Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/8A85A4DEC69211EE8C2A1A56775412E6.roa
File: 8A85A4DEC69211EE8C2A1A56775412E6.roa (raw, json)
Hash identifier: 3QYE02LSR5LyxT18nRHpv7VQaq2VRPnfmNAIS2hM3/c=
Subject key identifier: 7E:36:7D:B2:59:84:EB:E6:6F:F5:53:A2:86:16:99:BD:79:CE:0B:5C
Certificate issuer: /CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Certificate serial: 0F3C
Authority key identifier: 48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/8A85A4DEC69211EE8C2A1A56775412E6.roa
Signing time: Thu 08 Feb 2024 14:58:39 +0000
ROA not before: Thu 08 Feb 2024 14:58:35 +0000
ROA not after: Sun 08 Feb 2026 14:58:35 +0000
asID: 834
IP address blocks: 102.129.168.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 07:05:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3900 (0xf3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C58D6AF/serialNumber=48A2F2C4AA4AEA39BE46BFE5F99C92629BBED8FC
Validity
Not Before: Feb 8 14:58:35 2024 GMT
Not After : Feb 8 14:58:35 2026 GMT
Subject: CN=65c4ec1f-44ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:86:c4:e4:a0:0e:2d:39:7b:40:2e:63:7c:98:
37:df:7c:06:f5:3e:a5:57:0a:15:31:dd:6b:cb:8b:
9a:4b:32:cb:33:a3:8c:3e:43:85:5a:65:46:21:1a:
fa:32:d7:9b:f1:e3:82:32:dc:27:00:cc:c9:c3:db:
4a:09:32:e0:62:37:18:68:e0:18:b4:4b:84:68:fc:
8d:cd:ad:d4:07:07:50:12:4e:8c:44:dd:f6:ab:86:
72:a3:b4:37:c4:67:3d:b3:ac:c0:ec:dc:6a:93:c8:
ec:8f:10:87:72:2e:61:72:5b:91:88:b9:52:64:21:
20:49:56:dd:aa:81:e7:13:ce:4e:6e:ae:3a:47:43:
88:eb:82:cf:14:fb:f0:37:db:b6:f5:5d:d7:1e:3f:
c8:0f:15:13:42:9f:34:82:ae:9f:e9:b8:13:2b:b7:
66:93:2a:07:ba:8b:51:d6:50:e7:5e:e6:d4:ff:7c:
72:d0:8e:5f:8a:8c:6c:ac:8d:9f:a5:c1:5c:93:e4:
f3:e9:88:fa:a7:68:74:8b:cc:aa:76:d3:fa:4f:41:
ef:a0:b4:84:21:9e:91:42:34:5e:d0:e7:6b:95:ff:
88:d4:56:3a:aa:9e:b9:f1:d1:de:9b:47:f1:08:3c:
ba:f1:13:a6:fa:93:5c:ec:1f:cf:e9:e7:01:f1:34:
6c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:36:7D:B2:59:84:EB:E6:6F:F5:53:A2:86:16:99:BD:79:CE:0B:5C
X509v3 Authority Key Identifier:
keyid:48:A2:F2:C4:AA:4A:EA:39:BE:46:BF:E5:F9:9C:92:62:9B:BE:D8:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SKLyxKpK6jm-Rr_l-ZySYpu-2Pw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C58D6/D69A4DFE731611E99133037CF8AEA228/8A85A4DEC69211EE8C2A1A56775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.129.168.0/24
Signature Algorithm: sha256WithRSAEncryption
99:c2:ed:ea:98:54:88:ce:5d:65:9b:e4:4d:a5:45:d5:be:bb:
37:57:dc:fb:13:1e:39:df:87:24:e0:a3:4c:59:26:3f:62:0c:
f6:61:33:a3:77:8d:ff:73:ce:59:c6:97:82:f0:04:99:4b:60:
91:56:2f:cd:cc:ae:91:d9:c7:6d:63:74:69:f2:12:8d:52:f8:
f8:14:18:7e:7b:95:78:1d:a3:91:c9:71:fa:40:a6:b9:00:9a:
58:f2:1c:87:97:ba:77:09:8e:b5:c1:02:05:7c:93:f4:2d:de:
b2:9f:7e:b9:ab:ba:95:cf:5d:c5:50:22:65:d7:ea:43:b7:05:
93:1d:dc:ce:6f:cc:15:62:7e:5e:13:13:05:21:2b:7f:a0:1c:
8d:d4:64:85:7f:f3:2d:96:9c:8c:88:50:9e:30:5b:b1:a0:fa:
b5:09:7b:a8:c0:1a:24:7a:50:ae:00:c9:b0:71:20:49:d0:23:
32:4b:aa:f9:11:c0:08:4b:9f:ce:4d:17:ca:f1:2d:0d:ff:38:
b4:a5:4a:a5:8a:5c:e5:80:a8:93:52:02:f9:9d:cb:53:a9:84:
ed:d4:a1:29:98:6d:a0:f4:ea:96:27:b6:29:7a:da:f7:7f:09:
2b:7e:52:ef:5c:1a:ef:aa:0b:4f:5f:9b:02:c6:32:f6:61:f2:
5f:1b:a5:7f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDzwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzU4RDZBRjExMC8GA1UEBRMoNDhBMkYyQzRBQTRBRUEzOUJFNDZCRkU1Rjk5Qzky
NjI5QkJFRDhGQzAeFw0yNDAyMDgxNDU4MzVaFw0yNjAyMDgxNDU4MzVaMBgxFjAU
BgNVBAMTDTY1YzRlYzFmLTQ0Y2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDRhsTkoA4tOXtALmN8mDfffAb1PqVXChUx3WvLi5pLMsszo4w+Q4VaZUYh
Gvoy15vx44Iy3CcAzMnD20oJMuBiNxho4Bi0S4Ro/I3NrdQHB1ASToxE3farhnKj
tDfEZz2zrMDs3GqTyOyPEIdyLmFyW5GIuVJkISBJVt2qgecTzk5urjpHQ4jrgs8U
+/A327b1XdceP8gPFRNCnzSCrp/puBMrt2aTKge6i1HWUOde5tT/fHLQjl+KjGys
jZ+lwVyT5PPpiPqnaHSLzKp20/pPQe+gtIQhnpFCNF7Q52uV/4jUVjqqnrnx0d6b
R/EIPLrxE6b6k1zsH8/p5wHxNGxTAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUfjZ9
slmE6+Zv9VOihhaZvXnOC1wwHwYDVR0jBBgwFoAUSKLyxKpK6jm+Rr/l+ZySYpu+
2PwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4QUVBMjI4L1NLTHl4
S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NLTHl4S3BLNmptLVJyX2wtWnlTWXB1LTJQdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM1OEQ2L0Q2OUE0REZFNzMxNjExRTk5MTMzMDM3Q0Y4
QUVBMjI4LzhBODVBNERFQzY5MjExRUU4QzJBMUE1Njc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmgagwDQYJKoZIhvcNAQEL
BQADggEBAJnC7eqYVIjOXWWb5E2lRdW+uzdX3PsTHjnfhyTgo0xZJj9iDPZhM6N3
jf9zzlnGl4LwBJlLYJFWL83MrpHZx21jdGnyEo1S+PgUGH57lXgdo5HJcfpAprkA
mljyHIeXuncJjrXBAgV8k/Qt3rKffrmrupXPXcVQImXX6kO3BZMd3M5vzBVifl4T
EwUhK3+gHI3UZIV/8y2WnIyIUJ4wW7Gg+rUJe6jAGiR6UK4AybBxIEnQIzJLqvkR
wAhLn85NF8rxLQ3/OLSlSqWKXOWAqJNSAvmdy1OphO3UoSmYbaD06pYntil62vd/
CSt+Uu9cGu+qC09fmwLGMvZh8l8bpX8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:39 2024 by rpki-client on console-ams.rpki-client.org