Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36675E3/DA6A1362D3EF11EEB0BF7F4F775412E6/D4F62B48D44211EE9C817652775412E6.roa
File: D4F62B48D44211EE9C817652775412E6.roa (raw, json)
Hash identifier: m9A2ACKi/Hg9NswfXbhqxLpVQgD0l++W2g+bOCKx4NU=
Subject key identifier: 09:76:41:44:D0:41:AC:2F:CD:80:30:5B:02:48:CB:51:66:16:14:62
Certificate issuer: /CN=F36675E3AF/serialNumber=89BD146BAD721E9C9419C509C6EB2D5DECB96721
Certificate serial: 0C
Authority key identifier: 89:BD:14:6B:AD:72:1E:9C:94:19:C5:09:C6:EB:2D:5D:EC:B9:67:21
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ib0Ua61yHpyUGcUJxustXey5ZyE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36675E3/DA6A1362D3EF11EEB0BF7F4F775412E6/D4F62B48D44211EE9C817652775412E6.roa
Signing time: Mon 26 Feb 2024 01:03:20 +0000
ROA not before: Mon 26 Feb 2024 01:03:17 +0000
ROA not after: Thu 26 Feb 2026 01:03:17 +0000
asID: 5511
IP address blocks: 102.214.128.0/22 maxlen: 22
102.216.216.0/22 maxlen: 22
2c0f:2240::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 26 Feb 2024 01:41:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12 (0xc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36675E3AF, serialNumber=89BD146BAD721E9C9419C509C6EB2D5DECB96721
Validity
Not Before: Feb 26 01:03:17 2024 GMT
Not After : Feb 26 01:03:17 2026 GMT
Subject: CN=65dbe358-a95b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:cc:64:20:c9:52:a0:c2:3a:ea:d0:4c:24:9e:
41:9a:69:dd:7c:b2:2d:aa:bf:fb:b7:13:5c:85:0a:
49:ce:0f:ff:0c:c1:14:a3:16:0b:62:37:24:1c:e5:
c6:3c:56:ee:c1:aa:82:c0:0d:34:e4:3e:4e:6d:42:
70:0d:65:f4:96:4b:d5:50:f0:12:29:22:81:bd:fe:
6c:54:41:64:20:5e:44:7a:b4:13:e1:31:c4:6e:98:
75:d9:07:01:ef:60:f2:76:df:4c:dc:1b:0c:56:9d:
29:72:77:2e:d9:7b:f1:fa:ed:98:85:cb:69:d5:5b:
0a:ea:ca:89:40:b4:91:06:67:9d:40:5a:cb:94:ba:
e4:e8:17:20:a3:d9:37:94:3a:f7:af:35:f5:c8:77:
04:42:a2:da:3d:20:71:18:7d:63:07:8e:9d:e9:c0:
e2:e5:f2:1a:7f:ae:24:25:98:31:23:7b:13:fc:79:
09:c9:99:d9:58:3a:88:55:f9:1a:0e:3d:4b:ee:4d:
ad:02:66:bb:72:21:c9:5c:75:ae:78:ba:35:5e:8c:
92:62:01:34:b2:5c:89:96:63:f3:68:87:35:df:6a:
89:87:f0:d3:fb:af:e5:12:41:4d:37:ec:c7:29:13:
f8:a8:6d:35:f2:73:a4:b1:b4:45:a5:0a:86:21:40:
6c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:76:41:44:D0:41:AC:2F:CD:80:30:5B:02:48:CB:51:66:16:14:62
X509v3 Authority Key Identifier:
keyid:89:BD:14:6B:AD:72:1E:9C:94:19:C5:09:C6:EB:2D:5D:EC:B9:67:21
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36675E3/DA6A1362D3EF11EEB0BF7F4F775412E6/ib0Ua61yHpyUGcUJxustXey5ZyE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ib0Ua61yHpyUGcUJxustXey5ZyE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36675E3/DA6A1362D3EF11EEB0BF7F4F775412E6/D4F62B48D44211EE9C817652775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.214.128.0/22
102.216.216.0/22
IPv6:
2c0f:2240::/32
Signature Algorithm: sha256WithRSAEncryption
9a:50:5f:b4:72:43:0d:0b:ba:63:2f:70:fd:ee:33:a9:36:38:
40:e1:6f:cf:74:84:1f:8e:b2:eb:93:1c:e5:e2:9a:31:00:8e:
1a:5a:be:16:e9:94:93:6e:32:86:7e:b8:9a:ea:02:eb:21:b5:
03:c9:3e:4f:6a:69:9c:53:02:a9:49:41:c1:67:23:02:42:4e:
a0:23:6b:d9:5b:71:fa:92:2c:83:54:29:80:90:a7:9d:18:4a:
10:65:02:e5:8b:ba:ed:49:9a:03:cb:d5:fd:a9:a3:22:b7:e6:
74:62:ac:83:e5:cb:66:60:0d:9a:5d:21:46:3b:66:5d:44:6d:
25:33:d9:fb:8a:f9:49:3f:b7:76:ad:c1:ce:0f:8d:33:6d:3c:
a2:d4:72:c2:97:c7:ac:3a:0b:8e:21:e7:ad:18:34:d9:8a:ca:
18:43:31:1a:1f:8d:16:6e:ac:41:b3:3e:3f:46:9b:b5:de:a3:
b9:56:ca:71:9a:be:50:9e:1f:e3:92:38:5a:74:a4:f2:ec:f8:
8f:13:91:58:f3:f2:c8:11:a7:ad:de:cf:58:58:09:85:b7:23:
2f:7f:22:6a:28:48:8d:09:95:a4:5e:8c:0c:2f:03:bd:e3:0a:
36:3a:d2:63:74:08:1e:b2:0b:7d:83:bb:4b:4a:a3:f9:ae:05:
80:0c:aa:56
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIBDDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
NzVFM0FGMTEwLwYDVQQFEyg4OUJEMTQ2QkFENzIxRTlDOTQxOUM1MDlDNkVCMkQ1
REVDQjk2NzIxMB4XDTI0MDIyNjAxMDMxN1oXDTI2MDIyNjAxMDMxN1owGDEWMBQG
A1UEAxMNNjVkYmUzNTgtYTk1YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANTMZCDJUqDCOurQTCSeQZpp3XyyLaq/+7cTXIUKSc4P/wzBFKMWC2I3JBzl
xjxW7sGqgsANNOQ+Tm1CcA1l9JZL1VDwEikigb3+bFRBZCBeRHq0E+ExxG6YddkH
Ae9g8nbfTNwbDFadKXJ3Ltl78frtmIXLadVbCurKiUC0kQZnnUBay5S65OgXIKPZ
N5Q696819ch3BEKi2j0gcRh9YweOnenA4uXyGn+uJCWYMSN7E/x5CcmZ2Vg6iFX5
Gg49S+5NrQJmu3IhyVx1rni6NV6MkmIBNLJciZZj82iHNd9qiYfw0/uv5RJBTTfs
xykT+KhtNfJzpLG0RaUKhiFAbP0CAwEAAaOCArowggK2MB0GA1UdDgQWBBQJdkFE
0EGsL82AMFsCSMtRZhYUYjAfBgNVHSMEGDAWgBSJvRRrrXIenJQZxQnG6y1d7Lln
ITAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Njc1RTMvREE2QTEzNjJEM0VGMTFFRUIwQkY3RjRGNzc1NDEyRTYvaWIwVWE2
MXlIcHlVR2NVSnh1c3RYZXk1WnlFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaWIwVWE2MXlIcHlVR2NVSnh1c3RYZXk1WnlFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Njc1RTMvREE2QTEzNjJEM0VGMTFFRUIwQkY3RjRGNzc1
NDEyRTYvRDRGNjJCNDhENDQyMTFFRTlDODE3NjUyNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAmbWgAMEAmbY2DANBAIAAjAH
AwUALA8iQDANBgkqhkiG9w0BAQsFAAOCAQEAmlBftHJDDQu6Yy9w/e4zqTY4QOFv
z3SEH46y65Mc5eKaMQCOGlq+FumUk24yhn64muoC6yG1A8k+T2ppnFMCqUlBwWcj
AkJOoCNr2Vtx+pIsg1QpgJCnnRhKEGUC5Yu67UmaA8vV/amjIrfmdGKsg+XLZmAN
ml0hRjtmXURtJTPZ+4r5ST+3dq3Bzg+NM208otRywpfHrDoLjiHnrRg02YrKGEMx
Gh+NFm6sQbM+P0abtd6juVbKcZq+UJ4f45I4WnSk8uz4jxORWPPyyBGnrd7PWFgJ
hbcjL38iaihIjQmVpF6MDC8DveMKNjrSY3QIHrILfYO7S0qj+a4FgAyqVg==
-----END CERTIFICATE-----
Generated at Fri May 9 02:55:52 2025 by rpki-client