Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DC0C3CEADADE11EEB9DFE54D775412E6.roa
File: DC0C3CEADADE11EEB9DFE54D775412E6.roa (raw, json)
Hash identifier: AYiG7CrHmeicOJvemPBi3SLGRtBuiOu2ZfVV61pP8JY=
Subject key identifier: A4:20:AA:6C:20:F4:5C:D8:70:8A:DC:E7:5D:30:AB:65:5C:4D:B6:84
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 154A
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DC0C3CEADADE11EEB9DFE54D775412E6.roa
Signing time: Tue 05 Mar 2024 10:55:21 +0000
ROA not before: Tue 05 Mar 2024 10:55:17 +0000
ROA not after: Thu 05 Mar 2026 10:55:17 +0000
asID: 272858
IP address blocks: 154.16.208.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Mar 2024 11:19:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5450 (0x154a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Mar 5 10:55:17 2024 GMT
Not After : Mar 5 10:55:17 2026 GMT
Subject: CN=65e6fa19-ec35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9c:94:36:be:24:97:fd:95:ba:ee:17:d1:30:
7a:16:ee:01:42:f7:36:23:fe:67:ab:ee:d4:b7:96:
34:bb:ef:60:07:39:cd:02:c2:e3:6c:cc:e5:fc:7a:
53:72:61:cb:0e:47:db:0a:52:4e:90:19:a5:d3:de:
6a:5f:38:6b:cd:14:15:0a:d0:c5:ee:ab:59:86:ac:
89:80:3f:02:f6:e8:a9:9a:35:b2:e1:07:78:31:e7:
86:0c:34:ba:a2:2f:88:02:eb:4a:af:f3:11:24:6c:
d9:34:d4:c8:d9:01:c8:47:db:8b:50:d4:40:20:91:
4c:d4:9d:aa:2c:09:cc:ef:1e:eb:4f:86:48:9c:57:
92:f6:26:4e:60:34:5e:56:3e:49:4c:96:46:2f:8e:
4c:6b:6b:14:11:ed:c3:bc:29:61:0e:0d:71:95:0d:
4f:3d:e8:79:0b:3b:98:69:79:ad:01:c3:78:fa:c5:
25:22:a8:71:0e:82:08:fd:26:5c:f3:0c:f7:01:24:
71:69:27:6a:67:68:72:49:35:ef:ea:c5:8e:41:df:
cf:fc:9e:b8:9e:10:34:c8:71:3b:c3:0d:74:2c:4d:
9e:b3:28:00:61:3f:70:3c:52:f7:0c:62:5c:59:91:
ff:c0:5c:02:03:9d:db:7f:75:64:e2:3f:4a:67:63:
55:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:20:AA:6C:20:F4:5C:D8:70:8A:DC:E7:5D:30:AB:65:5C:4D:B6:84
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DC0C3CEADADE11EEB9DFE54D775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.208.0/24
Signature Algorithm: sha256WithRSAEncryption
61:0f:23:60:65:80:7c:9d:a1:54:ee:63:4c:c4:56:2f:b3:45:
c3:da:b7:e5:9c:8b:9e:7a:c3:3f:88:b1:dc:0c:42:38:8e:ac:
3a:45:76:8e:20:ad:12:fb:9b:e8:b7:22:28:06:80:33:b0:5c:
ee:51:4d:8f:8c:8a:ce:e9:c3:18:9f:58:84:36:10:bf:46:7d:
d5:3a:e1:96:eb:0d:f6:0f:f9:f2:fb:a1:ac:66:77:68:24:bf:
a8:0e:c7:fb:b8:02:80:dc:8b:a2:d3:bf:40:71:ac:6d:5b:9d:
07:32:68:62:df:79:b1:a6:3a:a2:03:89:3d:fa:6b:4e:ca:7b:
ce:8e:57:4e:92:1f:9a:2d:89:58:1e:04:9c:a8:a2:77:5e:99:
c0:da:8b:c3:3e:05:89:41:b1:36:90:64:81:a6:33:d2:5f:7d:
14:c7:cd:71:de:b9:17:d1:75:05:d2:dc:d9:89:9c:ff:81:f2:
64:36:d4:bc:47:c4:a6:3a:d3:d1:f4:bb:23:df:40:85:73:c0:
b5:72:76:96:5b:e7:6f:58:c3:aa:5f:49:c8:91:5d:7a:32:b3:
9a:4e:50:5c:ee:16:8c:19:56:26:10:ee:88:d2:0f:2f:71:66:
df:32:86:33:05:de:5a:50:69:3f:36:b3:61:24:bd:02:0e:57:
37:ff:a5:37
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFUowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAzMDUxMDU1MTdaFw0yNjAzMDUxMDU1MTdaMBgxFjAU
BgNVBAMTDTY1ZTZmYTE5LWVjMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDJnJQ2viSX/ZW67hfRMHoW7gFC9zYj/mer7tS3ljS772AHOc0CwuNszOX8
elNyYcsOR9sKUk6QGaXT3mpfOGvNFBUK0MXuq1mGrImAPwL26KmaNbLhB3gx54YM
NLqiL4gC60qv8xEkbNk01MjZAchH24tQ1EAgkUzUnaosCczvHutPhkicV5L2Jk5g
NF5WPklMlkYvjkxraxQR7cO8KWEODXGVDU896HkLO5hpea0Bw3j6xSUiqHEOggj9
JlzzDPcBJHFpJ2pnaHJJNe/qxY5B38/8nrieEDTIcTvDDXQsTZ6zKABhP3A8UvcM
YlxZkf/AXAIDndt/dWTiP0pnY1XdAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUpCCq
bCD0XNhwitznXTCrZVxNtoQwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0RDMEMzQ0VBREFERTExRUVCOURGRTU0RDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaENAwDQYJKoZIhvcNAQEL
BQADggEBAGEPI2BlgHydoVTuY0zEVi+zRcPat+Wci556wz+IsdwMQjiOrDpFdo4g
rRL7m+i3IigGgDOwXO5RTY+Mis7pwxifWIQ2EL9GfdU64ZbrDfYP+fL7oaxmd2gk
v6gOx/u4AoDci6LTv0BxrG1bnQcyaGLfebGmOqIDiT36a07Ke86OV06SH5otiVge
BJyoondemcDai8M+BYlBsTaQZIGmM9JffRTHzXHeuRfRdQXS3NmJnP+B8mQ21LxH
xKY609H0uyPfQIVzwLVydpZb529Yw6pfSciRXXoys5pOUFzuFowZViYQ7ojSDy9x
Zt8yhjMF3lpQaT82s2EkvQIOVzf/pTc=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:55:09 2025 by rpki-client