Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B4EDE228005311EEB7B2890F4AD9E6FC.roa
File: B4EDE228005311EEB7B2890F4AD9E6FC.roa (raw, json)
Hash identifier: wFGqTZ3wQs1pv9DbRcvxcaN1EGrLJjZM/ylw+mT1Yio=
Subject key identifier: C1:9D:4C:BE:5A:81:E1:54:C3:8D:D8:BA:52:9F:5A:7F:DB:10:88:C0
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 0E98
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B4EDE228005311EEB7B2890F4AD9E6FC.roa
Signing time: Thu 01 Jun 2023 08:10:01 +0000
ROA not before: Thu 01 Jun 2023 08:09:58 +0000
ROA not after: Sun 01 Jun 2025 08:09:58 +0000
asID: 834
IP address blocks: 154.16.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Jun 2023 09:43:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3736 (0xe98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Jun 1 08:09:58 2023 GMT
Not After : Jun 1 08:09:58 2025 GMT
Subject: CN=64785259-f42a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:84:28:1c:10:d7:d4:a8:64:87:a4:cd:53:b9:
12:e0:68:30:90:ad:0c:85:9b:2a:fe:92:a5:7c:1a:
e9:98:f9:4c:1b:cb:45:71:ee:6a:4e:40:89:b2:23:
c8:da:e4:9f:32:35:bc:bb:a2:08:db:f4:99:da:60:
36:60:de:71:95:40:04:47:d1:42:00:1e:07:1e:07:
7b:fd:9d:c7:d4:73:f8:64:23:33:03:82:41:a5:cc:
8a:74:b0:16:eb:63:eb:80:3b:fe:f9:c2:6e:23:c9:
68:c2:2c:5c:5a:d0:1d:81:19:87:b2:d1:b3:31:ea:
f3:e1:71:62:81:f6:5d:6a:f5:92:22:bb:8b:57:3f:
cc:1b:63:13:38:fc:f8:5a:2b:07:47:fb:81:2e:10:
e0:2a:97:87:ea:f9:68:8c:20:c1:73:ab:8f:9a:10:
72:e2:67:70:4e:c6:ae:5d:2c:a7:c0:76:4f:e0:7e:
9a:85:39:24:76:85:5d:18:2a:bc:a5:1c:1e:37:d0:
81:00:a2:42:c0:ff:a8:75:ed:f1:72:ca:77:c0:af:
2c:17:5b:51:c7:df:54:cd:47:44:a2:56:b4:7f:45:
8f:41:02:27:cb:74:11:0a:00:1e:92:a6:ed:0a:91:
b7:ec:4d:9e:c2:c3:a7:c6:a8:98:5c:ae:0a:30:8d:
a7:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:9D:4C:BE:5A:81:E1:54:C3:8D:D8:BA:52:9F:5A:7F:DB:10:88:C0
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B4EDE228005311EEB7B2890F4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.27.0/24
Signature Algorithm: sha256WithRSAEncryption
85:3a:a8:31:f8:73:f4:7f:0a:a4:3f:de:55:4e:a1:a8:fb:76:
fc:30:71:a8:c1:ea:db:fc:d2:56:84:86:2f:5b:ea:87:44:80:
8a:ab:f1:2b:8b:1b:79:86:71:14:30:a9:dc:de:6c:5f:2b:12:
53:1e:dd:22:ac:a5:09:b3:dd:f2:d3:c5:17:57:92:2b:49:94:
33:82:79:e4:86:36:77:7c:e1:60:d9:bd:da:74:63:71:1f:b6:
34:3e:e0:42:58:d2:fe:87:e8:23:16:a3:77:37:1d:ae:0c:70:
c0:34:3e:9a:03:12:b6:a9:8a:3c:f9:4c:6b:5c:d5:3a:05:0e:
c4:08:32:cb:54:33:fe:6a:db:91:54:99:a8:0b:c7:02:4f:94:
ef:24:e3:ed:33:bf:08:2d:b8:34:80:c3:e2:96:d1:46:7e:3e:
26:01:00:6b:16:e9:58:c1:9e:96:53:21:4d:ae:d1:a0:21:98:
87:e3:f0:03:be:52:e6:9b:1b:69:60:aa:ef:e7:ac:e9:12:f7:
bf:c9:64:36:d0:1f:00:0d:90:9a:cd:85:8e:ce:04:b7:06:f5:
bd:85:2f:c4:10:6d:ac:7d:26:bb:c8:7f:14:76:63:37:b8:a5:
22:f1:29:72:b5:61:07:b9:2b:a2:f1:ac:02:c7:e2:78:6f:3b:
24:ee:33:88
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDpgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA2MDEwODA5NThaFw0yNTA2MDEwODA5NThaMBgxFjAU
BgNVBAMTDTY0Nzg1MjU5LWY0MmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDChCgcENfUqGSHpM1TuRLgaDCQrQyFmyr+kqV8GumY+Uwby0Vx7mpOQImy
I8ja5J8yNby7ogjb9JnaYDZg3nGVQARH0UIAHgceB3v9ncfUc/hkIzMDgkGlzIp0
sBbrY+uAO/75wm4jyWjCLFxa0B2BGYey0bMx6vPhcWKB9l1q9ZIiu4tXP8wbYxM4
/PhaKwdH+4EuEOAql4fq+WiMIMFzq4+aEHLiZ3BOxq5dLKfAdk/gfpqFOSR2hV0Y
KrylHB430IEAokLA/6h17fFyynfArywXW1HH31TNR0SiVrR/RY9BAifLdBEKAB6S
pu0KkbfsTZ7Cw6fGqJhcrgowjadXAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUwZ1M
vlqB4VTDjdi6Up9af9sQiMAwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0I0RURFMjI4MDA1MzExRUVCN0IyODkwRjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEBswDQYJKoZIhvcNAQEL
BQADggEBAIU6qDH4c/R/CqQ/3lVOoaj7dvwwcajB6tv80laEhi9b6odEgIqr8SuL
G3mGcRQwqdzebF8rElMe3SKspQmz3fLTxRdXkitJlDOCeeSGNnd84WDZvdp0Y3Ef
tjQ+4EJY0v6H6CMWo3c3Ha4McMA0PpoDErapijz5TGtc1ToFDsQIMstUM/5q25FU
magLxwJPlO8k4+0zvwgtuDSAw+KW0UZ+PiYBAGsW6VjBnpZTIU2u0aAhmIfj8AO+
UuabG2lgqu/nrOkS97/JZDbQHwANkJrNhY7OBLcG9b2FL8QQbax9JrvIfxR2Yze4
pSLxKXK1YQe5K6LxrALH4nhvOyTuM4g=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:42:54 2025 by rpki-client