Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A32B4D14520B11EEAD09F0564AD9E6FC.roa
File: A32B4D14520B11EEAD09F0564AD9E6FC.roa (raw, json)
Hash identifier: 6ASnWIje0ezth0xqPeonfs+/SN1ceYiK8ctNOZyUQp4=
Subject key identifier: 34:14:FC:18:A8:E6:DA:0B:4D:D4:B9:DA:A2:1E:73:C7:3C:F9:49:6C
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1219
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A32B4D14520B11EEAD09F0564AD9E6FC.roa
Signing time: Wed 13 Sep 2023 08:00:43 +0000
ROA not before: Wed 13 Sep 2023 08:00:40 +0000
ROA not after: Sat 13 Sep 2025 08:00:40 +0000
asID: 213060
IP address blocks: 154.16.24.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Sep 2023 12:22:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4633 (0x1219)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Sep 13 08:00:40 2023 GMT
Not After : Sep 13 08:00:40 2025 GMT
Subject: CN=65016c2b-75d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d1:28:85:01:4e:cb:8d:a1:04:47:65:de:0a:
c9:f1:57:fc:af:16:bc:60:95:64:44:3f:f6:11:dd:
63:84:0b:23:8c:99:a9:56:af:4a:34:d2:2b:e0:7d:
45:e1:78:50:51:ba:c6:6e:9d:51:fd:70:30:c4:05:
b9:88:d1:1a:65:e5:9e:36:3a:74:69:81:f0:bf:6a:
91:12:1b:a7:65:ea:d1:ed:7a:bf:d5:aa:f0:be:5c:
c8:4d:81:57:62:f0:74:29:47:98:8d:5c:1d:31:8b:
ed:a6:97:5e:e4:2e:0e:91:05:5c:1b:2e:3f:8b:06:
fc:7c:37:5b:43:9e:e9:48:66:7b:e5:46:83:15:1f:
b3:b5:27:e6:e4:ec:a8:f5:e3:bc:dd:34:f0:d0:16:
30:6a:f2:aa:52:cc:7b:0c:be:b4:c6:6c:02:a2:82:
e6:29:6e:42:6c:40:4f:06:8b:cd:69:8f:d5:df:76:
62:10:ab:04:22:b6:90:9e:f4:e7:e8:5d:4d:d1:46:
6b:9a:65:20:26:a2:01:3d:a0:32:77:4d:a5:31:3f:
f7:d3:2a:a1:a1:cf:39:5f:42:bb:6d:d9:64:7d:8b:
c9:8f:5b:c8:c5:c0:93:3a:f5:51:a3:67:2c:a4:76:
a6:09:1a:19:c9:72:e8:f6:7d:54:0c:78:92:fd:41:
6d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:14:FC:18:A8:E6:DA:0B:4D:D4:B9:DA:A2:1E:73:C7:3C:F9:49:6C
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A32B4D14520B11EEAD09F0564AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.24.0/23
Signature Algorithm: sha256WithRSAEncryption
58:0b:dc:29:04:b2:19:54:89:5f:b6:44:ba:59:a6:bf:49:46:
64:53:39:1c:a8:67:ab:71:cb:3a:a7:cf:d8:8a:01:f6:ec:fd:
cf:46:8f:0b:a0:7e:57:b4:b2:e5:2a:a4:9c:6c:d4:37:5a:ce:
e6:46:94:1c:e8:80:b4:d2:1b:90:70:85:65:16:9d:0f:b5:f0:
71:a7:a6:8c:73:e4:34:b8:ed:d5:c3:54:ad:13:98:af:7a:e0:
7a:90:1b:79:4d:ab:f0:ac:3d:45:15:e9:68:4a:48:ed:e8:2a:
5e:e0:9c:62:4b:2a:6e:33:37:2d:c6:26:7d:0c:cb:9b:01:db:
ca:27:31:e2:26:8d:0f:2a:23:73:98:c4:c6:51:94:49:76:50:
38:0a:d5:98:b3:a4:50:dd:1d:49:ff:5c:b0:13:87:1a:a3:59:
d6:e0:f1:e8:c1:d1:52:41:1b:a0:bc:e3:dd:58:3f:91:a8:33:
d3:a9:b4:07:33:2e:59:7d:35:83:69:2a:5b:d6:e1:bb:c6:12:
2c:b9:c6:71:3d:bd:0c:99:58:d6:49:6b:81:8d:b5:ea:06:3c:
5e:96:56:31:50:3b:4d:96:ed:65:78:f1:a3:41:fb:d3:ed:ed:
1b:ac:34:94:e1:e4:1b:f4:85:08:1b:b5:53:19:0e:6c:d0:2b:
0e:05:41:40
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEhkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA5MTMwODAwNDBaFw0yNTA5MTMwODAwNDBaMBgxFjAU
BgNVBAMTDTY1MDE2YzJiLTc1ZDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC+0SiFAU7LjaEER2XeCsnxV/yvFrxglWREP/YR3WOECyOMmalWr0o00ivg
fUXheFBRusZunVH9cDDEBbmI0Rpl5Z42OnRpgfC/apESG6dl6tHter/VqvC+XMhN
gVdi8HQpR5iNXB0xi+2ml17kLg6RBVwbLj+LBvx8N1tDnulIZnvlRoMVH7O1J+bk
7Kj147zdNPDQFjBq8qpSzHsMvrTGbAKiguYpbkJsQE8Gi81pj9XfdmIQqwQitpCe
9OfoXU3RRmuaZSAmogE9oDJ3TaUxP/fTKqGhzzlfQrtt2WR9i8mPW8jFwJM69VGj
ZyykdqYJGhnJcuj2fVQMeJL9QW3jAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUNBT8
GKjm2gtN1Lnaoh5zxzz5SWwwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0EzMkI0RDE0NTIwQjExRUVBRDA5RjA1NjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGaEBgwDQYJKoZIhvcNAQEL
BQADggEBAFgL3CkEshlUiV+2RLpZpr9JRmRTORyoZ6txyzqnz9iKAfbs/c9Gjwug
fle0suUqpJxs1DdazuZGlBzogLTSG5BwhWUWnQ+18HGnpoxz5DS47dXDVK0TmK96
4HqQG3lNq/CsPUUV6WhKSO3oKl7gnGJLKm4zNy3GJn0My5sB28onMeImjQ8qI3OY
xMZRlEl2UDgK1ZizpFDdHUn/XLAThxqjWdbg8ejB0VJBG6C8491YP5GoM9OptAcz
Lll9NYNpKlvW4bvGEiy5xnE9vQyZWNZJa4GNteoGPF6WVjFQO02W7WV48aNB+9Pt
7RusNJTh5Bv0hQgbtVMZDmzQKw4FQUA=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:41:51 2025 by rpki-client