Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A48271B0A61611EE94EEB32AD25BE465.roa
File: A48271B0A61611EE94EEB32AD25BE465.roa (raw, json)
Hash identifier: GdQCUKWSBMvSJjYhZJ5UnuX6mZLMBRb0x7ByFlUhel8=
Subject key identifier: 32:C7:C4:B9:40:6E:A8:2E:E3:75:5C:72:B1:AB:12:05:12:9D:28:72
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1422
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A48271B0A61611EE94EEB32AD25BE465.roa
Signing time: Fri 29 Dec 2023 06:51:07 +0000
ROA not before: Fri 29 Dec 2023 06:51:04 +0000
ROA not after: Mon 29 Dec 2025 06:51:04 +0000
asID: 3320
IP address blocks: 154.16.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 31 Dec 2023 12:19:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5154 (0x1422)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Dec 29 06:51:04 2023 GMT
Not After : Dec 29 06:51:04 2025 GMT
Subject: CN=658e6c5b-a443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:82:1b:5e:d4:1b:5c:7e:9c:c1:f4:1b:eb:99:
b0:0a:e3:e5:2a:76:e5:5a:24:ba:29:a3:3d:6b:65:
9d:fd:c8:7e:fb:78:94:9d:d9:eb:f1:32:a3:34:69:
1e:6e:aa:56:c1:9e:d7:b2:9e:f9:7a:42:b0:b3:51:
d4:4d:22:77:90:56:98:ef:5f:66:df:d7:78:11:e6:
27:ce:4f:3b:bc:9f:d2:53:cf:79:e9:b5:29:57:23:
a8:8d:3a:47:63:59:c1:a5:3e:d4:6a:8a:71:be:16:
38:c3:4e:94:2a:67:4e:1e:34:4a:f0:b2:f7:e0:29:
bd:00:3b:7e:bf:3f:df:d4:aa:8c:64:38:7b:e8:7d:
53:d7:13:05:92:e8:3b:44:95:ea:08:8a:dd:cd:a0:
bf:2d:b7:e6:86:16:c5:a7:b7:58:5a:99:c4:33:19:
30:f1:d1:a5:0c:7d:12:eb:7e:5f:f5:04:8b:53:90:
d6:4c:83:25:68:06:16:c0:bc:ea:ba:9d:54:66:5c:
8a:b7:65:61:8b:ac:fb:db:d9:35:91:30:ef:e0:36:
7d:b8:8e:9d:18:53:e8:57:48:f4:0b:de:cf:65:f3:
3f:dc:15:c7:de:d3:86:cb:90:7b:bb:ad:47:ba:07:
a4:7e:33:1b:4f:ba:af:7d:48:f6:db:2f:eb:f5:92:
7e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:C7:C4:B9:40:6E:A8:2E:E3:75:5C:72:B1:AB:12:05:12:9D:28:72
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A48271B0A61611EE94EEB32AD25BE465.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.240.0/24
Signature Algorithm: sha256WithRSAEncryption
43:08:6f:3e:41:db:b4:0c:bd:44:6d:3c:80:55:8a:49:27:28:
e0:d7:bd:58:7d:5b:a0:d1:8c:86:dd:7d:6e:e5:20:3b:41:a9:
aa:f7:5a:db:c6:9c:ca:c9:6f:47:b4:d3:0b:a6:da:51:65:29:
d7:0e:2a:e0:78:88:f8:20:4c:04:f9:5a:4b:2e:01:3a:3a:9b:
de:3e:61:60:af:2e:fb:d5:b9:19:ca:0c:ac:ec:00:dc:7e:52:
0b:2a:de:cd:7a:0c:0d:d1:54:64:db:31:9e:90:02:1c:bb:78:
d4:c1:7d:7e:fe:fa:54:2c:56:a6:b1:f3:b0:80:46:c1:30:73:
8e:b7:a5:5f:16:c1:26:91:4a:21:9b:6f:d5:5e:c8:4f:e6:10:
3a:59:a3:24:8c:28:89:5a:44:fd:7c:9d:ce:47:a3:20:01:ec:
39:1f:cb:51:48:7e:d0:e7:58:77:d7:3b:ab:00:00:94:a0:03:
20:d6:f2:b6:76:ea:71:fe:bf:89:27:91:76:25:22:2d:60:4d:
ca:d6:d8:e5:f5:06:94:32:cb:08:b6:75:dd:8a:aa:a7:de:f5:
5b:16:bd:23:2a:51:20:08:99:fe:2f:80:a4:75:83:38:ed:51:
eb:18:ab:56:a3:c6:35:21:3d:bb:59:21:aa:b1:2a:99:fa:3d:
3a:40:08:4d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFCIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzEyMjkwNjUxMDRaFw0yNTEyMjkwNjUxMDRaMBgxFjAU
BgNVBAMTDTY1OGU2YzViLWE0NDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDPghte1BtcfpzB9BvrmbAK4+UqduVaJLopoz1rZZ39yH77eJSd2evxMqM0
aR5uqlbBnteynvl6QrCzUdRNIneQVpjvX2bf13gR5ifOTzu8n9JTz3nptSlXI6iN
OkdjWcGlPtRqinG+FjjDTpQqZ04eNErwsvfgKb0AO36/P9/UqoxkOHvofVPXEwWS
6DtEleoIit3NoL8tt+aGFsWnt1hamcQzGTDx0aUMfRLrfl/1BItTkNZMgyVoBhbA
vOq6nVRmXIq3ZWGLrPvb2TWRMO/gNn24jp0YU+hXSPQL3s9l8z/cFcfe04bLkHu7
rUe6B6R+MxtPuq99SPbbL+v1kn79AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUMsfE
uUBuqC7jdVxysasSBRKdKHIwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0E0ODI3MUIwQTYxNjExRUU5NEVFQjMyQUQyNUJFNDY1LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEPAwDQYJKoZIhvcNAQEL
BQADggEBAEMIbz5B27QMvURtPIBVikknKODXvVh9W6DRjIbdfW7lIDtBqar3WtvG
nMrJb0e00wum2lFlKdcOKuB4iPggTAT5WksuATo6m94+YWCvLvvVuRnKDKzsANx+
Ugsq3s16DA3RVGTbMZ6QAhy7eNTBfX7++lQsVqax87CARsEwc463pV8WwSaRSiGb
b9VeyE/mEDpZoySMKIlaRP18nc5HoyAB7Dkfy1FIftDnWHfXO6sAAJSgAyDW8rZ2
6nH+v4knkXYlIi1gTcrW2OX1BpQyywi2dd2Kqqfe9VsWvSMqUSAImf4vgKR1gzjt
UesYq1ajxjUhPbtZIaqxKpn6PTpACE0=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:43:58 2025 by rpki-client