Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36AF9EE/90DED0CC0DCC11E59C25B724F8AEA228/6969AE0A9AB711EE950F2208D25BE465.roa
File: 6969AE0A9AB711EE950F2208D25BE465.roa (raw, json)
Hash identifier: fLQB4l20ndIwHcA1uA937S4jY/cDfqhxcpaNNUg4p2w=
Subject key identifier: A2:A2:C5:19:EF:B5:08:6B:0D:6D:F1:FA:60:AC:AC:D7:52:6C:5D:43
Certificate issuer: /CN=F36AF9EEAF/serialNumber=F9AADD5D45AEC3CC55B1F849E2FCCE076F3D6E34
Certificate serial: 0CAD
Authority key identifier: F9:AA:DD:5D:45:AE:C3:CC:55:B1:F8:49:E2:FC:CE:07:6F:3D:6E:34
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/-ardXUWuw8xVsfhJ4vzOB289bjQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36AF9EE/90DED0CC0DCC11E59C25B724F8AEA228/6969AE0A9AB711EE950F2208D25BE465.roa
Signing time: Thu 14 Dec 2023 19:31:43 +0000
ROA not before: Thu 14 Dec 2023 19:31:40 +0000
ROA not after: Tue 13 Dec 2033 19:31:40 +0000
asID: 37725
IP address blocks: 41.191.212.0/22 maxlen: 32
41.242.144.0/21 maxlen: 32
Validation: Failed, certificate revoked on Thu 23 May 2024 07:19:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3245 (0xcad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36AF9EEAF/serialNumber=F9AADD5D45AEC3CC55B1F849E2FCCE076F3D6E34
Validity
Not Before: Dec 14 19:31:40 2023 GMT
Not After : Dec 13 19:31:40 2033 GMT
Subject: CN=657b581f-27f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ea:49:9d:8e:b0:e6:df:42:32:e0:2f:dc:a2:
d7:4f:c0:1d:15:40:7a:e6:fb:86:a5:69:e1:ab:37:
77:8f:b7:19:2b:31:d5:5f:11:03:cd:5a:f0:63:3d:
3f:e1:af:14:e1:02:72:62:ba:2f:9c:99:60:b1:39:
e1:f6:9a:68:63:a5:3e:82:72:f4:7a:2c:39:36:67:
47:2b:f8:f1:f8:6d:80:6d:a5:54:3c:d5:d9:03:e0:
f3:fd:1f:9d:18:c6:3a:0d:e3:7f:f8:64:66:e1:65:
ff:29:94:58:e6:80:de:d4:96:a1:6c:f3:76:e2:31:
05:06:66:ea:84:1e:61:8b:9f:7c:48:b4:72:d0:31:
15:60:64:c8:88:8c:75:09:ec:99:62:b3:f8:a4:f3:
0c:7c:71:63:d1:7c:16:bd:a0:5f:77:b4:2b:e5:9a:
9a:3a:32:05:85:50:dc:59:05:bb:99:98:cf:ac:ef:
7a:5b:b4:0d:9c:c5:f4:63:d3:12:aa:92:6f:cb:c3:
ff:ab:a3:47:a4:43:c9:60:57:4f:4b:94:dc:85:a5:
7a:fe:48:36:5a:45:90:ca:dc:aa:c1:93:d3:ec:85:
82:ea:87:44:00:0c:a5:fe:85:c7:c5:5b:da:1c:41:
54:50:2e:fb:2b:c5:5f:d8:1c:b2:24:51:52:18:02:
cb:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A2:C5:19:EF:B5:08:6B:0D:6D:F1:FA:60:AC:AC:D7:52:6C:5D:43
X509v3 Authority Key Identifier:
keyid:F9:AA:DD:5D:45:AE:C3:CC:55:B1:F8:49:E2:FC:CE:07:6F:3D:6E:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36AF9EE/90DED0CC0DCC11E59C25B724F8AEA228/-ardXUWuw8xVsfhJ4vzOB289bjQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/-ardXUWuw8xVsfhJ4vzOB289bjQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36AF9EE/90DED0CC0DCC11E59C25B724F8AEA228/6969AE0A9AB711EE950F2208D25BE465.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.191.212.0/22
41.242.144.0/21
Signature Algorithm: sha256WithRSAEncryption
69:15:f7:6e:d8:38:be:c6:a0:da:80:a1:0c:e3:32:10:d1:c9:
22:4e:e5:e7:a5:91:2b:ea:22:62:b0:ec:31:13:2a:f3:d1:92:
cf:6e:e8:01:cf:c0:97:8f:27:9d:1a:52:90:59:48:96:bb:00:
29:33:0e:70:38:ab:7c:14:d2:23:52:ed:d5:02:c5:35:15:91:
32:eb:68:27:85:8c:7d:ed:d5:22:55:32:8d:e7:5e:26:b9:31:
2d:26:76:a0:01:7d:a3:21:c9:a3:54:20:45:41:ec:2a:7b:3e:
ee:08:ef:fa:46:eb:35:64:dc:2b:a0:6e:0f:18:03:b0:2f:b6:
f6:6e:07:5f:13:7d:0e:6c:07:04:af:2d:81:a6:e6:88:28:46:
a2:18:78:36:dc:a7:64:83:b6:58:97:36:6f:bf:e6:46:0f:c9:
88:61:88:96:c1:90:35:7b:e5:d1:ce:2b:aa:5e:68:49:97:9f:
bb:51:27:47:9f:db:cf:91:35:3e:27:35:34:d1:1b:fd:4e:9f:
35:44:63:83:06:8d:e6:78:cf:c2:57:2e:84:a2:6c:57:66:a0:
77:55:e9:c8:46:b2:a7:d5:ba:7c:aa:7c:5a:9b:3f:9e:69:c9:
74:9d:c2:4c:c7:c9:3e:81:b7:ce:7a:af:ba:1e:bb:4b:d0:61:
c9:47:63:fa
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICDK0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QUY5RUVBRjExMC8GA1UEBRMoRjlBQURENUQ0NUFFQzNDQzU1QjFGODQ5RTJGQ0NF
MDc2RjNENkUzNDAeFw0yMzEyMTQxOTMxNDBaFw0zMzEyMTMxOTMxNDBaMBgxFjAU
BgNVBAMTDTY1N2I1ODFmLTI3ZjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDE6kmdjrDm30Iy4C/cotdPwB0VQHrm+4alaeGrN3ePtxkrMdVfEQPNWvBj
PT/hrxThAnJiui+cmWCxOeH2mmhjpT6CcvR6LDk2Z0cr+PH4bYBtpVQ81dkD4PP9
H50YxjoN43/4ZGbhZf8plFjmgN7UlqFs83biMQUGZuqEHmGLn3xItHLQMRVgZMiI
jHUJ7Jlis/ik8wx8cWPRfBa9oF93tCvlmpo6MgWFUNxZBbuZmM+s73pbtA2cxfRj
0xKqkm/Lw/+ro0ekQ8lgV09LlNyFpXr+SDZaRZDK3KrBk9PshYLqh0QADKX+hcfF
W9ocQVRQLvsrxV/YHLIkUVIYAsu9AgMBAAGjggKrMIICpzAdBgNVHQ4EFgQUoqLF
Ge+1CGsNbfH6YKys11JsXUMwHwYDVR0jBBgwFoAU+ardXUWuw8xVsfhJ4vzOB289
bjQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkFGOUVFLzkwREVEMENDMERDQzExRTU5QzI1QjcyNEY4QUVBMjI4Ly1hcmRY
VVd1dzh4VnNmaEo0dnpPQjI4OWJqUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLy1hcmRYVVd1dzh4VnNmaEo0dnpPQjI4OWJqUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkFGOUVFLzkwREVEMENDMERDQzExRTU5QzI1QjcyNEY4
QUVBMjI4LzY5NjlBRTBBOUFCNzExRUU5NTBGMjIwOEQyNUJFNDY1LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAIpv9QDBAMp8pAwDQYJKoZI
hvcNAQELBQADggEBAGkV927YOL7GoNqAoQzjMhDRySJO5eelkSvqImKw7DETKvPR
ks9u6AHPwJePJ50aUpBZSJa7ACkzDnA4q3wU0iNS7dUCxTUVkTLraCeFjH3t1SJV
Mo3nXia5MS0mdqABfaMhyaNUIEVB7Cp7Pu4I7/pG6zVk3Cugbg8YA7AvtvZuB18T
fQ5sBwSvLYGm5ogoRqIYeDbcp2SDtliXNm+/5kYPyYhhiJbBkDV75dHOK6peaEmX
n7tRJ0ef28+RNT4nNTTRG/1OnzVEY4MGjeZ4z8JXLoSibFdmoHdV6chGsqfVunyq
fFqbP55pyXSdwkzHyT6Bt856r7oeu0vQYclHY/o=
-----END CERTIFICATE-----
Generated at Thu May 23 12:22:58 2024 by rpki-client on console-ams.rpki-client.org