Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/4CE34CB6789111EE911E6E334AD9E6FC.roa
File: 4CE34CB6789111EE911E6E334AD9E6FC.roa (raw, json)
Hash identifier: DR0aK7SvvJEbV0eJmsPXS7MlBqmcWp3b86WwQw64h1I=
Subject key identifier: FA:B3:71:28:32:FB:5E:4C:42:F0:CC:E0:77:A0:10:9D:59:63:8C:4B
Certificate issuer: /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial: 0E1C
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/4CE34CB6789111EE911E6E334AD9E6FC.roa
Signing time: Wed 01 Nov 2023 08:33:15 +0000
ROA not before: Wed 01 Nov 2023 08:33:12 +0000
ROA not after: Sun 30 Nov 2025 08:33:12 +0000
asID: 400328
IP address blocks: 102.129.168.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Dec 2023 10:16:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3612 (0xe1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Validity
Not Before: Nov 1 08:33:12 2023 GMT
Not After : Nov 30 08:33:12 2025 GMT
Subject: CN=65420d4b-20e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bf:45:92:09:c7:14:f6:f0:d1:d0:61:0a:56:
f6:b8:dc:9b:15:eb:c3:d3:93:60:82:ff:0f:0c:1c:
98:33:dd:c9:30:8f:8a:b4:aa:6b:d2:04:4b:9e:06:
57:80:b2:c8:d6:cd:64:b5:df:14:3f:d3:5a:82:c3:
68:22:a7:83:8f:e3:da:e1:e5:15:89:dd:eb:d0:7b:
49:0b:12:fe:23:fd:d7:ec:aa:d4:fd:de:21:9b:83:
2b:2b:5d:b8:cb:70:c1:7f:d2:66:52:8f:a3:63:36:
a5:f7:3c:f6:ea:c1:b4:eb:c0:fd:76:d2:5c:fa:37:
28:32:64:cb:d6:eb:83:b1:24:90:73:b0:71:9c:a4:
f6:b3:90:34:66:ba:10:49:5d:c8:9e:0d:72:86:e3:
b1:5f:b0:b7:2a:60:97:3c:86:64:e6:7f:6d:24:35:
6f:2e:a1:b6:2c:4f:50:93:fd:ea:11:1a:0c:c4:cf:
99:89:44:28:aa:d5:31:0c:54:8c:a3:17:67:cc:44:
06:05:a9:ba:b2:ae:46:df:f9:e2:22:d2:8a:38:00:
55:f5:e8:14:4b:09:1f:90:9d:a3:c2:db:c3:b2:be:
5d:aa:e4:01:09:f9:e2:dd:4f:ed:b2:cc:90:a1:77:
62:a8:72:ad:64:41:ad:20:02:a6:01:0c:6c:50:00:
7c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:B3:71:28:32:FB:5E:4C:42:F0:CC:E0:77:A0:10:9D:59:63:8C:4B
X509v3 Authority Key Identifier:
keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/4CE34CB6789111EE911E6E334AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.129.168.0/24
Signature Algorithm: sha256WithRSAEncryption
27:7c:8f:a0:e3:36:0a:1e:89:a4:7e:69:a7:2d:bb:80:1a:1e:
f4:e0:90:26:20:c1:06:c5:bd:8f:f2:01:b5:da:85:94:4e:63:
86:4a:fd:5b:dc:60:53:6e:32:8b:97:89:bc:8f:d3:60:97:5f:
aa:d4:ea:24:77:a5:91:86:b2:dc:54:a5:a4:43:d4:a2:69:d9:
60:52:fe:d0:df:16:56:98:70:25:77:d9:26:c5:a4:75:ff:7e:
e6:32:4c:29:c9:1f:d5:98:e4:9f:87:bd:63:6e:b0:8c:a1:5a:
07:35:4c:6c:13:84:0d:8d:e9:8f:d1:ab:90:a8:36:44:3c:57:
61:c9:38:48:d8:1c:f8:d7:1a:50:18:fb:84:a3:0b:d8:79:06:
c1:a0:ab:f3:0a:38:68:c9:9e:b5:5d:ca:25:bb:ce:bb:fd:ed:
02:8d:db:c6:92:03:7d:4e:18:35:3c:43:e2:42:27:f8:47:39:
0d:80:6d:17:1a:04:83:c2:00:e1:21:ea:5f:9c:1f:70:00:9c:
75:64:1e:f6:15:04:4a:67:bc:11:81:a9:79:88:84:f4:36:00:
c3:04:1b:98:09:26:0c:38:2c:12:95:7c:9e:74:3e:fc:82:f9:
c7:f5:bd:0d:bd:8e:17:53:87:c2:43:01:e5:f7:24:07:24:e2:
d3:77:ab:58
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDhwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yMzExMDEwODMzMTJaFw0yNTExMzAwODMzMTJaMBgxFjAU
BgNVBAMTDTY1NDIwZDRiLTIwZTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC0v0WSCccU9vDR0GEKVva43JsV68PTk2CC/w8MHJgz3ckwj4q0qmvSBEue
BleAssjWzWS13xQ/01qCw2gip4OP49rh5RWJ3evQe0kLEv4j/dfsqtT93iGbgysr
XbjLcMF/0mZSj6NjNqX3PPbqwbTrwP120lz6NygyZMvW64OxJJBzsHGcpPazkDRm
uhBJXcieDXKG47FfsLcqYJc8hmTmf20kNW8uobYsT1CT/eoRGgzEz5mJRCiq1TEM
VIyjF2fMRAYFqbqyrkbf+eIi0oo4AFX16BRLCR+QnaPC28Oyvl2q5AEJ+eLdT+2y
zJChd2Kocq1kQa0gAqYBDGxQAHwJAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU+rNx
KDL7XkxC8Mzgd6AQnVljjEswHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4LzRDRTM0Q0I2Nzg5MTExRUU5MTFFNkUzMzRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgagwDQYJKoZIhvcNAQEL
BQADggEBACd8j6DjNgoeiaR+aactu4AaHvTgkCYgwQbFvY/yAbXahZROY4ZK/Vvc
YFNuMouXibyP02CXX6rU6iR3pZGGstxUpaRD1KJp2WBS/tDfFlaYcCV32SbFpHX/
fuYyTCnJH9WY5J+HvWNusIyhWgc1TGwThA2N6Y/Rq5CoNkQ8V2HJOEjYHPjXGlAY
+4SjC9h5BsGgq/MKOGjJnrVdyiW7zrv97QKN28aSA31OGDU8Q+JCJ/hHOQ2AbRca
BIPCAOEh6l+cH3AAnHVkHvYVBEpnvBGBqXmIhPQ2AMMEG5gJJgw4LBKVfJ50PvyC
+cf1vQ29jhdTh8JDAeX3JAck4tN3q1g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:39 2024 by rpki-client on console-ams.rpki-client.org