Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/4B5F4B7A02C411EF950CB8F6007001B1.roa
File: 4B5F4B7A02C411EF950CB8F6007001B1.roa (raw, json)
Hash identifier: B3B0iH7IJWeoZgtFYIuUm5+uZ58/3c2DI2eauV5RMNQ=
Subject key identifier: 59:79:2F:16:62:3A:46:16:B5:98:E7:A4:09:79:A5:E3:80:A3:48:1E
Certificate issuer: /CN=F36A7021AF/serialNumber=4B48662004089F5BB68194AB04B830CD433A2B70
Certificate serial: 02
Authority key identifier: 4B:48:66:20:04:08:9F:5B:B6:81:94:AB:04:B8:30:CD:43:3A:2B:70
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/S0hmIAQIn1u2gZSrBLgwzUM6K3A.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/4B5F4B7A02C411EF950CB8F6007001B1.roa
Signing time: Thu 25 Apr 2024 05:25:57 +0000
ROA not before: Thu 25 Apr 2024 05:25:54 +0000
ROA not after: Tue 25 Apr 2034 05:25:54 +0000
asID: 36867
IP address blocks: 41.223.204.0/22 maxlen: 22
196.1.120.0/21 maxlen: 21
2001:42e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 25 Apr 2024 07:42:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A7021AF/serialNumber=4B48662004089F5BB68194AB04B830CD433A2B70
Validity
Not Before: Apr 25 05:25:54 2024 GMT
Not After : Apr 25 05:25:54 2034 GMT
Subject: CN=6629e965-2048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:25:b7:7a:d4:b9:f7:6d:94:8f:1e:40:38:c5:
7e:fb:e4:e2:ea:04:62:b9:3f:76:ba:58:86:03:c8:
fd:a3:57:69:3f:1c:13:8b:b5:0d:21:af:9d:7a:17:
7f:fc:62:fc:ff:38:80:3c:b8:80:c1:85:69:de:2e:
36:cf:cb:ee:91:0e:fb:05:65:e5:41:10:a3:3e:08:
12:fa:ea:bf:17:25:23:04:dc:c3:b1:be:63:56:86:
15:97:ca:64:6c:92:85:9d:37:28:f8:37:67:09:22:
73:f6:79:51:d5:bb:61:21:55:95:7a:9f:d6:88:a6:
1b:d3:b8:8e:94:82:3d:4d:69:e0:86:9f:50:fe:19:
0b:bd:f0:ea:9f:ff:2c:96:3c:45:5d:f8:08:cb:c4:
0d:b8:c0:11:4d:35:64:ce:eb:a6:5f:a5:7f:0e:30:
c7:90:5e:75:55:32:83:ba:af:6f:b5:e7:77:a2:c0:
37:b6:65:f9:3d:fe:ae:78:05:8a:76:0d:a0:07:29:
28:5a:c9:98:98:14:43:02:91:a4:7c:52:78:58:94:
19:00:aa:f7:d9:57:f5:05:d0:88:ce:31:e5:91:e0:
64:22:fb:34:39:89:dc:a3:f3:29:a0:e2:bd:e3:d7:
00:e9:f4:dd:97:09:02:e8:13:49:9c:77:2b:69:74:
8f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:79:2F:16:62:3A:46:16:B5:98:E7:A4:09:79:A5:E3:80:A3:48:1E
X509v3 Authority Key Identifier:
keyid:4B:48:66:20:04:08:9F:5B:B6:81:94:AB:04:B8:30:CD:43:3A:2B:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/S0hmIAQIn1u2gZSrBLgwzUM6K3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/S0hmIAQIn1u2gZSrBLgwzUM6K3A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A7021/E503991C02C311EFBD1277F5007001B1/4B5F4B7A02C411EF950CB8F6007001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.223.204.0/22
196.1.120.0/21
IPv6:
2001:42e0::/32
Signature Algorithm: sha256WithRSAEncryption
25:a0:8c:e1:01:28:0e:05:e6:e4:13:09:9a:e8:fe:20:6c:d0:
ae:a8:2d:56:1d:d1:aa:ed:6b:7e:2b:90:26:1d:09:6e:e5:b4:
e5:a8:e2:4a:eb:ee:0b:13:54:fe:70:c2:d7:65:59:c8:1c:2e:
eb:57:fb:bf:c5:1c:b8:96:e0:16:14:8b:92:9b:44:74:de:5e:
df:2a:50:d0:14:70:78:82:7f:02:a6:ef:22:4d:46:f4:ce:cb:
29:ca:8c:61:e7:24:a8:82:5b:22:8e:cb:b1:6c:90:d8:3d:ab:
e4:9a:99:cf:44:b1:46:1a:90:f1:c7:b5:71:b2:81:1f:d9:d3:
fd:ca:2f:ee:99:fd:b0:ff:fa:8e:e7:0a:11:17:77:9b:b9:f3:
85:b3:d3:e8:b8:01:1d:89:f3:59:70:51:c6:62:d1:08:49:2e:
e9:93:49:49:4d:c1:d8:05:74:19:ff:70:60:ff:50:17:e7:f3:
8b:bb:75:2c:7b:86:af:57:1b:79:ed:7c:79:d4:49:22:73:0d:
e9:04:13:60:8d:f1:c5:b7:a3:14:05:ad:05:5d:79:eb:0e:ab:
47:3e:f4:16:f8:7e:6a:5b:8f:92:d0:ed:d0:b8:7f:43:0b:26:
10:bf:0d:6b:4d:45:30:d1:a3:0f:1e:b9:ce:b4:cc:7e:12:d0:
c1:a9:97:41
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
NzAyMUFGMTEwLwYDVQQFEyg0QjQ4NjYyMDA0MDg5RjVCQjY4MTk0QUIwNEI4MzBD
RDQzM0EyQjcwMB4XDTI0MDQyNTA1MjU1NFoXDTM0MDQyNTA1MjU1NFowGDEWMBQG
A1UEAxMNNjYyOWU5NjUtMjA0ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMIlt3rUufdtlI8eQDjFfvvk4uoEYrk/drpYhgPI/aNXaT8cE4u1DSGvnXoX
f/xi/P84gDy4gMGFad4uNs/L7pEO+wVl5UEQoz4IEvrqvxclIwTcw7G+Y1aGFZfK
ZGyShZ03KPg3Zwkic/Z5UdW7YSFVlXqf1oimG9O4jpSCPU1p4IafUP4ZC73w6p//
LJY8RV34CMvEDbjAEU01ZM7rpl+lfw4wx5BedVUyg7qvb7Xnd6LAN7Zl+T3+rngF
inYNoAcpKFrJmJgUQwKRpHxSeFiUGQCq99lX9QXQiM4x5ZHgZCL7NDmJ3KPzKaDi
vePXAOn03ZcJAugTSZx3K2l0j68CAwEAAaOCArowggK2MB0GA1UdDgQWBBRZeS8W
YjpGFrWY56QJeaXjgKNIHjAfBgNVHSMEGDAWgBRLSGYgBAifW7aBlKsEuDDNQzor
cDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTcwMjEvRTUwMzk5MUMwMkMzMTFFRkJEMTI3N0Y1MDA3MDAxQjEvUzBobUlB
UUluMXUyZ1pTckJMZ3d6VU02SzNBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUzBobUlBUUluMXUyZ1pTckJMZ3d6VU02SzNBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QTcwMjEvRTUwMzk5MUMwMkMzMTFFRkJEMTI3N0Y1MDA3
MDAxQjEvNEI1RjRCN0EwMkM0MTFFRjk1MENCOEY2MDA3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAinfzAMEA8QBeDANBAIAAjAH
AwUAIAFC4DANBgkqhkiG9w0BAQsFAAOCAQEAJaCM4QEoDgXm5BMJmuj+IGzQrqgt
Vh3Rqu1rfiuQJh0JbuW05ajiSuvuCxNU/nDC12VZyBwu61f7v8UcuJbgFhSLkptE
dN5e3ypQ0BRweIJ/AqbvIk1G9M7LKcqMYeckqIJbIo7LsWyQ2D2r5JqZz0SxRhqQ
8ce1cbKBH9nT/cov7pn9sP/6jucKERd3m7nzhbPT6LgBHYnzWXBRxmLRCEku6ZNJ
SU3B2AV0Gf9wYP9QF+fzi7t1LHuGr1cbee18edRJInMN6QQTYI3xxbejFAWtBV15
6w6rRz70Fvh+aluPktDt0Lh/QwsmEL8Na01FMNGjDx65zrTMfhLQwamXQQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:22 2024 by rpki-client on console-ams.rpki-client.org