Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/BAFE83FAB69011ED90746AB3F1222468.roa
File: BAFE83FAB69011ED90746AB3F1222468.roa (raw, json)
Hash identifier: ip5lN+ODaWMKe7iEMo07DxSvv1RpUZn1XsXNyDCpa/U=
Subject key identifier: 77:0A:DC:30:52:C1:DB:AE:1E:B9:ED:ED:02:EE:BF:33:C0:39:29:0A
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 0C38
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/BAFE83FAB69011ED90746AB3F1222468.roa
Signing time: Mon 27 Feb 2023 11:20:25 +0000
ROA not before: Mon 27 Feb 2023 11:20:21 +0000
ROA not after: Thu 27 Feb 2025 11:20:21 +0000
asID: 61317
IP address blocks: 154.16.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Mar 2024 07:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3128 (0xc38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Feb 27 11:20:21 2023 GMT
Not After : Feb 27 11:20:21 2025 GMT
Subject: CN=63fc91f9-509f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0e:e5:07:65:e8:93:22:24:08:57:1f:b5:85:
d6:11:a3:14:eb:0c:81:57:a4:47:8a:57:13:72:28:
10:f8:33:ab:4a:b5:76:40:1f:dc:7e:53:f8:6e:8a:
79:a3:22:7e:76:43:06:5f:a2:18:77:77:85:b0:e0:
bb:a1:d8:96:5c:5c:5e:a8:73:38:80:5e:93:1f:56:
72:f0:f9:c0:de:fb:02:05:0e:3a:dd:81:06:6d:16:
cc:56:eb:eb:64:5f:8b:5e:df:a1:8d:7d:9e:40:98:
41:cb:1c:20:46:21:38:23:44:2e:4f:8d:62:b2:57:
47:af:eb:c8:0f:42:29:5e:f6:53:b6:22:f0:ae:a4:
76:f1:50:04:59:cc:54:3c:d7:d2:0b:f3:4c:2a:85:
32:b5:e3:dc:ca:04:86:0d:b4:4e:b8:d1:d5:27:a8:
3d:11:0d:dd:a3:ea:f6:7c:27:af:28:72:d2:64:67:
e9:14:98:9f:c6:7a:c6:3a:75:c3:d4:43:4c:34:39:
54:68:50:6f:28:e2:fd:9a:5d:b5:12:72:26:af:12:
d1:91:65:af:ca:18:65:54:94:f2:d5:44:ee:cd:cf:
8a:67:b7:ec:52:a2:9e:ab:2c:e7:06:7c:8e:0e:9d:
69:7f:f1:d6:a4:55:7d:89:27:f0:dc:e0:54:04:bf:
03:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:0A:DC:30:52:C1:DB:AE:1E:B9:ED:ED:02:EE:BF:33:C0:39:29:0A
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/BAFE83FAB69011ED90746AB3F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.71.0/24
Signature Algorithm: sha256WithRSAEncryption
09:74:84:82:25:be:9c:67:45:94:88:7d:a1:aa:28:8b:2f:46:
37:57:c8:30:78:ee:d2:ea:42:da:6d:50:26:ce:83:f9:84:9c:
34:8c:ca:53:32:13:91:f0:8f:f0:3d:47:80:d7:9e:db:9b:98:
b1:42:e0:ad:66:40:6f:a1:f0:34:bb:31:7e:06:21:b8:10:ae:
b6:59:65:d2:04:f6:b5:07:73:f4:56:c2:26:52:c0:c7:b2:aa:
b9:ce:71:f2:42:d9:19:37:b2:3e:86:9f:79:98:15:92:5c:d8:
3d:aa:bd:87:3f:58:78:d2:7e:99:d8:ba:58:02:fc:09:24:cb:
71:7c:c7:23:03:30:05:b6:17:21:fc:44:f9:6a:6c:f5:a2:b1:
b8:56:03:0f:cc:87:cf:f4:0f:8c:8d:ce:ca:91:33:c3:ca:aa:
7c:65:6f:d0:40:0e:34:f4:d8:ea:ea:23:bd:30:13:19:46:b4:
3f:35:79:49:54:a7:c5:3e:ea:5e:86:7b:52:d7:02:23:0f:84:
eb:4d:95:4c:07:72:3f:61:2a:c1:10:eb:cf:ee:83:c3:a8:03:
45:9d:03:49:8c:c7:84:15:16:3e:e9:2c:48:b0:15:79:05:a4:
6b:b1:e2:ef:b2:36:b3:3e:24:fe:d4:6f:bf:68:80:ce:0d:a0:
35:1c:91:48
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDDgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAyMjcxMTIwMjFaFw0yNTAyMjcxMTIwMjFaMBgxFjAU
BgNVBAMMDTYzZmM5MWY5LTUwOWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCwDuUHZeiTIiQIVx+1hdYRoxTrDIFXpEeKVxNyKBD4M6tKtXZAH9x+U/hu
inmjIn52QwZfohh3d4Ww4Luh2JZcXF6ocziAXpMfVnLw+cDe+wIFDjrdgQZtFsxW
6+tkX4te36GNfZ5AmEHLHCBGITgjRC5PjWKyV0ev68gPQile9lO2IvCupHbxUARZ
zFQ819IL80wqhTK149zKBIYNtE640dUnqD0RDd2j6vZ8J68octJkZ+kUmJ/GesY6
dcPUQ0w0OVRoUG8o4v2aXbUSciavEtGRZa/KGGVUlPLVRO7Nz4pnt+xSop6rLOcG
fI4OnWl/8dakVX2JJ/Dc4FQEvwP7AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUdwrc
MFLB264eue3tAu6/M8A5KQowHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0JBRkU4M0ZBQjY5MDExRUQ5MDc0NkFCM0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEEcwDQYJKoZIhvcNAQEL
BQADggEBAAl0hIIlvpxnRZSIfaGqKIsvRjdXyDB47tLqQtptUCbOg/mEnDSMylMy
E5Hwj/A9R4DXntubmLFC4K1mQG+h8DS7MX4GIbgQrrZZZdIE9rUHc/RWwiZSwMey
qrnOcfJC2Rk3sj6Gn3mYFZJc2D2qvYc/WHjSfpnYulgC/Akky3F8xyMDMAW2FyH8
RPlqbPWisbhWAw/Mh8/0D4yNzsqRM8PKqnxlb9BADjT02OrqI70wExlGtD81eUlU
p8U+6l6Ge1LXAiMPhOtNlUwHcj9hKsEQ68/ug8OoA0WdA0mMx4QVFj7pLEiwFXkF
pGux4u+yNrM+JP7Ub79ogM4NoDUckUg=
-----END CERTIFICATE-----
Generated at Fri Mar 1 08:14:49 2024 by rpki-client on console-ams.rpki-client.org