Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/AB8280485E0611EEB6E52C144AD9E6FC.roa
File: AB8280485E0611EEB6E52C144AD9E6FC.roa (raw, json)
Hash identifier: NQY3BydXwNSjqiNhbrkfWLDkqfk6AtXyn6HtN1P0+QE=
Subject key identifier: 2A:78:D9:FD:29:46:5B:07:54:76:DF:C1:3A:94:3D:55:52:BC:D0:4B
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1294
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/AB8280485E0611EEB6E52C144AD9E6FC.roa
Signing time: Thu 28 Sep 2023 13:55:24 +0000
ROA not before: Thu 28 Sep 2023 13:55:20 +0000
ROA not after: Sun 28 Sep 2025 13:55:20 +0000
asID: 213060
IP address blocks: 154.16.24.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Oct 2023 12:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4756 (0x1294)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Sep 28 13:55:20 2023 GMT
Not After : Sep 28 13:55:20 2025 GMT
Subject: CN=651585cb-6298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:7d:ce:b1:2b:30:53:f6:26:5f:b8:21:69:cd:
24:71:86:a6:aa:3d:e6:b8:be:9d:35:5a:cd:c3:6d:
d1:8e:22:ce:d8:92:6f:56:c8:99:d0:3d:74:bf:c1:
04:f6:53:ed:2f:a8:20:61:78:ff:f1:82:38:83:38:
c5:13:63:05:20:40:b9:55:28:14:1e:cc:9a:b3:5d:
ca:e7:18:9f:93:04:fb:7d:b9:42:de:72:d4:15:4b:
d8:91:f2:25:e8:0e:13:c9:a4:2c:f4:0b:f3:59:5b:
b4:6e:b9:16:53:ce:f6:f9:f7:22:61:a6:29:ca:74:
35:1d:0a:ad:7c:6e:04:19:39:c2:cc:b8:31:25:a3:
b9:46:b9:20:ce:0e:49:c3:18:73:54:b5:86:25:35:
83:78:e0:99:e2:25:d7:fb:2c:05:7e:c0:26:5f:8d:
c6:5d:8a:32:eb:a4:00:71:92:65:e3:99:1f:4c:8e:
3b:98:e2:9c:48:88:59:cb:d7:02:f3:76:1c:4f:af:
16:4a:6b:95:02:5a:f8:61:5f:f9:c2:aa:b4:f7:7f:
09:c3:30:1b:c1:23:1b:c0:04:03:21:40:40:83:fd:
f9:ac:5d:5b:4c:b7:95:d7:a6:2f:67:f5:2e:92:01:
4a:d6:87:4f:89:6f:51:d1:5d:f7:61:31:97:db:cf:
cf:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:78:D9:FD:29:46:5B:07:54:76:DF:C1:3A:94:3D:55:52:BC:D0:4B
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/AB8280485E0611EEB6E52C144AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.24.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:d8:03:a4:8c:17:40:0c:84:9b:71:cc:67:a5:16:b3:80:a0:
fc:58:99:7f:05:3c:67:6b:4c:0c:c9:18:6f:00:50:50:14:df:
0a:5b:26:53:37:95:c8:cb:cd:d6:00:92:dc:25:59:f9:04:01:
5c:d6:51:f7:df:61:5d:3b:88:0d:b9:51:2c:00:2c:85:ae:c0:
e8:1c:2e:c3:26:b6:fe:b4:3e:20:51:52:da:d8:0f:0d:5a:03:
7b:5d:4e:17:fa:e5:05:cd:93:20:6e:b0:d8:1f:61:1d:a8:d8:
fb:e6:b1:b7:fc:d7:35:2f:24:83:61:90:13:7d:5c:ec:36:60:
ce:0b:9e:17:b2:0b:c3:d5:6c:66:44:ef:fd:75:8a:13:55:fb:
9f:96:8b:e2:d2:e2:1f:84:e7:54:ac:b4:11:73:68:3a:73:98:
09:23:42:83:43:28:65:89:1b:a7:1f:ee:90:0f:19:88:50:68:
ff:e4:23:5d:ee:b6:1f:b0:bb:ef:87:b4:05:ca:48:40:29:36:
9a:d9:e1:13:c8:e8:e8:d7:0a:2f:57:39:13:0f:cd:28:33:0a:
76:43:55:7c:bf:3c:4b:80:aa:0d:5c:11:f2:9f:c4:7d:79:dc:
85:27:df:56:6f:1a:47:ea:eb:aa:80:b4:1b:9d:48:88:36:4a:
42:84:91:53
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEpQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA5MjgxMzU1MjBaFw0yNTA5MjgxMzU1MjBaMBgxFjAU
BgNVBAMTDTY1MTU4NWNiLTYyOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDPfc6xKzBT9iZfuCFpzSRxhqaqPea4vp01Ws3DbdGOIs7Ykm9WyJnQPXS/
wQT2U+0vqCBheP/xgjiDOMUTYwUgQLlVKBQezJqzXcrnGJ+TBPt9uULectQVS9iR
8iXoDhPJpCz0C/NZW7RuuRZTzvb59yJhpinKdDUdCq18bgQZOcLMuDElo7lGuSDO
DknDGHNUtYYlNYN44JniJdf7LAV+wCZfjcZdijLrpABxkmXjmR9MjjuY4pxIiFnL
1wLzdhxPrxZKa5UCWvhhX/nCqrT3fwnDMBvBIxvABAMhQECD/fmsXVtMt5XXpi9n
9S6SAUrWh0+Jb1HRXfdhMZfbz899AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUKnjZ
/SlGWwdUdt/BOpQ9VVK80EswHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0FCODI4MDQ4NUUwNjExRUVCNkU1MkMxNDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGaEBgwDQYJKoZIhvcNAQEL
BQADggEBABzYA6SMF0AMhJtxzGelFrOAoPxYmX8FPGdrTAzJGG8AUFAU3wpbJlM3
lcjLzdYAktwlWfkEAVzWUfffYV07iA25USwALIWuwOgcLsMmtv60PiBRUtrYDw1a
A3tdThf65QXNkyBusNgfYR2o2Pvmsbf81zUvJINhkBN9XOw2YM4LnheyC8PVbGZE
7/11ihNV+5+Wi+LS4h+E51SstBFzaDpzmAkjQoNDKGWJG6cf7pAPGYhQaP/kI13u
th+wu++HtAXKSEApNprZ4RPI6OjXCi9XORMPzSgzCnZDVXy/PEuAqg1cEfKfxH15
3IUn31ZvGkfq66qAtBudSIg2SkKEkVM=
-----END CERTIFICATE-----
Generated at Wed Feb 5 15:01:39 2025 by rpki-client