Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F6A4D/AE1A00C89B3C11EF9E97257F762E951A/45EA0E4C9B3E11EFB0FCB888762E951A.roa
File: 45EA0E4C9B3E11EFB0FCB888762E951A.roa (raw, json)
Hash identifier: fB3azQKulB0+4tY67oj4knJgvT1mqrCcS4aKkHPXNWU=
Subject key identifier: E5:30:85:11:BB:8E:1C:D0:52:B2:C9:67:BB:E4:4E:8E:83:A6:E5:6A
Certificate issuer: /CN=F36F6A4DAF/serialNumber=CA941F10D8010F95C8049E0102DCCAA883D9A0DB
Certificate serial: 02
Authority key identifier: CA:94:1F:10:D8:01:0F:95:C8:04:9E:01:02:DC:CA:A8:83:D9:A0:DB
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ypQfENgBD5XIBJ4BAtzKqIPZoNs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36F6A4D/AE1A00C89B3C11EF9E97257F762E951A/45EA0E4C9B3E11EFB0FCB888762E951A.roa
Signing time: Tue 05 Nov 2024 06:22:03 +0000
ROA not before: Tue 05 Nov 2024 06:22:00 +0000
ROA not after: Sun 30 Nov 2025 06:22:00 +0000
asID: 329303
IP address blocks: 102.207.120.0/22 maxlen: 24
2c0f:51c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 09 Nov 2024 06:46:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36F6A4DAF/serialNumber=CA941F10D8010F95C8049E0102DCCAA883D9A0DB
Validity
Not Before: Nov 5 06:22:00 2024 GMT
Not After : Nov 30 06:22:00 2025 GMT
Subject: CN=6729b98b-4609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0a:37:63:51:66:67:ed:a2:78:69:e7:e4:ba:
9d:88:a6:de:9a:16:89:87:5a:72:b1:55:27:d2:49:
8b:89:6a:80:f0:e5:df:46:1e:88:97:9e:38:4d:d9:
58:9a:46:43:ba:40:93:8d:91:ef:76:b6:53:65:c6:
fe:a7:1d:3b:e1:b2:c8:64:f0:17:a3:1b:62:3e:a2:
50:1d:71:c6:e7:36:78:4a:6e:55:1a:18:f9:48:df:
24:6c:73:b6:56:e9:81:dd:55:f8:f5:93:87:f5:dd:
ad:b8:2c:4c:fd:85:98:6e:1a:fb:94:a4:35:ee:d8:
1a:19:3d:c2:af:f8:db:42:f1:6a:41:c8:a7:2c:68:
ab:e1:d4:20:9c:95:77:03:72:f5:0f:ec:4a:f3:75:
02:75:0c:7f:af:17:02:ba:fa:40:4e:39:10:87:0f:
d6:3c:40:31:89:b4:92:b1:69:7f:d8:c3:7e:86:3c:
41:0c:50:3f:00:ed:ff:75:40:d1:c9:27:bb:40:d9:
5e:f2:a3:e8:3b:d6:58:49:b9:a8:50:3a:63:96:21:
80:4f:81:4b:ad:f1:c9:21:93:f9:9d:b2:92:db:12:
b3:b9:b2:22:91:01:2c:00:12:b8:0e:b5:5f:c0:06:
e9:03:6b:4b:5a:57:3e:84:cc:ba:f5:2f:12:ba:e0:
ec:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:30:85:11:BB:8E:1C:D0:52:B2:C9:67:BB:E4:4E:8E:83:A6:E5:6A
X509v3 Authority Key Identifier:
keyid:CA:94:1F:10:D8:01:0F:95:C8:04:9E:01:02:DC:CA:A8:83:D9:A0:DB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36F6A4D/AE1A00C89B3C11EF9E97257F762E951A/ypQfENgBD5XIBJ4BAtzKqIPZoNs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ypQfENgBD5XIBJ4BAtzKqIPZoNs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F6A4D/AE1A00C89B3C11EF9E97257F762E951A/45EA0E4C9B3E11EFB0FCB888762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.207.120.0/22
IPv6:
2c0f:51c0::/32
Signature Algorithm: sha256WithRSAEncryption
bd:94:43:ea:f7:3f:aa:1d:f8:68:43:e5:4c:81:0d:81:25:26:
ad:77:49:77:7c:de:a8:04:f9:32:e4:15:4f:ff:eb:7a:5a:23:
dc:1d:c8:31:8b:b6:2e:37:e0:01:dc:46:9d:73:6c:ba:82:17:
92:11:92:36:40:4b:34:b7:b2:96:44:bb:ba:a2:41:4d:db:c4:
2a:41:59:c5:c3:05:7a:cd:9a:1f:9d:a3:0b:ce:b5:ff:7c:23:
13:3a:72:4b:f7:80:9c:f3:c8:e4:72:4e:0b:d3:05:82:0e:ba:
b6:e7:3d:d3:f1:02:e0:cc:5e:3b:97:7c:6a:0d:06:07:27:7b:
6d:9a:a2:ef:7b:7e:fa:a2:89:4f:b0:4d:e9:3c:fe:b3:aa:76:
94:7a:96:02:b6:96:9b:4e:10:1d:fd:bc:90:48:38:6b:c3:02:
71:1e:3b:1e:e7:a8:2d:f1:fb:f5:0e:39:2c:d2:26:43:11:d0:
5b:ce:4e:f5:17:70:c2:74:8e:a5:f8:51:29:74:e2:5d:89:b6:
9b:a5:fa:0c:2c:58:ad:d0:8d:b0:17:a9:cb:52:87:93:20:8c:
f3:56:54:6b:71:fe:b8:6f:0e:cc:d5:dd:6e:36:44:fb:2a:3d:
3c:01:79:c7:e8:7a:6e:bb:0d:07:58:46:27:5c:a4:c9:fa:7a:
f8:f8:95:c8
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
NkE0REFGMTEwLwYDVQQFEyhDQTk0MUYxMEQ4MDEwRjk1QzgwNDlFMDEwMkRDQ0FB
ODgzRDlBMERCMB4XDTI0MTEwNTA2MjIwMFoXDTI1MTEzMDA2MjIwMFowGDEWMBQG
A1UEAxMNNjcyOWI5OGItNDYwOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcKN2NRZmftonhp5+S6nYim3poWiYdacrFVJ9JJi4lqgPDl30YeiJeeOE3Z
WJpGQ7pAk42R73a2U2XG/qcdO+GyyGTwF6MbYj6iUB1xxuc2eEpuVRoY+UjfJGxz
tlbpgd1V+PWTh/XdrbgsTP2FmG4a+5SkNe7YGhk9wq/420LxakHIpyxoq+HUIJyV
dwNy9Q/sSvN1AnUMf68XArr6QE45EIcP1jxAMYm0krFpf9jDfoY8QQxQPwDt/3VA
0cknu0DZXvKj6DvWWEm5qFA6Y5YhgE+BS63xySGT+Z2yktsSs7myIpEBLAASuA61
X8AG6QNrS1pXPoTMuvUvErrg7B0CAwEAAaOCArQwggKwMB0GA1UdDgQWBBTlMIUR
u44c0FKyyWe75E6Og6blajAfBgNVHSMEGDAWgBTKlB8Q2AEPlcgEngEC3Mqog9mg
2zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RjZBNEQvQUUxQTAwQzg5QjNDMTFFRjlFOTcyNTdGNzYyRTk1MUEveXBRZkVO
Z0JENVhJQko0QkF0ektxSVBab05zLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMveXBRZkVOZ0JENVhJQko0QkF0ektxSVBab05zLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RjZBNEQvQUUxQTAwQzg5QjNDMTFFRjlFOTcyNTdGNzYy
RTk1MUEvNDVFQTBFNEM5QjNFMTFFRkIwRkNCODg4NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbPeDANBAIAAjAHAwUALA9R
wDANBgkqhkiG9w0BAQsFAAOCAQEAvZRD6vc/qh34aEPlTIENgSUmrXdJd3zeqAT5
MuQVT//reloj3B3IMYu2LjfgAdxGnXNsuoIXkhGSNkBLNLeylkS7uqJBTdvEKkFZ
xcMFes2aH52jC861/3wjEzpyS/eAnPPI5HJOC9MFgg66tuc90/EC4MxeO5d8ag0G
Byd7bZqi73t++qKJT7BN6Tz+s6p2lHqWAraWm04QHf28kEg4a8MCcR47HueoLfH7
9Q45LNImQxHQW85O9RdwwnSOpfhRKXTiXYm2m6X6DCxYrdCNsBepy1KHkyCM81ZU
a3H+uG8OzNXdbjZE+yo9PAF5x+h6brsNB1hGJ1ykyfp6+PiVyA==
-----END CERTIFICATE-----
Generated at Sat Nov 9 08:13:48 2024 by rpki-client on console-fra.rpki-client.org