Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/AE8920BAEA2A11EFBFE2979D762E951A.roa
File: AE8920BAEA2A11EFBFE2979D762E951A.roa (raw, json)
Hash identifier: ukSy+gKOu+/D52Nc1dqtJkvXvc2V87+qmzZVSxQdQ7c=
Subject key identifier: CD:E5:EF:2E:63:71:B1:24:89:6A:E0:CE:3D:4A:11:D8:57:40:3C:A5
Certificate issuer: /CN=F367CD72AF/serialNumber=7708E66F1C07C1D7670AEBDBAE186DA42BCB30C7
Certificate serial: 40
Authority key identifier: 77:08:E6:6F:1C:07:C1:D7:67:0A:EB:DB:AE:18:6D:A4:2B:CB:30:C7
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/dwjmbxwHwddnCuvbrhhtpCvLMMc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/AE8920BAEA2A11EFBFE2979D762E951A.roa
Signing time: Thu 13 Feb 2025 16:50:51 +0000
ROA not before: Thu 13 Feb 2025 16:50:47 +0000
ROA not after: Sun 31 Dec 2028 16:50:47 +0000
asID: 30985
IP address blocks: 102.213.136.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Feb 2025 12:21:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64 (0x40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367CD72AF, serialNumber=7708E66F1C07C1D7670AEBDBAE186DA42BCB30C7
Validity
Not Before: Feb 13 16:50:47 2025 GMT
Not After : Dec 31 16:50:47 2028 GMT
Subject: CN=67ae22eb-bde0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:11:bf:e6:2e:27:65:f4:28:fe:c0:c6:d6:8d:
e3:21:df:71:2a:c3:07:d5:dd:15:73:32:1b:5b:80:
b0:f5:a7:34:6e:8c:ad:2f:0e:b3:80:e6:b4:75:6a:
8a:0a:a9:6b:d1:0b:e9:48:ab:76:f5:61:3d:3a:e6:
89:74:8c:da:63:5b:c9:10:a5:74:3c:ff:bb:c4:62:
e8:e8:4c:2d:e7:c0:e8:1b:a8:25:50:03:63:bc:f2:
57:12:40:0c:7d:8b:3f:c2:cf:1c:24:ad:1c:a5:d8:
05:89:57:35:ce:c2:2b:98:25:2f:b7:16:43:79:0f:
90:7f:a9:72:3a:6b:fb:84:1a:fe:8d:0a:c2:60:f0:
5d:e1:33:90:d6:a2:b1:e4:8c:ff:c3:4b:6c:9e:58:
6f:8a:a8:77:f1:44:ff:06:6c:67:40:91:20:26:97:
0f:27:28:41:fb:df:2c:23:13:f1:4c:a6:81:8f:c6:
10:18:a4:92:79:65:7f:6b:18:4f:c4:05:14:bf:4c:
be:32:43:ab:7c:44:ce:9c:c9:27:64:3f:e0:c8:bd:
96:28:d4:53:e3:cb:81:3a:e0:81:06:e7:9e:d6:72:
d2:46:49:7b:e7:2b:24:0e:e1:e7:03:a4:f3:60:52:
5b:0b:65:d5:6b:95:f8:7c:b6:26:fe:5d:e2:4a:6a:
7d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:E5:EF:2E:63:71:B1:24:89:6A:E0:CE:3D:4A:11:D8:57:40:3C:A5
X509v3 Authority Key Identifier:
keyid:77:08:E6:6F:1C:07:C1:D7:67:0A:EB:DB:AE:18:6D:A4:2B:CB:30:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/dwjmbxwHwddnCuvbrhhtpCvLMMc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/dwjmbxwHwddnCuvbrhhtpCvLMMc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/AE8920BAEA2A11EFBFE2979D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.213.136.0/22
Signature Algorithm: sha256WithRSAEncryption
29:9f:6c:6d:3c:64:d2:0d:68:cf:99:23:ad:87:ff:6b:be:9c:
08:42:cb:ec:97:b7:d6:83:1d:6a:63:43:27:40:67:2d:d1:da:
59:65:2b:75:0f:f6:ca:37:d5:55:af:0a:44:9b:27:fe:09:4e:
44:3a:7f:d1:a9:ed:0a:a2:65:29:41:76:e6:00:aa:5f:a6:6b:
6f:ce:5f:d6:10:c0:e9:90:2b:44:d0:da:21:fc:7c:58:53:85:
42:ee:19:1a:f5:c1:52:70:8c:03:66:2b:c9:ab:0e:28:55:4a:
66:2b:00:4e:ff:91:35:b6:e1:f0:0d:58:1f:18:e0:33:37:e8:
a7:bb:20:69:fb:3e:45:9e:42:72:53:59:06:87:bf:35:36:2d:
82:ba:ca:67:e6:9c:25:e2:26:21:0f:22:a4:33:bd:d5:d1:81:
19:2f:c4:0c:5f:06:08:be:de:32:f3:44:45:d3:c9:a2:73:c8:
4a:38:fc:b9:2a:04:0c:d3:ae:10:85:3c:16:e9:ac:1b:5b:3d:
c5:bb:ef:9f:04:82:32:ef:91:d8:5d:af:e9:6d:1c:d2:a0:49:
6f:b8:85:26:d2:f2:9d:f3:59:46:9c:14:3b:3f:6d:86:52:2a:
99:41:f4:af:92:f0:ab:35:de:ab:08:b7:5e:68:78:57:5f:5d:
91:10:ef:ce
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBQDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
Q0Q3MkFGMTEwLwYDVQQFEyg3NzA4RTY2RjFDMDdDMUQ3NjcwQUVCREJBRTE4NkRB
NDJCQ0IzMEM3MB4XDTI1MDIxMzE2NTA0N1oXDTI4MTIzMTE2NTA0N1owGDEWMBQG
A1UEAxMNNjdhZTIyZWItYmRlMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJkRv+YuJ2X0KP7AxtaN4yHfcSrDB9XdFXMyG1uAsPWnNG6MrS8Os4DmtHVq
igqpa9EL6UirdvVhPTrmiXSM2mNbyRCldDz/u8Ri6OhMLefA6BuoJVADY7zyVxJA
DH2LP8LPHCStHKXYBYlXNc7CK5glL7cWQ3kPkH+pcjpr+4Qa/o0KwmDwXeEzkNai
seSM/8NLbJ5Yb4qod/FE/wZsZ0CRICaXDycoQfvfLCMT8UymgY/GEBikknllf2sY
T8QFFL9MvjJDq3xEzpzJJ2Q/4Mi9lijUU+PLgTrggQbnntZy0kZJe+crJA7h5wOk
82BSWwtl1WuV+Hy2Jv5d4kpqfbcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTN5e8u
Y3GxJIlq4M49ShHYV0A8pTAfBgNVHSMEGDAWgBR3COZvHAfB12cK69uuGG2kK8sw
xzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0NENzIvMDk1MUMxN0VDRUE1MTFFRjkzQjQ1QkFENzYyRTk1MUEvZHdqbWJ4
d0h3ZGRuQ3V2YnJoaHRwQ3ZMTU1jLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZHdqbWJ4d0h3ZGRuQ3V2YnJoaHRwQ3ZMTU1jLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0NENzIvMDk1MUMxN0VDRUE1MTFFRjkzQjQ1QkFENzYy
RTk1MUEvQUU4OTIwQkFFQTJBMTFFRkJGRTI5NzlENzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbViDANBgkqhkiG9w0BAQsF
AAOCAQEAKZ9sbTxk0g1oz5kjrYf/a76cCELL7Je31oMdamNDJ0BnLdHaWWUrdQ/2
yjfVVa8KRJsn/glORDp/0antCqJlKUF25gCqX6Zrb85f1hDA6ZArRNDaIfx8WFOF
Qu4ZGvXBUnCMA2YryasOKFVKZisATv+RNbbh8A1YHxjgMzfop7sgafs+RZ5CclNZ
Boe/NTYtgrrKZ+acJeImIQ8ipDO91dGBGS/EDF8GCL7eMvNERdPJonPISjj8uSoE
DNOuEIU8FumsG1s9xbvvnwSCMu+R2F2v6W0c0qBJb7iFJtLynfNZRpwUOz9thlIq
mUH0r5LwqzXeqwi3Xmh4V19dkRDvzg==
-----END CERTIFICATE-----
Generated at Tue Apr 29 03:00:23 2025 by rpki-client