Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/647A1B36F6A711EE89A5019E775412E6.roa
File: 647A1B36F6A711EE89A5019E775412E6.roa (raw, json)
Hash identifier: msQQ8AFTJ7/4uybtS2GWGEt7pwHoVTfrRodr+lqdeDU=
Subject key identifier: A6:4A:0B:67:B8:4E:61:9C:94:06:89:FF:B5:5C:9E:8C:ED:80:B2:4C
Certificate issuer: /CN=F369DB5EAF/serialNumber=D3E2E0BCEB61FB9C4527826E610D467699D63E14
Certificate serial: 019C
Authority key identifier: D3:E2:E0:BC:EB:61:FB:9C:45:27:82:6E:61:0D:46:76:99:D6:3E:14
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/0-LgvOth-5xFJ4JuYQ1GdpnWPhQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/647A1B36F6A711EE89A5019E775412E6.roa
Signing time: Tue 09 Apr 2024 19:28:50 +0000
ROA not before: Wed 10 Apr 2024 19:28:47 +0000
ROA not after: Fri 10 Mar 2028 19:28:47 +0000
asID: 30988
IP address blocks: 41.73.128.0/19 maxlen: 19
102.140.96.0/21 maxlen: 21
196.200.112.0/20 maxlen: 20
197.156.192.0/18 maxlen: 18
Validation: Failed, certificate revoked on Fri 12 Apr 2024 07:24:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 412 (0x19c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F369DB5EAF/serialNumber=D3E2E0BCEB61FB9C4527826E610D467699D63E14
Validity
Not Before: Apr 10 19:28:47 2024 GMT
Not After : Mar 10 19:28:47 2028 GMT
Subject: CN=661596f2-7bfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:dc:fb:5c:b5:da:7a:f7:62:1e:a5:2c:7e:a5:
33:cf:3f:a7:f6:25:3c:4c:a9:14:d0:05:d1:28:e5:
47:02:79:6a:7b:2a:1a:32:f4:d3:bd:fc:df:a1:ce:
87:0d:84:1c:19:a4:86:99:f0:be:44:b8:d7:f1:fa:
42:23:b5:15:19:91:17:43:6e:cd:f3:60:b4:a7:13:
27:e6:96:47:9e:2a:9d:b0:18:8f:dc:39:c4:08:3b:
35:37:46:38:ab:93:91:4b:4a:a9:cf:9b:a6:38:e2:
9a:aa:b6:e2:ec:50:7a:f9:1b:c8:41:33:b2:4f:43:
fe:81:96:34:35:c3:c3:94:28:6e:81:8d:65:b3:9a:
e8:a5:91:da:98:46:15:d2:be:50:a0:12:27:d4:e2:
46:f9:a4:b1:58:78:d4:fc:36:78:8e:ac:bc:25:26:
00:9f:63:3a:e7:2e:14:7c:97:e8:25:09:09:f1:da:
ca:e3:c5:46:dc:f8:34:1f:67:64:ad:c1:91:d3:02:
1f:e4:c5:df:0f:34:a5:f1:0c:09:4e:78:43:c6:1e:
b0:ef:b0:ac:75:d9:2c:2c:2a:c0:8f:20:ae:fd:f8:
ba:9c:03:57:0d:9c:11:fb:a0:a7:7d:5f:48:9f:38:
43:2c:cd:bf:4c:c4:6c:31:12:f5:74:d0:05:35:6e:
ac:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:4A:0B:67:B8:4E:61:9C:94:06:89:FF:B5:5C:9E:8C:ED:80:B2:4C
X509v3 Authority Key Identifier:
keyid:D3:E2:E0:BC:EB:61:FB:9C:45:27:82:6E:61:0D:46:76:99:D6:3E:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/0-LgvOth-5xFJ4JuYQ1GdpnWPhQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/0-LgvOth-5xFJ4JuYQ1GdpnWPhQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/647A1B36F6A711EE89A5019E775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.73.128.0/19
102.140.96.0/21
196.200.112.0/20
197.156.192.0/18
Signature Algorithm: sha256WithRSAEncryption
47:6f:78:a8:17:0e:62:fa:66:8e:9c:2a:05:3d:c0:4b:58:67:
91:81:93:7f:8b:4c:7b:03:ff:a3:7b:90:63:eb:dd:14:33:b3:
bd:33:29:f5:18:1d:27:a5:69:1f:05:a0:1e:28:cc:60:25:ce:
b0:aa:5a:e6:58:0d:6f:8b:08:40:5b:88:da:7c:e3:76:f2:71:
d9:6f:2d:11:d4:db:67:bd:8f:ff:75:a6:a5:b3:8d:6c:ed:72:
eb:48:19:12:0b:91:de:68:8f:9d:df:18:9d:35:5f:54:d6:7a:
7c:8d:32:a4:8b:4b:0a:39:99:02:76:6e:c7:c8:83:9f:12:62:
4d:f7:49:34:45:3b:1d:b2:67:8c:48:3e:6f:da:e9:57:19:8f:
9f:1f:c2:d8:61:aa:2b:8c:ef:32:73:c2:93:25:1e:c9:cf:f2:
26:23:35:d9:05:61:27:27:08:f0:26:d3:d5:73:1d:7d:58:27:
4b:10:ea:82:4f:78:da:11:07:79:19:0d:15:98:bd:9d:f6:e5:
c9:4a:2c:14:ee:9b:1c:fb:30:04:70:8e:22:f3:bc:21:bb:c7:
5a:32:47:50:b7:29:26:df:24:f9:83:5e:67:b8:29:53:da:99:
13:03:78:10:6c:7d:57:c1:e0:aa:bd:cc:48:05:3d:02:96:0d:
40:50:ac:53
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICAZwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OURCNUVBRjExMC8GA1UEBRMoRDNFMkUwQkNFQjYxRkI5QzQ1Mjc4MjZFNjEwRDQ2
NzY5OUQ2M0UxNDAeFw0yNDA0MTAxOTI4NDdaFw0yODAzMTAxOTI4NDdaMBgxFjAU
BgNVBAMTDTY2MTU5NmYyLTdiZmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDR3Ptctdp692IepSx+pTPPP6f2JTxMqRTQBdEo5UcCeWp7Khoy9NO9/N+h
zocNhBwZpIaZ8L5EuNfx+kIjtRUZkRdDbs3zYLSnEyfmlkeeKp2wGI/cOcQIOzU3
Rjirk5FLSqnPm6Y44pqqtuLsUHr5G8hBM7JPQ/6BljQ1w8OUKG6BjWWzmuilkdqY
RhXSvlCgEifU4kb5pLFYeNT8NniOrLwlJgCfYzrnLhR8l+glCQnx2srjxUbc+DQf
Z2StwZHTAh/kxd8PNKXxDAlOeEPGHrDvsKx12SwsKsCPIK79+LqcA1cNnBH7oKd9
X0ifOEMszb9MxGwxEvV00AU1bqznAgMBAAGjggK3MIICszAdBgNVHQ4EFgQUpkoL
Z7hOYZyUBon/tVyejO2AskwwHwYDVR0jBBgwFoAU0+LgvOth+5xFJ4JuYQ1GdpnW
PhQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjlEQjVFL0QxRUE1OTE0QkYzMTExRURBN0U3MTdEMEYxMjIyNDY4LzAtTGd2
T3RoLTV4Rko0SnVZUTFHZHBuV1BoUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzAtTGd2T3RoLTV4Rko0SnVZUTFHZHBuV1BoUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjlEQjVFL0QxRUE1OTE0QkYzMTExRURBN0U3MTdEMEYx
MjIyNDY4LzY0N0ExQjM2RjZBNzExRUU4OUE1MDE5RTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAUpSYADBANmjGADBATEyHAD
BAbFnMAwDQYJKoZIhvcNAQELBQADggEBAEdveKgXDmL6Zo6cKgU9wEtYZ5GBk3+L
THsD/6N7kGPr3RQzs70zKfUYHSelaR8FoB4ozGAlzrCqWuZYDW+LCEBbiNp843by
cdlvLRHU22e9j/91pqWzjWztcutIGRILkd5oj53fGJ01X1TWenyNMqSLSwo5mQJ2
bsfIg58SYk33STRFOx2yZ4xIPm/a6VcZj58fwthhqiuM7zJzwpMlHsnP8iYjNdkF
YScnCPAm09VzHX1YJ0sQ6oJPeNoRB3kZDRWYvZ325clKLBTumxz7MARwjiLzvCG7
x1oyR1C3KSbfJPmDXme4KVPamRMDeBBsfVfB4Kq9zEgFPQKWDUBQrFM=
-----END CERTIFICATE-----
Generated at Fri Apr 12 09:55:47 2024 by rpki-client on console-fra.rpki-client.org