Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FE2AABBE8E8411EE8FA089E07D84E21B.roa
File: FE2AABBE8E8411EE8FA089E07D84E21B.roa (raw, json)
Hash identifier: /Q97tD/vxgK6+6MH1lb13/UMmGbQboMx4PczWow72pA=
Subject key identifier: 15:68:A8:46:26:6E:21:D5:E2:5B:6B:28:91:C0:44:7B:C3:6E:32:57
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 13B4
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FE2AABBE8E8411EE8FA089E07D84E21B.roa
Signing time: Wed 29 Nov 2023 07:00:35 +0000
ROA not before: Wed 29 Nov 2023 07:00:31 +0000
ROA not after: Sat 29 Nov 2025 07:00:31 +0000
asID: 3356
IP address blocks: 154.16.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Feb 2024 12:24:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5044 (0x13b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Nov 29 07:00:31 2023 GMT
Not After : Nov 29 07:00:31 2025 GMT
Subject: CN=6566e192-8898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b3:6b:ab:17:74:bd:07:3f:4d:d7:d4:2d:b6:
e7:69:af:ae:9e:95:bd:ed:cb:b9:be:24:f0:c6:51:
4b:8e:59:03:b0:78:d2:59:13:1c:a4:7e:c4:70:e1:
a6:82:61:5f:c3:15:92:f0:26:bd:19:ee:3a:f8:14:
f4:c7:d6:f7:64:57:4d:b7:9e:cc:ad:eb:ad:53:3f:
70:bf:51:d1:15:32:f1:52:93:05:cf:96:30:b1:b4:
16:b0:c2:ba:01:67:6d:7b:2f:0e:63:f5:15:af:93:
98:48:81:69:82:48:f8:c0:1d:73:f5:6a:c9:40:24:
36:69:64:c9:78:43:02:32:b2:d8:9c:c5:c4:54:cb:
e4:43:1c:5e:ef:5c:67:f6:a0:ee:98:f2:b4:d3:96:
ff:a0:09:3c:27:da:34:cb:64:de:61:cf:72:f4:f9:
3d:b1:01:af:55:a6:6e:b3:81:08:dd:05:b4:10:f8:
fa:dd:09:b4:1a:8b:08:f9:77:09:4f:92:e3:f3:8d:
61:4e:3b:a3:ad:19:79:c4:92:2f:ad:f1:a4:3c:02:
c6:e9:c0:d4:9c:00:a3:a6:3d:63:35:ce:f5:97:fe:
67:37:94:cf:27:ab:68:e6:31:f0:61:5b:5a:11:1e:
9b:8b:7d:81:a5:8e:7a:1a:e9:d4:fb:75:80:ac:e6:
3b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:68:A8:46:26:6E:21:D5:E2:5B:6B:28:91:C0:44:7B:C3:6E:32:57
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/FE2AABBE8E8411EE8FA089E07D84E21B.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.123.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:f9:6f:18:df:2e:4d:c0:43:12:2c:b3:22:ab:27:bd:84:88:
51:ee:f8:d0:77:4d:bc:b8:f0:fd:9f:87:ab:68:b4:5b:3b:18:
2d:9b:b5:9c:fb:1a:58:ab:ec:54:53:95:bc:30:25:1f:d6:55:
5f:4f:13:ab:66:3a:a0:16:9f:de:3a:a6:c2:96:0c:44:cd:5c:
30:78:be:ee:ac:bc:a0:1c:ec:28:04:97:b8:8e:86:61:8d:d4:
1f:ce:c4:d5:e4:2f:f4:48:58:76:f5:1e:ab:56:0d:a6:43:18:
78:78:c1:97:ec:a9:e0:5a:e1:f7:51:c0:46:86:44:3d:54:91:
82:01:55:72:92:43:c1:34:06:8e:fc:7d:4c:ba:03:af:53:bb:
d3:11:21:39:18:fc:bb:bb:6a:ff:55:3c:ef:3e:a4:e2:91:de:
4a:c8:55:c9:79:cb:db:c5:10:a9:9b:4f:43:28:96:cc:dc:0e:
16:72:86:1f:57:6c:e4:54:53:26:ba:99:5c:99:a3:0a:ce:fb:
1e:69:60:7e:f4:b3:f6:e7:49:c6:46:8c:16:52:25:a9:20:3e:
57:45:18:db:d2:7a:19:08:69:c8:fe:7a:8e:8b:d6:de:d6:14:
c5:cf:a8:7f:04:55:2a:b8:52:35:54:54:68:af:b9:b0:10:df:
d2:21:dd:ba
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE7QwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzExMjkwNzAwMzFaFw0yNTExMjkwNzAwMzFaMBgxFjAU
BgNVBAMTDTY1NjZlMTkyLTg4OTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC1s2urF3S9Bz9N19Qttudpr66elb3ty7m+JPDGUUuOWQOweNJZExykfsRw
4aaCYV/DFZLwJr0Z7jr4FPTH1vdkV023nsyt661TP3C/UdEVMvFSkwXPljCxtBaw
wroBZ217Lw5j9RWvk5hIgWmCSPjAHXP1aslAJDZpZMl4QwIysticxcRUy+RDHF7v
XGf2oO6Y8rTTlv+gCTwn2jTLZN5hz3L0+T2xAa9Vpm6zgQjdBbQQ+PrdCbQaiwj5
dwlPkuPzjWFOO6OtGXnEki+t8aQ8AsbpwNScAKOmPWM1zvWX/mc3lM8nq2jmMfBh
W1oRHpuLfYGljnoa6dT7dYCs5jtrAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUFWio
RiZuIdXiW2sokcBEe8NuMlcwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0ZFMkFBQkJFOEU4NDExRUU4RkEwODlFMDdEODRFMjFCLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEHswDQYJKoZIhvcNAQEL
BQADggEBALP5bxjfLk3AQxIssyKrJ72EiFHu+NB3Tby48P2fh6totFs7GC2btZz7
Glir7FRTlbwwJR/WVV9PE6tmOqAWn946psKWDETNXDB4vu6svKAc7CgEl7iOhmGN
1B/OxNXkL/RIWHb1HqtWDaZDGHh4wZfsqeBa4fdRwEaGRD1UkYIBVXKSQ8E0Bo78
fUy6A69Tu9MRITkY/Lu7av9VPO8+pOKR3krIVcl5y9vFEKmbT0MolszcDhZyhh9X
bORUUya6mVyZowrO+x5pYH70s/bnScZGjBZSJakgPldFGNvSehkIacj+eo6L1t7W
FMXPqH8EVSq4UjVUVGivubAQ39Ih3bo=
-----END CERTIFICATE-----
Generated at Thu Feb 15 15:57:05 2024 by rpki-client on console-ams.rpki-client.org