Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/EF6E21B6D7B111EE9CE92C8B775412E6.roa
File: EF6E21B6D7B111EE9CE92C8B775412E6.roa (raw, json)
Hash identifier: MapKTdFBf/UzIiQtE8XG3RmNai4LIGqmXSTbyhW85Kc=
Subject key identifier: F1:1E:B6:82:BC:98:4E:84:19:6E:7B:56:78:6C:66:37:D3:03:25:65
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1540
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/EF6E21B6D7B111EE9CE92C8B775412E6.roa
Signing time: Fri 01 Mar 2024 09:56:12 +0000
ROA not before: Fri 01 Mar 2024 09:56:09 +0000
ROA not after: Mon 02 Mar 2026 09:56:09 +0000
asID: 834
IP address blocks: 154.16.44.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Apr 2024 13:21:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5440 (0x1540)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Mar 1 09:56:09 2024 GMT
Not After : Mar 2 09:56:09 2026 GMT
Subject: CN=65e1a63c-ce5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9b:b5:7f:31:18:08:55:e9:43:99:18:85:87:
eb:34:fa:fb:0f:6c:10:70:e5:bb:ca:61:24:a4:c5:
ff:cc:e8:33:e1:ea:ef:a7:7d:87:67:74:2b:94:99:
98:03:aa:3c:0e:37:5f:0e:c6:96:be:e8:0b:c7:f5:
b9:c5:59:3a:65:ae:a6:0f:1f:99:05:44:f1:86:92:
8f:6b:af:43:8c:f0:f2:20:96:8a:dc:f3:a2:03:e5:
1a:d6:0e:7e:6c:c2:e7:3a:60:f3:ee:1a:49:19:05:
b6:57:37:6d:30:37:13:7a:49:18:54:aa:1a:21:f5:
29:85:59:04:d0:9d:39:11:2c:a8:61:03:2f:5b:8d:
dd:59:d6:9f:2c:b8:b6:2c:fb:9b:3b:20:ce:5f:4d:
09:38:bf:00:6f:5e:15:b5:dc:51:c0:44:1b:e5:af:
dc:8e:7f:34:07:e6:e1:fe:f9:31:48:fc:4d:34:04:
f0:f7:53:89:11:91:4a:81:51:b1:a3:66:ad:e3:f5:
f2:38:94:5d:df:59:ed:39:da:5b:ce:d0:55:95:43:
f4:1f:2e:ab:51:56:72:0c:d0:44:5b:f2:a2:ec:6b:
74:84:5b:b3:0b:97:5e:df:e8:30:78:2d:41:51:26:
97:49:3a:9e:72:98:6e:f2:a7:66:c0:34:e0:7e:17:
48:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:1E:B6:82:BC:98:4E:84:19:6E:7B:56:78:6C:66:37:D3:03:25:65
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/EF6E21B6D7B111EE9CE92C8B775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.44.0/24
Signature Algorithm: sha256WithRSAEncryption
77:68:d7:10:2b:c1:fc:d7:ca:91:65:86:ec:22:51:72:b6:76:
77:a6:1b:07:ed:25:09:ed:22:a8:41:56:e7:17:18:77:47:17:
36:9f:cf:09:da:14:e6:76:93:cc:a2:00:94:82:d4:a6:d5:41:
19:68:53:d6:a4:78:ab:f7:cf:e9:3a:15:8c:09:16:dc:e3:73:
6b:5e:78:b3:15:a6:c5:16:54:89:87:18:f5:56:63:3b:84:8c:
6c:30:1d:11:31:2f:d9:e7:17:25:31:1d:ba:5e:a5:23:76:fe:
7d:53:ff:39:52:9f:4f:97:03:8f:d0:99:4a:b6:6e:81:a5:bb:
59:a4:52:90:b5:3d:81:4b:7a:18:68:a1:de:95:a8:25:b9:ba:
d0:40:28:56:32:a4:aa:3a:f0:ea:e4:ed:c2:35:d9:4a:dd:f0:
fd:ac:47:1a:38:56:ce:a2:a4:ad:ee:6f:ff:15:24:96:9c:69:
ba:eb:ff:66:59:05:7c:8e:3e:e4:9a:ce:bc:36:b2:f4:3d:65:
ec:ff:20:cc:9a:cd:86:78:24:b0:b7:e4:5d:41:8f:07:dc:1b:
32:22:5a:45:43:0b:56:7a:aa:6b:dd:7c:0d:82:6e:8a:46:fa:
32:55:25:26:33:5f:96:43:98:cc:a8:a2:df:c9:1e:52:78:86:
0a:b4:9b:78
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFUAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAzMDEwOTU2MDlaFw0yNjAzMDIwOTU2MDlaMBgxFjAU
BgNVBAMTDTY1ZTFhNjNjLWNlNWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQClm7V/MRgIVelDmRiFh+s0+vsPbBBw5bvKYSSkxf/M6DPh6u+nfYdndCuU
mZgDqjwON18Oxpa+6AvH9bnFWTplrqYPH5kFRPGGko9rr0OM8PIglorc86ID5RrW
Dn5swuc6YPPuGkkZBbZXN20wNxN6SRhUqhoh9SmFWQTQnTkRLKhhAy9bjd1Z1p8s
uLYs+5s7IM5fTQk4vwBvXhW13FHARBvlr9yOfzQH5uH++TFI/E00BPD3U4kRkUqB
UbGjZq3j9fI4lF3fWe052lvO0FWVQ/QfLqtRVnIM0ERb8qLsa3SEW7MLl17f6DB4
LUFRJpdJOp5ymG7yp2bANOB+F0iBAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU8R62
gryYToQZbntWeGxmN9MDJWUwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0VGNkUyMUI2RDdCMTExRUU5Q0U5MkM4Qjc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaECwwDQYJKoZIhvcNAQEL
BQADggEBAHdo1xArwfzXypFlhuwiUXK2dnemGwftJQntIqhBVucXGHdHFzafzwna
FOZ2k8yiAJSC1KbVQRloU9akeKv3z+k6FYwJFtzjc2teeLMVpsUWVImHGPVWYzuE
jGwwHRExL9nnFyUxHbpepSN2/n1T/zlSn0+XA4/QmUq2boGlu1mkUpC1PYFLehho
od6VqCW5utBAKFYypKo68Ork7cI12Urd8P2sRxo4Vs6ipK3ub/8VJJacabrr/2ZZ
BXyOPuSazrw2svQ9Zez/IMyazYZ4JLC35F1BjwfcGzIiWkVDC1Z6qmvdfA2CbopG
+jJVJSYzX5ZDmMyoot/JHlJ4hgq0m3g=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:50:20 2025 by rpki-client