:4b:b8:cc:ce:bf:02:63:
c7:2c:05:8d:33:9b:ee:e8:01:fe:75:d1:83:a0:89:
20:7b:9a:ce:9c:be:dc:66:5b:0a:02:ac:e5:37:05:
4a:be:5c:85:9c:0d:8f:ba:4a:84:39:55:58:9d:78:
7d:8a:cc:d4:c9:bc:00:da:fe:fe:0e:22:66:e0:36:
ab:75:08:f5:59:b1:ba:91:68:ef:7f:c4:87:d3:38:
b1:b3:60:90:f2:59:7b:0d:0f:f7:20:b2:53:4e:36:
03:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:4D:83:A8:19:F0:1A:D8:0C:7D:C7:0C:AE:AE:E2:B3:13:FE:A6:D8
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/921E85F03D7411EE9F1A0F494AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.101.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:f4:d6:18:b3:c1:77:09:88:95:1c:c7:5f:45:4b:c4:06:82:
b5:bb:de:f5:af:cd:92:57:06:88:5a:78:5e:1c:ad:df:d3:47:
16:c2:ce:43:0c:7b:0b:6e:57:54:42:f0:14:8b:7f:23:28:24:
3e:e9:ee:63:d6:6f:43:92:95:43:51:e9:bd:6e:da:f1:96:70:
d7:cc:25:9e:0b:de:0d:a6:15:7b:da:a2:e1:3a:ab:4d:f2:06:
02:dd:27:5a:a0:18:7b:5c:25:6e:7e:fd:aa:ed:13:d2:53:35:
5b:ae:c1:f8:ae:5b:ac:db:b1:7c:fd:35:78:bf:c0:57:d4:ee:
08:fe:4a:92:5b:ad:dd:72:a7:c1:69:62:b6:8b:78:3e:be:33:
b7:18:bc:c2:69:54:05:90:4f:ef:4d:dc:20:18:5f:61:c4:99:
da:33:fa:6f:49:44:27:e1:04:96:e7:0e:ea:19:83:10:04:c6:
e3:8a:28:c7:ae:12:d9:22:68:e4:51:4a:9b:6f:0a:3b:06:09:
4d:a3:0e:c1:06:88:cf:bf:c3:ce:ed:cc:7d:a5:a0:03:05:6b:
74:55:5d:c1:67:76:23:46:8a:b3:37:f1:d1:3e:da:88:67:96:
bb:03:71:74:6b:5f:d2:42:bb:cb:63:10:f1:b1:10:77:7b:d5:
23:1c:56:fc
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEYEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA4MTgwMzA4NTRaFw0yNTA4MTgwMzA4NTRaMBgxFjAU
BgNVBAMTDTY0ZGVlMGM5LWRjODEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDghUIZ4xTpgWmWrx/lV99rGSMOixtAOGnS/5RVHoVzbI/WVNAVd6iubyys
qODztVQ/WD56Bc312RA5JRf13hGCXqJo3XUZtxeblGjMuuBfHNPXwpAtcmFXgiEO
QoVttI/jQH4C2gwTa3F7nk0qmvw4DUQ52TDnCth7Xm10sxboGJSiOzm0xs9r4N5b
lKK/FDL6BwChN5l5qHiFsuJ7S7jMzr8CY8csBY0zm+7oAf510YOgiSB7ms6cvtxm
WwoCrOU3BUq+XIWcDY+6SoQ5VVideH2KzNTJvADa/v4OImbgNqt1CPVZsbqRaO9/
xIfTOLGzYJDyWXsND/cgslNONgPJAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUF02D
qBnwGtgMfccMrq7isxP+ptgwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzkyMUU4NUYwM0Q3NDExRUU5RjFBMEY0OTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEGUwDQYJKoZIhvcNAQEL
BQADggEBAML01hizwXcJiJUcx19FS8QGgrW73vWvzZJXBohaeF4crd/TRxbCzkMM
ewtuV1RC8BSLfyMoJD7p7mPWb0OSlUNR6b1u2vGWcNfMJZ4L3g2mFXvaouE6q03y
BgLdJ1qgGHtcJW5+/artE9JTNVuuwfiuW6zbsXz9NXi/wFfU7gj+SpJbrd1yp8Fp
YraLeD6+M7cYvMJpVAWQT+9N3CAYX2HEmdoz+m9JRCfhBJbnDuoZgxAExuOKKMeu
EtkiaORRSptvCjsGCU2jDsEGiM+/w87tzH2loAMFa3RVXcFndiNGirM38dE+2ohn
lrsDcXRrX9JCu8tjEPGxEHd71SMcVvw=
-----END CERTIFICATE-----
Generated at Wed Feb 5 15:04:43 2025 by rpki-client