Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365958D/9CFE89C8EF0E11EFB212E46B762E951A/09874BBCEF1311EFB8D33D86762E951A.roa
File: 09874BBCEF1311EFB8D33D86762E951A.roa (raw, json)
Hash identifier: cPHt24Ok0ca4rQFaqlJB6+M4Rdu0Ex9+qxSHgzG58ng=
Subject key identifier: 55:4B:3B:14:79:23:8D:F8:F8:86:83:BA:60:C0:4E:B1:85:E6:87:79
Certificate issuer: /CN=F365958DAF/serialNumber=178DDEF8BB3CFE4FBE013B923BC8AE22D645B302
Certificate serial: 03
Authority key identifier: 17:8D:DE:F8:BB:3C:FE:4F:BE:01:3B:92:3B:C8:AE:22:D6:45:B3:02
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/F43e-Ls8_k--ATuSO8iuItZFswI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F365958D/9CFE89C8EF0E11EFB212E46B762E951A/09874BBCEF1311EFB8D33D86762E951A.roa
Signing time: Wed 19 Feb 2025 22:44:12 +0000
ROA not before: Thu 20 Feb 2025 22:44:07 +0000
ROA not after: Sun 20 Feb 2028 22:44:07 +0000
asID: 329090
IP address blocks: 102.209.32.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 19 Feb 2025 23:54:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F365958DAF, serialNumber=178DDEF8BB3CFE4FBE013B923BC8AE22D645B302
Validity
Not Before: Feb 20 22:44:07 2025 GMT
Not After : Feb 20 22:44:07 2028 GMT
Subject: CN=67b65ebb-91b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:cd:35:ad:56:8f:79:a9:8c:a2:e6:93:4f:c6:
09:7d:d7:ef:6b:1a:5e:7c:f7:5c:34:fc:e3:29:e0:
a9:0a:15:4c:ac:a5:b7:84:16:66:ec:be:e7:9f:f0:
a1:a4:e3:d2:fc:82:64:ff:08:10:f0:52:5b:c7:f4:
20:75:5d:0b:b8:b5:72:3a:03:16:96:69:7a:60:a1:
84:20:53:78:7f:81:41:32:ca:61:05:b8:89:94:fb:
44:2e:02:14:4c:6a:c6:a4:c7:6b:02:e2:3d:a4:57:
68:9f:53:46:5d:9d:cd:c9:a6:39:90:57:f9:32:ea:
f0:89:89:88:64:3d:30:68:cd:8b:91:1b:ce:53:4c:
be:8a:45:66:20:7d:8b:56:03:f7:4d:34:ec:0e:a5:
85:c4:ea:7f:6b:77:10:0f:ff:b2:2f:9d:4c:c5:ee:
ae:49:15:57:19:53:af:85:33:51:4b:a0:b3:f0:b4:
ed:e2:d1:bb:ca:52:4c:8e:05:95:ce:87:0a:3d:2d:
2d:7b:6b:bb:d1:9f:13:4a:62:88:c8:8e:8f:66:5f:
aa:f6:c6:8e:cb:6d:80:10:09:38:e1:bf:21:fb:9a:
1e:ec:69:5e:67:d9:a5:0d:c9:75:a4:f1:d9:20:9b:
dd:27:76:d3:29:ef:70:3b:14:b8:2f:a6:0a:18:ae:
0d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:4B:3B:14:79:23:8D:F8:F8:86:83:BA:60:C0:4E:B1:85:E6:87:79
X509v3 Authority Key Identifier:
keyid:17:8D:DE:F8:BB:3C:FE:4F:BE:01:3B:92:3B:C8:AE:22:D6:45:B3:02
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F365958D/9CFE89C8EF0E11EFB212E46B762E951A/F43e-Ls8_k--ATuSO8iuItZFswI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/F43e-Ls8_k--ATuSO8iuItZFswI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365958D/9CFE89C8EF0E11EFB212E46B762E951A/09874BBCEF1311EFB8D33D86762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.209.32.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:b4:03:bf:f3:6e:0a:f2:0e:0b:06:6f:e4:22:06:06:8c:ae:
a3:0c:0c:e9:f9:09:68:ac:76:90:9c:6e:c3:9e:5b:9b:72:a0:
71:09:53:01:4c:3b:1c:24:d1:9d:15:5e:0c:9b:5f:0d:25:93:
b6:27:51:f3:53:b3:0b:0d:d1:c5:f9:45:d3:dc:bb:d7:fd:d2:
5c:5e:7f:0e:08:f0:b8:aa:ac:55:24:06:a8:0f:0a:2d:36:76:
42:64:65:1d:63:eb:0f:f2:ab:7c:dd:67:cc:e2:76:1f:44:f3:
d7:6e:c6:d3:09:7e:8f:b3:5a:55:a3:75:86:b8:2f:49:cc:e4:
a9:87:50:be:a5:a0:d3:db:20:32:0b:a2:70:9c:7c:db:c8:d8:
a0:d1:34:95:ac:65:ee:01:ad:ab:8e:72:55:65:7a:e3:9c:c8:
cd:03:59:19:99:a9:d0:58:93:ff:62:dd:8a:82:57:83:0d:0c:
40:7d:c6:c5:24:67:65:59:39:88:19:00:aa:bc:b6:66:62:ee:
06:04:17:fd:b8:61:fc:37:15:46:a3:3f:85:65:4e:32:c4:6f:
ba:de:19:93:a0:98:21:78:b0:fc:26:9b:d7:0d:b8:cb:6f:ee:
e9:05:56:24:3b:05:d8:f0:0c:cc:c2:a6:7b:ab:73:d8:c1:79:
81:4d:2a:45
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
OTU4REFGMTEwLwYDVQQFEygxNzhEREVGOEJCM0NGRTRGQkUwMTNCOTIzQkM4QUUy
MkQ2NDVCMzAyMB4XDTI1MDIyMDIyNDQwN1oXDTI4MDIyMDIyNDQwN1owGDEWMBQG
A1UEAxMNNjdiNjVlYmItOTFiNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANbNNa1Wj3mpjKLmk0/GCX3X72saXnz3XDT84yngqQoVTKylt4QWZuy+55/w
oaTj0vyCZP8IEPBSW8f0IHVdC7i1cjoDFpZpemChhCBTeH+BQTLKYQW4iZT7RC4C
FExqxqTHawLiPaRXaJ9TRl2dzcmmOZBX+TLq8ImJiGQ9MGjNi5EbzlNMvopFZiB9
i1YD90007A6lhcTqf2t3EA//si+dTMXurkkVVxlTr4UzUUugs/C07eLRu8pSTI4F
lc6HCj0tLXtru9GfE0piiMiOj2ZfqvbGjsttgBAJOOG/IfuaHuxpXmfZpQ3JdaTx
2SCb3Sd20ynvcDsUuC+mChiuDUkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRVSzsU
eSON+PiGg7pgwE6xheaHeTAfBgNVHSMEGDAWgBQXjd74uzz+T74BO5I7yK4i1kWz
AjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTk1OEQvOUNGRTg5QzhFRjBFMTFFRkIyMTJFNDZCNzYyRTk1MUEvRjQzZS1M
czhfay0tQVR1U084aXVJdFpGc3dJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRjQzZS1Mczhfay0tQVR1U084aXVJdFpGc3dJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTk1OEQvOUNGRTg5QzhFRjBFMTFFRkIyMTJFNDZCNzYy
RTk1MUEvMDk4NzRCQkNFRjEzMTFFRkI4RDMzRDg2NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbRIDANBgkqhkiG9w0BAQsF
AAOCAQEAq7QDv/NuCvIOCwZv5CIGBoyuowwM6fkJaKx2kJxuw55bm3KgcQlTAUw7
HCTRnRVeDJtfDSWTtidR81OzCw3RxflF09y71/3SXF5/DgjwuKqsVSQGqA8KLTZ2
QmRlHWPrD/KrfN1nzOJ2H0Tz127G0wl+j7NaVaN1hrgvSczkqYdQvqWg09sgMgui
cJx828jYoNE0laxl7gGtq45yVWV645zIzQNZGZmp0FiT/2LdioJXgw0MQH3GxSRn
ZVk5iBkAqry2ZmLuBgQX/bhh/DcVRqM/hWVOMsRvut4Zk6CYIXiw/Cab1w24y2/u
6QVWJDsF2PAMzMKme6tz2MF5gU0qRQ==
-----END CERTIFICATE-----
Generated at Tue May 13 02:30:34 2025 by rpki-client