Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8B78E47CCBDD11EFA5A50976762E951A.roa
File: 8B78E47CCBDD11EFA5A50976762E951A.roa (raw, json)
Hash identifier: XZCZV+JxyieJzXfanaWpL8Wcma3J8xUALZqDNCT/Z5I=
Subject key identifier: 9A:B3:35:5E:9A:DA:D5:19:82:FD:7C:41:A4:77:0D:1C:55:6C:8E:A0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F7F6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8B78E47CCBDD11EFA5A50976762E951A.roa
Signing time: Mon 06 Jan 2025 03:23:06 +0000
ROA not before: Mon 06 Jan 2025 03:23:02 +0000
ROA not after: Thu 06 Feb 2025 03:23:02 +0000
asID: 32708
IP address blocks: 156.236.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Jan 2025 10:25:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63478 (0xf7f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 03:23:02 2025 GMT
Not After : Feb 6 03:23:02 2025 GMT
Subject: CN=677b4c9a-1fd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5b:4a:44:73:aa:b1:a4:21:82:f6:f7:6b:2d:
72:fb:15:66:69:c9:84:b7:d8:b8:98:58:24:28:b3:
42:82:a6:9d:11:8d:58:c1:df:0c:ac:6f:44:ae:d9:
a4:6c:34:aa:25:f7:1d:ac:8e:82:ac:6e:17:3f:0d:
4b:81:95:31:f9:b1:ed:95:6f:e1:f3:a6:74:b9:93:
e3:e9:87:ff:f0:1f:93:0d:bc:a6:0d:3f:04:3f:39:
d3:5a:c1:8c:2c:79:37:6d:16:f9:85:f1:1f:8d:a2:
00:d0:dc:6e:b2:e0:9d:f3:69:54:b1:66:5c:9d:6b:
ad:4e:d4:cc:19:aa:ea:39:75:4a:2b:50:80:3e:e3:
ad:34:80:aa:15:3a:7a:03:a1:60:40:25:ec:42:5c:
45:da:bb:ca:45:f4:04:74:b9:eb:97:13:f5:40:9e:
04:b8:c0:b9:5e:c1:31:75:ee:40:f6:76:88:ea:dc:
27:e2:17:4e:f1:2e:31:e3:f3:1c:d5:ea:35:95:a8:
97:55:5e:c1:25:b7:b6:d6:de:a5:65:80:e5:37:49:
31:cf:ee:2b:49:84:c8:cf:d2:4c:38:37:f1:81:a0:
27:0c:05:67:35:12:ed:4c:28:ff:b7:53:5c:48:77:
2f:a5:c6:80:39:81:67:13:07:a1:ca:f7:74:24:15:
10:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:B3:35:5E:9A:DA:D5:19:82:FD:7C:41:A4:77:0D:1C:55:6C:8E:A0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8B78E47CCBDD11EFA5A50976762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.59.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:92:5c:ae:a7:58:7d:8c:d9:63:f6:d0:66:6a:12:ae:6c:5c:
c5:85:73:64:13:25:38:59:af:af:7a:76:7a:8f:35:8c:62:0b:
82:7d:79:e3:2b:ba:c2:8c:c8:2d:03:49:b0:38:9b:15:62:13:
28:c8:34:d7:ff:5d:d5:f8:ec:f5:57:4c:29:b3:f4:db:b3:68:
98:6e:4d:8b:b4:f5:67:bd:c9:eb:f5:63:e0:25:8f:c3:64:56:
45:05:77:85:23:49:20:db:af:6e:27:f8:8c:83:77:93:40:c5:
18:9f:d6:1f:e7:a6:a5:2a:fd:72:e0:da:40:d0:93:9e:3f:c3:
3d:7b:c0:c0:93:ee:f4:58:ef:b9:9c:31:5e:7e:46:e3:ab:4e:
40:78:8a:8a:b6:e4:3d:43:44:22:df:97:dd:bf:6e:1f:f1:57:
4c:a9:d4:69:80:be:39:96:12:89:e6:58:5b:54:d5:85:57:fa:
8f:a9:c3:cb:2f:1d:3f:8b:1b:5e:eb:0d:a1:e8:92:31:09:a6:
fb:57:ba:e8:33:53:e0:5d:1d:d0:68:a5:4d:70:0c:6a:59:62:
60:93:6f:a7:29:e1:fc:e0:22:91:c2:4a:6f:bf:11:b7:e4:3e:
46:c7:d6:38:ae:a0:53:a4:36:81:b0:68:be:d2:c9:60:f9:8a:
2d:7b:b6:93
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPf2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDMyMzAyWhcNMjUwMjA2MDMyMzAyWjAYMRYw
FAYDVQQDEw02NzdiNGM5YS0xZmQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0ltKRHOqsaQhgvb3ay1y+xVmacmEt9i4mFgkKLNCgqadEY1Ywd8MrG9E
rtmkbDSqJfcdrI6CrG4XPw1LgZUx+bHtlW/h86Z0uZPj6Yf/8B+TDbymDT8EPznT
WsGMLHk3bRb5hfEfjaIA0NxusuCd82lUsWZcnWutTtTMGarqOXVKK1CAPuOtNICq
FTp6A6FgQCXsQlxF2rvKRfQEdLnrlxP1QJ4EuMC5XsExde5A9naI6twn4hdO8S4x
4/Mc1eo1laiXVV7BJbe21t6lZYDlN0kxz+4rSYTIz9JMODfxgaAnDAVnNRLtTCj/
t1NcSHcvpcaAOYFnEwehyvd0JBUQgwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJqz
NV6a2tUZgv18QaR3DRxVbI6gMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84Qjc4RTQ3Q0NCREQxMUVGQTVBNTA5NzY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOw7MA0GCSqGSIb3DQEBCwUA
A4IBAQAMklyup1h9jNlj9tBmahKubFzFhXNkEyU4Wa+venZ6jzWMYguCfXnjK7rC
jMgtA0mwOJsVYhMoyDTX/13V+Oz1V0wps/Tbs2iYbk2LtPVnvcnr9WPgJY/DZFZF
BXeFI0kg269uJ/iMg3eTQMUYn9Yf56alKv1y4NpA0JOeP8M9e8DAk+70WO+5nDFe
fkbjq05AeIqKtuQ9Q0Qi35fdv24f8VdMqdRpgL45lhKJ5lhbVNWFV/qPqcPLLx0/
ixte6w2h6JIxCab7V7roM1PgXR3QaKVNcAxqWWJgk2+nKeH84CKRwkpvvxG35D5G
x9Y4rqBTpDaBsGi+0slg+Yote7aT
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:27 2025 by rpki-client