Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/425F626ACBDE11EFBB464F7A762E951A.roa
File: 425F626ACBDE11EFBB464F7A762E951A.roa (raw, json)
Hash identifier: UZ3RExdoFc4lBr6eLTdpHxsvGvrTfkSmF2XFu2vlENA=
Subject key identifier: AE:1C:35:AD:9C:C4:A6:39:B0:B3:69:33:11:06:CF:68:58:E6:1A:E8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F7FA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/425F626ACBDE11EFBB464F7A762E951A.roa
Signing time: Mon 06 Jan 2025 03:28:13 +0000
ROA not before: Mon 06 Jan 2025 03:28:09 +0000
ROA not after: Thu 06 Feb 2025 03:28:09 +0000
asID: 32708
IP address blocks: 156.236.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Jan 2025 10:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63482 (0xf7fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 03:28:09 2025 GMT
Not After : Feb 6 03:28:09 2025 GMT
Subject: CN=677b4dcd-e2c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:36:e3:5c:59:9f:28:2c:59:13:a9:b1:c8:47:
31:99:75:d5:a9:f0:cd:91:5e:da:42:40:4e:19:c6:
a3:9b:bb:09:1d:3a:f1:66:b9:7d:e3:8d:f3:8a:e4:
27:b1:8c:e9:8f:a1:1c:dc:97:7a:f7:84:a7:c1:a0:
b3:2a:38:fd:46:ce:2d:c9:57:c2:f4:d6:00:be:c6:
2e:5f:cb:b8:0e:ed:22:f5:b4:a3:e7:22:46:bb:f6:
88:70:68:1a:bd:5b:1c:c6:9a:37:3a:46:83:d9:b1:
f5:c6:bd:1d:ed:57:2d:b3:f3:7e:91:8c:39:9d:ff:
72:b7:d3:1f:21:9a:e2:2a:a6:04:a1:8c:a2:5b:47:
a0:47:1c:d3:de:8d:8c:dd:73:09:b4:97:4b:7a:3b:
1b:70:de:eb:c0:59:7f:d2:76:44:76:49:15:32:9c:
b5:7f:f1:43:fa:f1:62:26:a0:14:0c:8c:71:19:e8:
d6:50:d3:c6:64:5a:1c:5a:b3:1f:c3:11:01:48:69:
4a:4d:a2:ec:a1:7b:3a:06:c2:ea:a6:0d:e5:58:fe:
86:9d:6d:90:86:f3:ab:b2:82:6d:45:ba:06:3e:c9:
49:27:d3:65:1d:19:b5:54:83:bb:4a:4f:c5:35:e9:
e4:41:c4:95:ef:5d:8f:0e:77:53:57:55:cc:37:47:
12:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:1C:35:AD:9C:C4:A6:39:B0:B3:69:33:11:06:CF:68:58:E6:1A:E8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/425F626ACBDE11EFBB464F7A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.39.0/24
Signature Algorithm: sha256WithRSAEncryption
07:47:f0:46:e3:a3:77:17:02:83:d7:49:c2:17:f9:c2:f1:cb:
c6:72:21:f5:85:dc:c8:8d:1f:fc:8e:f3:08:29:a5:c4:44:98:
c3:e9:6f:15:c5:97:61:ca:0c:a5:9d:40:5e:ed:fb:f3:fb:60:
c5:dc:ae:f1:a3:95:c4:4d:06:27:d8:a1:0a:79:c2:a2:ac:e0:
db:33:8c:65:8a:fb:30:97:b7:28:4f:76:82:c9:81:de:9d:59:
c0:d4:33:e3:03:27:59:35:6a:b1:b5:83:9d:d3:dd:86:db:2c:
4a:14:09:2f:e1:b3:70:76:f5:2b:b0:4b:5a:c2:c3:2a:4d:45:
53:b6:56:14:34:f3:42:b1:c7:ed:c6:78:b6:ec:e5:77:5f:67:
2e:4d:dd:02:e4:9a:4b:a7:7a:9e:61:af:02:3d:cb:e5:08:60:
18:2d:e2:93:0f:83:e3:fd:3e:80:68:da:12:ce:a4:9b:f5:fe:
82:71:65:20:c0:52:53:00:17:25:cb:64:2c:90:16:9d:01:3c:
d8:25:06:61:cd:94:cc:81:20:25:6f:5a:61:97:51:50:4b:bc:
79:b7:81:e4:2b:f4:57:55:53:57:e5:e0:3f:a0:91:05:01:4b:
8b:0a:76:67:5a:0f:a5:97:21:b0:3d:da:86:1a:2f:c4:3e:17:
2b:f4:be:34
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPf6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDMyODA5WhcNMjUwMjA2MDMyODA5WjAYMRYw
FAYDVQQDEw02NzdiNGRjZC1lMmM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApDbjXFmfKCxZE6mxyEcxmXXVqfDNkV7aQkBOGcajm7sJHTrxZrl9443z
iuQnsYzpj6Ec3Jd694SnwaCzKjj9Rs4tyVfC9NYAvsYuX8u4Du0i9bSj5yJGu/aI
cGgavVscxpo3OkaD2bH1xr0d7Vcts/N+kYw5nf9yt9MfIZriKqYEoYyiW0egRxzT
3o2M3XMJtJdLejsbcN7rwFl/0nZEdkkVMpy1f/FD+vFiJqAUDIxxGejWUNPGZFoc
WrMfwxEBSGlKTaLsoXs6BsLqpg3lWP6GnW2QhvOrsoJtRboGPslJJ9NlHRm1VIO7
Sk/FNenkQcSV712PDndTV1XMN0cSLwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK4c
Na2cxKY5sLNpMxEGz2hY5hroMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MjVGNjI2QUNCREUxMUVGQkI0NjRGN0E3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOwnMA0GCSqGSIb3DQEBCwUA
A4IBAQAHR/BG46N3FwKD10nCF/nC8cvGciH1hdzIjR/8jvMIKaXERJjD6W8VxZdh
ygylnUBe7fvz+2DF3K7xo5XETQYn2KEKecKirODbM4xlivswl7coT3aCyYHenVnA
1DPjAydZNWqxtYOd092G2yxKFAkv4bNwdvUrsEtawsMqTUVTtlYUNPNCscftxni2
7OV3X2cuTd0C5JpLp3qeYa8CPcvlCGAYLeKTD4Pj/T6AaNoSzqSb9f6CcWUgwFJT
ABcly2QskBadATzYJQZhzZTMgSAlb1phl1FQS7x5t4HkK/RXVVNX5eA/oJEFAUuL
CnZnWg+llyGwPdqGGi/EPhcr9L40
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:56 2025 by rpki-client