Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F8BC2/12B3179239E811EFAFB75F95762E951A/BFA5A6C43ECD11EFBC6FB9AE762E951A.roa
File: BFA5A6C43ECD11EFBC6FB9AE762E951A.roa (raw, json)
Hash identifier: hcsyfe1/TFswde/GUZTs4Y6XBrhKw4Y4Ie1eRP4mmmU=
Subject key identifier: 6B:3C:AA:C3:06:4F:0C:DC:99:59:C9:30:71:A1:FD:85:A9:8E:0C:D3
Certificate issuer: /CN=F36F8BC2AF/serialNumber=AFC0C16B805A4BB3AE73EDC24C538380FC0E9A49
Certificate serial: 0B
Authority key identifier: AF:C0:C1:6B:80:5A:4B:B3:AE:73:ED:C2:4C:53:83:80:FC:0E:9A:49
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/r8DBa4BaS7Ouc-3CTFODgPwOmkk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36F8BC2/12B3179239E811EFAFB75F95762E951A/BFA5A6C43ECD11EFBC6FB9AE762E951A.roa
Signing time: Wed 10 Jul 2024 15:04:48 +0000
ROA not before: Wed 10 Jul 2024 15:04:44 +0000
ROA not after: Thu 10 Jul 2025 15:04:44 +0000
asID: 329435
IP address blocks: 102.209.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 10 Jul 2024 16:11:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11 (0xb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36F8BC2AF, serialNumber=AFC0C16B805A4BB3AE73EDC24C538380FC0E9A49
Validity
Not Before: Jul 10 15:04:44 2024 GMT
Not After : Jul 10 15:04:44 2025 GMT
Subject: CN=668ea310-3799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:36:e3:ca:d9:e0:c3:71:5c:87:65:83:14:91:
19:41:79:fe:4b:c0:14:bb:28:9e:f0:ea:63:ea:d3:
8c:db:33:c2:52:2f:d0:07:0a:d5:a6:e9:46:ad:3c:
5c:77:4a:fd:7e:68:2f:c4:85:0e:41:87:9a:fb:16:
06:10:48:1c:4a:9b:29:fc:cd:39:fb:d8:00:2d:1c:
b1:54:d0:87:6a:cc:8e:7b:ea:dc:75:ed:f6:66:f8:
c7:79:a9:d0:a6:a9:71:c1:a8:73:19:10:cc:f0:73:
3b:2f:6c:7b:e0:1f:a4:f2:8a:2b:7f:6f:2b:62:89:
8e:e8:13:23:02:a5:2d:de:12:5e:42:7d:fd:d2:84:
86:e9:aa:85:70:25:32:a1:73:c9:4e:e1:4c:6c:15:
98:bb:f4:4e:85:86:0d:c6:58:10:a1:b0:a1:42:4b:
9d:f1:7d:e4:ee:75:73:1a:c2:db:72:e4:10:71:9c:
a8:43:fe:2d:78:27:84:39:1c:d4:00:5b:60:8d:db:
5c:39:a5:92:c2:dc:df:b5:29:1d:f8:3a:cf:56:e4:
9c:53:be:88:ea:7c:89:d1:93:31:0d:26:1e:ce:df:
f6:77:68:ba:45:30:0f:26:d5:fd:e4:e3:07:62:34:
ea:dc:37:1e:de:4a:7e:51:d3:07:ff:71:79:23:12:
48:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:3C:AA:C3:06:4F:0C:DC:99:59:C9:30:71:A1:FD:85:A9:8E:0C:D3
X509v3 Authority Key Identifier:
keyid:AF:C0:C1:6B:80:5A:4B:B3:AE:73:ED:C2:4C:53:83:80:FC:0E:9A:49
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8BC2/12B3179239E811EFAFB75F95762E951A/r8DBa4BaS7Ouc-3CTFODgPwOmkk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/r8DBa4BaS7Ouc-3CTFODgPwOmkk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8BC2/12B3179239E811EFAFB75F95762E951A/BFA5A6C43ECD11EFBC6FB9AE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.209.0.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:ee:8b:c2:b7:38:ac:8c:8d:98:43:e7:a6:26:09:af:d3:31:
e6:60:a9:0b:a2:61:1b:7b:71:02:6a:40:90:92:0b:c1:45:fa:
c2:cb:a6:1c:6b:e0:65:75:d7:1f:13:a8:f6:10:6c:78:0f:f0:
cb:ea:92:97:70:80:05:93:bf:39:89:62:cb:77:d9:5c:37:cd:
32:17:6e:ba:21:1a:72:bf:e3:0a:35:62:ec:25:4a:40:4d:da:
b5:f1:df:8b:d4:ef:f1:01:09:f6:56:fe:25:18:b7:34:53:b3:
78:8e:73:08:bd:59:ae:26:01:ed:66:78:32:09:ec:f4:59:e3:
b7:fc:6f:19:df:02:b4:3f:98:8b:0e:a7:07:f3:46:9a:8a:ba:
f9:28:0a:f2:04:0f:f8:26:a8:45:b8:fb:65:f8:fa:47:ce:e4:
3b:b8:0a:41:11:a3:92:6a:b3:54:0a:3e:09:58:cf:b8:64:b8:
a1:31:81:42:65:1c:bb:f2:ed:4b:8b:7f:d9:54:91:ad:90:5c:
34:f9:d8:d0:3b:5d:d5:51:7d:41:ae:cf:ab:48:2d:2f:1f:a5:
fb:b8:08:bc:ca:ca:8e:7f:27:1d:e8:92:82:69:a7:af:44:e7:
56:23:84:ea:f4:d8:64:81:d8:dd:89:0d:5b:22:b5:72:b6:e9:
79:9c:d1:e1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
OEJDMkFGMTEwLwYDVQQFEyhBRkMwQzE2QjgwNUE0QkIzQUU3M0VEQzI0QzUzODM4
MEZDMEU5QTQ5MB4XDTI0MDcxMDE1MDQ0NFoXDTI1MDcxMDE1MDQ0NFowGDEWMBQG
A1UEAxMNNjY4ZWEzMTAtMzc5OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANg248rZ4MNxXIdlgxSRGUF5/kvAFLsonvDqY+rTjNszwlIv0AcK1abpRq08
XHdK/X5oL8SFDkGHmvsWBhBIHEqbKfzNOfvYAC0csVTQh2rMjnvq3HXt9mb4x3mp
0KapccGocxkQzPBzOy9se+AfpPKKK39vK2KJjugTIwKlLd4SXkJ9/dKEhumqhXAl
MqFzyU7hTGwVmLv0ToWGDcZYEKGwoUJLnfF95O51cxrC23LkEHGcqEP+LXgnhDkc
1ABbYI3bXDmlksLc37UpHfg6z1bknFO+iOp8idGTMQ0mHs7f9ndoukUwDybV/eTj
B2I06tw3Ht5KflHTB/9xeSMSSMsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRrPKrD
Bk8M3JlZyTBxof2FqY4M0zAfBgNVHSMEGDAWgBSvwMFrgFpLs65z7cJMU4OA/A6a
STAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RjhCQzIvMTJCMzE3OTIzOUU4MTFFRkFGQjc1Rjk1NzYyRTk1MUEvcjhEQmE0
QmFTN091Yy0zQ1RGT0RnUHdPbWtrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcjhEQmE0QmFTN091Yy0zQ1RGT0RnUHdPbWtrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RjhCQzIvMTJCMzE3OTIzOUU4MTFFRkFGQjc1Rjk1NzYy
RTk1MUEvQkZBNUE2QzQzRUNEMTFFRkJDNkZCOUFFNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbRADANBgkqhkiG9w0BAQsF
AAOCAQEAXe6Lwrc4rIyNmEPnpiYJr9Mx5mCpC6JhG3txAmpAkJILwUX6wsumHGvg
ZXXXHxOo9hBseA/wy+qSl3CABZO/OYliy3fZXDfNMhduuiEacr/jCjVi7CVKQE3a
tfHfi9Tv8QEJ9lb+JRi3NFOzeI5zCL1ZriYB7WZ4Mgns9Fnjt/xvGd8CtD+Yiw6n
B/NGmoq6+SgK8gQP+CaoRbj7Zfj6R87kO7gKQRGjkmqzVAo+CVjPuGS4oTGBQmUc
u/LtS4t/2VSRrZBcNPnY0Dtd1VF9Qa7Pq0gtLx+l+7gIvMrKjn8nHeiSgmmnr0Tn
ViOE6vTYZIHY3YkNWyK1crbpeZzR4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 19 22:07:58 2025 by rpki-client