Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D25C234A305211EE954C72624AD9E6FC.roa
File: D25C234A305211EE954C72624AD9E6FC.roa (raw, json)
Hash identifier: wD+kky6xVHFjOPyDEdtk75HnDm92vc/QIaTswEUMezU=
Subject key identifier: 28:CB:CA:4E:B8:A0:C6:7F:F8:93:A0:71:9E:A1:22:29:6F:28:9B:65
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 10FE
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D25C234A305211EE954C72624AD9E6FC.roa
Signing time: Tue 01 Aug 2023 10:04:37 +0000
ROA not before: Tue 01 Aug 2023 10:04:33 +0000
ROA not after: Fri 01 Aug 2025 10:04:33 +0000
asID: 834
IP address blocks: 154.16.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Nov 2023 06:35:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4350 (0x10fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Aug 1 10:04:33 2023 GMT
Not After : Aug 1 10:04:33 2025 GMT
Subject: CN=64c8d8b5-b9a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:96:a7:ae:dc:7e:d6:41:3d:da:cd:d4:20:41:
a1:37:79:5c:f1:08:48:12:8a:ac:59:61:47:14:1e:
ff:49:90:48:c9:33:87:26:8a:28:65:25:c2:36:02:
d8:c3:3e:20:6f:92:4d:7c:46:87:2e:1c:72:4f:06:
10:4b:5f:d6:d1:83:e3:19:1f:2c:45:c4:1f:24:70:
16:c3:27:38:87:52:af:b6:6f:04:bf:b1:1f:f6:ba:
53:3b:dd:d0:41:38:6b:f8:48:57:53:ba:de:8c:32:
9f:f4:6e:57:9d:2f:42:54:69:00:3d:84:fb:0d:36:
2b:e3:85:70:d1:74:f5:bb:38:21:20:3c:fa:8b:67:
e0:81:d8:ba:43:0d:26:08:0a:40:fd:8d:85:ee:02:
50:b1:e6:c6:f6:6e:d8:9e:46:65:17:ee:25:9c:d4:
50:df:cb:21:b2:84:86:b0:23:7a:d7:9b:25:fb:3f:
31:12:4f:3c:82:4a:54:80:75:02:40:5c:7f:2b:85:
48:ed:20:b7:3d:f7:48:ec:ff:d5:93:31:9c:bd:f6:
eb:a2:00:37:69:54:c6:1d:71:92:55:4e:ae:df:27:
85:8f:2e:a5:80:a7:e8:ff:6f:37:17:6c:7b:db:b0:
28:04:55:35:00:14:d8:e1:5f:3d:d0:43:44:0f:8e:
11:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:CB:CA:4E:B8:A0:C6:7F:F8:93:A0:71:9E:A1:22:29:6F:28:9B:65
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D25C234A305211EE954C72624AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.225.0/24
Signature Algorithm: sha256WithRSAEncryption
64:fc:65:2c:8b:28:ce:62:29:98:45:31:d0:56:8a:74:85:81:
80:76:66:a7:e2:84:97:48:d0:c4:00:4d:04:f9:de:40:2b:b8:
0a:91:c4:a7:c0:64:62:7d:03:44:91:fb:89:da:98:77:bc:7f:
1e:d8:fa:dc:4d:67:de:59:e1:e1:98:ad:7b:70:a2:b2:f6:4c:
9c:ad:18:12:b4:a3:07:f5:bf:38:e9:e3:49:7d:bf:a8:31:9b:
91:3f:0e:ad:67:93:9d:d0:ee:97:5c:27:d0:29:c6:2f:5f:a7:
c0:44:05:5f:08:59:dc:05:54:86:4d:3b:ac:17:f3:ff:f2:aa:
72:09:64:70:97:f8:43:e5:67:f1:ad:ae:00:b4:5c:5d:f9:12:
bf:d7:05:20:d9:e5:a7:05:31:94:91:b1:f8:42:19:07:e8:94:
9f:33:2b:32:45:dc:0a:8c:c8:52:22:ae:82:13:c6:06:7c:30:
68:12:2e:1c:0e:5b:98:d3:63:14:a5:ed:b6:0b:8f:7b:58:8d:
c0:48:8f:4a:a5:ce:fe:3a:50:8d:4d:9d:4e:1e:bb:10:23:1c:
45:97:c8:31:0d:f0:cc:83:83:5e:d3:52:4e:f8:10:8a:9b:0f:
a9:b8:fc:76:7a:d5:5c:39:c3:f5:7c:29:ef:19:e4:da:12:46:
5e:cd:13:ba
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEP4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA4MDExMDA0MzNaFw0yNTA4MDExMDA0MzNaMBgxFjAU
BgNVBAMTDTY0YzhkOGI1LWI5YTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCmlqeu3H7WQT3azdQgQaE3eVzxCEgSiqxZYUcUHv9JkEjJM4cmiihlJcI2
AtjDPiBvkk18RocuHHJPBhBLX9bRg+MZHyxFxB8kcBbDJziHUq+2bwS/sR/2ulM7
3dBBOGv4SFdTut6MMp/0bledL0JUaQA9hPsNNivjhXDRdPW7OCEgPPqLZ+CB2LpD
DSYICkD9jYXuAlCx5sb2btieRmUX7iWc1FDfyyGyhIawI3rXmyX7PzESTzyCSlSA
dQJAXH8rhUjtILc990js/9WTMZy99uuiADdpVMYdcZJVTq7fJ4WPLqWAp+j/bzcX
bHvbsCgEVTUAFNjhXz3QQ0QPjhFPAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUKMvK
Trigxn/4k6BxnqEiKW8om2UwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0QyNUMyMzRBMzA1MjExRUU5NTRDNzI2MjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEOEwDQYJKoZIhvcNAQEL
BQADggEBAGT8ZSyLKM5iKZhFMdBWinSFgYB2ZqfihJdI0MQATQT53kAruAqRxKfA
ZGJ9A0SR+4namHe8fx7Y+txNZ95Z4eGYrXtworL2TJytGBK0owf1vzjp40l9v6gx
m5E/Dq1nk53Q7pdcJ9Apxi9fp8BEBV8IWdwFVIZNO6wX8//yqnIJZHCX+EPlZ/Gt
rgC0XF35Er/XBSDZ5acFMZSRsfhCGQfolJ8zKzJF3AqMyFIiroITxgZ8MGgSLhwO
W5jTYxSl7bYLj3tYjcBIj0qlzv46UI1NnU4euxAjHEWXyDEN8MyDg17TUk74EIqb
D6m4/HZ61Vw5w/V8Ke8Z5NoSRl7NE7o=
-----END CERTIFICATE-----
Generated at Wed Feb 5 15:00:16 2025 by rpki-client