Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D5019D303D7411EEB792BB494AD9E6FC.roa
File: D5019D303D7411EEB792BB494AD9E6FC.roa (raw, json)
Hash identifier: Z9AvnSPwNrFcdILVPgMFA5VyyI7pu6uBTdmKo5rBsJk=
Subject key identifier: 36:96:AB:4A:B1:94:46:7C:E8:E2:7C:40:1C:B5:A5:08:7A:8D:54:FF
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1185
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D5019D303D7411EEB792BB494AD9E6FC.roa
Signing time: Fri 18 Aug 2023 03:10:49 +0000
ROA not before: Fri 18 Aug 2023 03:10:46 +0000
ROA not after: Mon 18 Aug 2025 03:10:46 +0000
asID: 834
IP address blocks: 154.16.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Nov 2023 11:15:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4485 (0x1185)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Aug 18 03:10:46 2023 GMT
Not After : Aug 18 03:10:46 2025 GMT
Subject: CN=64dee139-eb85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cf:2a:c3:40:09:14:18:c9:9f:10:43:6f:61:
c1:d2:de:6c:8c:a7:b3:15:e8:8f:25:45:54:38:b3:
07:3d:29:c8:2e:f2:c6:13:0f:51:3f:c9:c6:98:11:
7b:48:6f:a2:ac:38:c1:fc:3c:9b:34:f8:55:f2:ba:
35:f3:75:d0:c7:56:3a:e1:35:bb:56:22:e7:0f:35:
46:5b:f0:e2:d1:b6:7a:88:3b:c0:51:7d:ce:6a:a6:
bd:75:e5:63:1b:f6:06:3e:52:1f:50:e3:6f:cc:ec:
c8:1d:fa:39:a3:17:c5:91:59:9b:fd:ea:e3:dd:3b:
ee:13:d2:11:d9:83:aa:3c:15:b0:3a:a4:7b:95:04:
3a:34:1f:27:32:9a:7c:37:bb:2f:49:8c:7c:7e:04:
4f:c4:51:ab:81:d3:44:8b:76:15:ef:12:9e:c1:9f:
35:6b:01:72:89:39:bf:e3:9c:ed:0f:37:8b:f5:e2:
46:c4:f1:c4:61:0c:f8:9f:36:c5:51:98:9d:dc:95:
d8:b7:cc:02:2d:ce:56:fc:84:44:f1:6a:a1:54:d5:
de:fc:18:67:2c:c2:b7:79:93:0a:bd:2f:2b:6e:3b:
06:82:7b:f2:14:17:bd:08:01:87:0e:3b:e0:9d:bb:
15:8e:e8:53:20:74:28:3f:f9:c5:e0:93:15:69:f3:
c2:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:96:AB:4A:B1:94:46:7C:E8:E2:7C:40:1C:B5:A5:08:7A:8D:54:FF
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D5019D303D7411EEB792BB494AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.102.0/24
Signature Algorithm: sha256WithRSAEncryption
84:2a:b7:f5:34:4d:17:5e:a3:23:c6:49:42:dc:a1:e1:17:76:
3a:54:5e:60:79:fd:75:96:d6:30:66:7e:1e:8f:b0:40:e1:42:
46:00:45:7e:4c:70:59:5d:66:3d:eb:0e:12:e1:ed:47:38:1e:
6d:d0:ae:f3:87:7a:dd:fe:2e:ef:49:4a:0d:bc:e1:18:5a:55:
59:2e:b2:a0:5a:d7:f1:9d:fb:09:8e:0b:23:2e:14:dd:07:07:
2a:0c:94:1c:c3:17:a1:2b:09:3e:02:15:0b:ef:9d:10:c7:40:
b0:79:50:5c:57:c9:cf:69:c8:09:9b:ce:4f:3b:ee:b8:be:6c:
93:c3:94:74:0a:15:9a:51:6f:10:92:75:56:1b:f4:65:d8:06:
4b:a9:b0:7d:b3:67:66:24:d8:d6:cf:ab:d5:af:aa:3d:1f:8c:
93:a4:8f:c8:ff:c3:f8:b2:49:79:f8:95:e6:8f:55:7b:ee:f3:
fb:55:28:53:eb:36:9f:db:d3:5a:b3:97:3e:c0:b9:6a:04:d2:
46:7e:5b:a5:cc:6d:31:0f:20:01:64:1b:f7:3a:8f:91:12:c2:
de:82:7e:58:8e:c1:36:bd:cf:f0:78:86:9c:cf:2f:4f:10:e4:
99:a2:ee:ed:5b:06:1d:a9:e8:05:d7:2d:4f:a5:3d:5a:5a:e2:
ea:7b:2e:e2
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEYUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA4MTgwMzEwNDZaFw0yNTA4MTgwMzEwNDZaMBgxFjAU
BgNVBAMTDTY0ZGVlMTM5LWViODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDBzyrDQAkUGMmfEENvYcHS3myMp7MV6I8lRVQ4swc9Kcgu8sYTD1E/ycaY
EXtIb6KsOMH8PJs0+FXyujXzddDHVjrhNbtWIucPNUZb8OLRtnqIO8BRfc5qpr11
5WMb9gY+Uh9Q42/M7Mgd+jmjF8WRWZv96uPdO+4T0hHZg6o8FbA6pHuVBDo0Hycy
mnw3uy9JjHx+BE/EUauB00SLdhXvEp7BnzVrAXKJOb/jnO0PN4v14kbE8cRhDPif
NsVRmJ3cldi3zAItzlb8hETxaqFU1d78GGcswrd5kwq9LytuOwaCe/IUF70IAYcO
O+CduxWO6FMgdCg/+cXgkxVp88JnAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUNpar
SrGURnzo4nxAHLWlCHqNVP8wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0Q1MDE5RDMwM0Q3NDExRUVCNzkyQkI0OTRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEGYwDQYJKoZIhvcNAQEL
BQADggEBAIQqt/U0TRdeoyPGSULcoeEXdjpUXmB5/XWW1jBmfh6PsEDhQkYARX5M
cFldZj3rDhLh7Uc4Hm3QrvOHet3+Lu9JSg284RhaVVkusqBa1/Gd+wmOCyMuFN0H
ByoMlBzDF6ErCT4CFQvvnRDHQLB5UFxXyc9pyAmbzk877ri+bJPDlHQKFZpRbxCS
dVYb9GXYBkupsH2zZ2Yk2NbPq9Wvqj0fjJOkj8j/w/iySXn4leaPVXvu8/tVKFPr
Np/b01qzlz7AuWoE0kZ+W6XMbTEPIAFkG/c6j5ESwt6CfliOwTa9z/B4hpzPL08Q
5Jmi7u1bBh2p6AXXLU+lPVpa4up7LuI=
-----END CERTIFICATE-----
Generated at Wed Feb 5 15:04:54 2025 by rpki-client