Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D8BC050CFEED11EDA539AF4C4AD9E6FC.roa
File: D8BC050CFEED11EDA539AF4C4AD9E6FC.roa (raw, json)
Hash identifier: cxFkf9j6a2bENyVZW6xgJEaBCxIwHIfnBqpPfCdRkWg=
Subject key identifier: 2D:FE:A9:DC:07:45:7C:E8:AF:67:99:77:9C:48:D7:44:E0:06:EE:9D
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 0DFA
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D8BC050CFEED11EDA539AF4C4AD9E6FC.roa
Signing time: Tue 30 May 2023 13:28:22 +0000
ROA not before: Tue 30 May 2023 13:28:17 +0000
ROA not after: Sat 31 May 2025 13:28:17 +0000
asID: 61317
IP address blocks: 154.16.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 31 Aug 2024 15:38:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3578 (0xdfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: May 30 13:28:17 2023 GMT
Not After : May 31 13:28:17 2025 GMT
Subject: CN=6475f9f5-f128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:73:20:08:d2:5d:da:cb:42:d8:ac:0f:d2:ec:
de:4f:01:f5:d0:3e:06:a9:e3:1e:0a:1d:0a:2f:4a:
f7:e4:9a:19:c1:1e:da:3c:f4:b4:92:3a:65:94:12:
6b:9d:44:f0:4e:86:1b:86:fd:ff:2e:8d:85:9e:3b:
af:cc:cb:56:15:ff:47:3d:c2:96:3c:a4:b2:64:30:
5b:63:8f:c4:22:92:7c:2a:91:e9:31:ef:cd:ae:e2:
44:76:0b:56:96:ec:24:29:9f:b5:6b:97:d3:86:4a:
d4:78:c7:97:f6:df:9b:77:68:48:5a:b9:21:b2:a3:
0a:2d:dc:c0:cf:e3:a1:07:24:e2:71:62:ca:32:5b:
aa:7f:03:b1:92:a8:90:a5:d5:55:fe:16:95:84:25:
0f:f2:fb:a4:04:ac:08:fb:42:14:16:ee:73:14:89:
1b:0e:ea:84:80:e2:46:df:71:fd:61:a8:89:0c:c4:
9b:62:28:92:42:6d:1c:64:0a:30:8c:a9:79:17:d3:
d1:d4:01:de:8e:b1:be:56:f7:54:26:cf:ab:ae:25:
9d:1c:96:11:74:74:6c:13:c6:35:d7:54:1a:16:22:
b8:34:c0:8b:26:d4:ca:83:d8:b3:47:5a:ae:8c:87:
e4:5c:49:52:bb:81:64:44:0e:c7:ea:5d:83:4a:82:
cb:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:FE:A9:DC:07:45:7C:E8:AF:67:99:77:9C:48:D7:44:E0:06:EE:9D
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D8BC050CFEED11EDA539AF4C4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.194.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:9f:09:13:d9:fa:8e:95:24:35:42:14:39:93:92:3e:d1:31:
ed:de:57:5d:23:4e:a5:bd:04:9a:af:0e:9d:f2:34:9b:81:2d:
49:b7:ee:59:21:91:ff:93:33:7b:47:b2:77:17:9c:27:3e:a3:
2a:a8:88:9b:26:f9:f4:d9:ed:ca:93:ef:66:4e:4f:74:63:7f:
d3:a2:e7:13:bd:0d:03:b4:a1:58:5a:a3:df:d4:c0:e2:aa:e4:
b4:bb:2e:26:e9:d5:c7:31:f9:d0:81:71:bd:f0:3c:f9:d4:77:
77:0a:17:75:94:f3:5c:d7:50:1a:a8:fc:35:bd:07:d4:21:14:
f9:5d:42:db:78:00:4e:4c:3d:14:55:c4:1f:33:da:f1:ce:4a:
11:7b:69:56:40:77:11:34:34:b9:92:4b:60:ea:ef:2e:38:15:
9d:ef:7f:a4:6b:2f:45:32:86:7e:7e:1f:a6:fe:67:3d:bf:ec:
bb:5e:e5:43:cb:59:7b:02:4b:ec:97:f5:ca:76:b9:2e:fe:df:
36:f7:6b:69:7e:f0:bd:b3:3d:52:5e:3c:28:05:fd:61:35:40:
c2:9a:1f:e3:66:a5:14:e0:1a:b4:5f:89:70:03:72:e9:25:99:
9d:c7:b5:7f:f0:0c:bc:f7:7a:99:7e:6f:66:fa:1a:2c:1f:25:
84:4a:8b:d1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDfowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA1MzAxMzI4MTdaFw0yNTA1MzExMzI4MTdaMBgxFjAU
BgNVBAMTDTY0NzVmOWY1LWYxMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDDcyAI0l3ay0LYrA/S7N5PAfXQPgap4x4KHQovSvfkmhnBHto89LSSOmWU
EmudRPBOhhuG/f8ujYWeO6/My1YV/0c9wpY8pLJkMFtjj8Qiknwqkekx782u4kR2
C1aW7CQpn7Vrl9OGStR4x5f235t3aEhauSGyowot3MDP46EHJOJxYsoyW6p/A7GS
qJCl1VX+FpWEJQ/y+6QErAj7QhQW7nMUiRsO6oSA4kbfcf1hqIkMxJtiKJJCbRxk
CjCMqXkX09HUAd6Osb5W91Qmz6uuJZ0clhF0dGwTxjXXVBoWIrg0wIsm1MqD2LNH
Wq6Mh+RcSVK7gWREDsfqXYNKgssLAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQULf6p
3AdFfOivZ5l3nEjXROAG7p0wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0Q4QkMwNTBDRkVFRDExRURBNTM5QUY0QzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEMIwDQYJKoZIhvcNAQEL
BQADggEBAA2fCRPZ+o6VJDVCFDmTkj7RMe3eV10jTqW9BJqvDp3yNJuBLUm37lkh
kf+TM3tHsncXnCc+oyqoiJsm+fTZ7cqT72ZOT3Rjf9Oi5xO9DQO0oVhao9/UwOKq
5LS7Libp1ccx+dCBcb3wPPnUd3cKF3WU81zXUBqo/DW9B9QhFPldQtt4AE5MPRRV
xB8z2vHOShF7aVZAdxE0NLmSS2Dq7y44FZ3vf6RrL0Uyhn5+H6b+Zz2/7Lte5UPL
WXsCS+yX9cp2uS7+3zb3a2l+8L2zPVJePCgF/WE1QMKaH+NmpRTgGrRfiXADcukl
mZ3HtX/wDLz3epl+b2b6GiwfJYRKi9E=
-----END CERTIFICATE-----
Generated at Sat Aug 31 16:28:24 2024 by rpki-client on console-ams.rpki-client.org