Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36311EE/397BAD0A8BA811EF8A740842762E951A/F529C5FA8BA811EF87CC7248762E951A.roa
File: F529C5FA8BA811EF87CC7248762E951A.roa (raw, json)
Hash identifier: yu6LRsliyLzEjHWP25cRKvtqQR1YJgn5k9B9rIcjO+s=
Subject key identifier: 89:2E:B1:57:D2:BF:FD:E1:F7:7B:AF:A7:95:97:89:98:DD:7F:34:0B
Certificate issuer: /CN=F36311EEAF/serialNumber=BEE8C3B4C535C3AFA0F6E6C4F69C68959045F916
Certificate serial: 02
Authority key identifier: BE:E8:C3:B4:C5:35:C3:AF:A0:F6:E6:C4:F6:9C:68:95:90:45:F9:16
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/vujDtMU1w6-g9ubE9pxolZBF-RY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36311EE/397BAD0A8BA811EF8A740842762E951A/F529C5FA8BA811EF87CC7248762E951A.roa
Signing time: Wed 16 Oct 2024 10:25:26 +0000
ROA not before: Wed 16 Oct 2024 10:25:22 +0000
ROA not after: Thu 16 Oct 2025 10:25:22 +0000
asID: 37368
IP address blocks: 41.79.104.0/22 maxlen: 32
2c0f:f080::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 16 Oct 2024 12:04:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36311EEAF/serialNumber=BEE8C3B4C535C3AFA0F6E6C4F69C68959045F916
Validity
Not Before: Oct 16 10:25:22 2024 GMT
Not After : Oct 16 10:25:22 2025 GMT
Subject: CN=670f9495-3c22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c6:e9:8d:02:31:84:7f:98:91:2e:a4:40:7a:
85:c4:05:5a:31:e9:f6:e6:e3:96:9f:f1:36:c8:93:
ec:5f:c2:82:a9:62:ae:fe:4b:8a:13:63:90:ba:73:
2a:7b:37:0e:a4:09:fb:b7:07:cb:80:3c:2b:39:62:
7b:63:a3:e1:a9:ac:f7:75:ba:0c:08:97:6c:b1:36:
b0:de:e9:9c:74:46:73:b2:12:60:46:f8:77:d0:d8:
a1:ff:06:92:78:17:90:0c:4d:90:dd:b4:9d:3c:c6:
c4:c1:b8:fc:a7:c1:9f:2a:1e:8e:b9:58:7c:83:17:
82:b5:ab:2a:cb:8b:55:0f:7f:b9:20:8b:b0:a5:5f:
55:f3:5d:5d:a1:c5:c0:4d:c1:2e:1f:d2:0a:ee:1a:
68:e3:de:ba:6c:ef:ce:a7:78:18:a1:b2:61:4c:6f:
67:6f:93:ec:dc:db:0a:b4:a3:48:9f:a5:02:c4:ee:
94:61:22:26:01:e7:4f:43:64:d1:f0:66:79:50:25:
10:3a:e0:1c:a6:4e:0e:99:77:4e:32:01:f6:61:19:
2e:34:d6:76:1c:59:c1:15:7d:66:58:1b:bc:8c:8b:
56:c5:6b:f8:8f:79:ce:be:25:1a:fb:c3:d0:51:d9:
26:4f:f1:6a:ee:0d:28:96:64:d7:bb:3b:9f:7b:82:
f7:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:2E:B1:57:D2:BF:FD:E1:F7:7B:AF:A7:95:97:89:98:DD:7F:34:0B
X509v3 Authority Key Identifier:
keyid:BE:E8:C3:B4:C5:35:C3:AF:A0:F6:E6:C4:F6:9C:68:95:90:45:F9:16
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36311EE/397BAD0A8BA811EF8A740842762E951A/vujDtMU1w6-g9ubE9pxolZBF-RY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/vujDtMU1w6-g9ubE9pxolZBF-RY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36311EE/397BAD0A8BA811EF8A740842762E951A/F529C5FA8BA811EF87CC7248762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.79.104.0/22
IPv6:
2c0f:f080::/32
Signature Algorithm: sha256WithRSAEncryption
48:b0:7f:52:52:0b:31:ec:34:0b:de:1f:8d:7f:e4:7c:e2:60:
f3:cb:2c:66:e2:56:6b:74:70:2e:6a:c7:dc:9c:a5:fb:78:d6:
17:21:d0:c5:5e:bf:9a:c0:8f:bb:45:3d:5e:69:41:67:cc:c1:
5e:4c:8b:ad:50:5e:f0:24:b2:4e:1d:a4:83:e6:83:7d:ed:62:
d6:c4:2d:a7:14:10:ce:17:79:05:c7:46:73:27:85:1c:00:87:
57:36:94:1c:0b:47:32:71:d9:2e:d4:e4:4d:34:fd:80:0c:da:
81:73:18:9f:51:0f:a5:99:a6:c3:b7:c0:46:6c:31:a2:c6:ce:
39:49:ea:93:4e:71:5a:ca:3b:73:fa:9a:4c:48:18:4b:d2:bf:
3b:8d:4f:46:73:cb:7d:82:5f:f6:9d:3c:76:80:dc:f3:c4:5f:
2b:bb:8d:ac:02:1b:da:e1:71:ea:cb:31:e0:ce:d9:d7:2d:1d:
7d:3b:c4:71:7a:16:00:57:2c:9f:04:2f:20:fc:57:7f:58:5a:
9d:45:19:aa:ab:2b:f1:24:58:4a:5d:6c:66:cf:88:94:b9:6b:
f6:38:4b:c3:25:0c:5d:ed:a6:91:30:f4:9d:08:92:9f:11:98:
7f:c1:68:3c:1f:c6:f9:b1:4f:e9:32:fa:a6:5c:a1:e0:04:49:
76:fa:61:29
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
MTFFRUFGMTEwLwYDVQQFEyhCRUU4QzNCNEM1MzVDM0FGQTBGNkU2QzRGNjlDNjg5
NTkwNDVGOTE2MB4XDTI0MTAxNjEwMjUyMloXDTI1MTAxNjEwMjUyMlowGDEWMBQG
A1UEAxMNNjcwZjk0OTUtM2MyMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM7G6Y0CMYR/mJEupEB6hcQFWjHp9ubjlp/xNsiT7F/Cgqlirv5LihNjkLpz
Kns3DqQJ+7cHy4A8Kzlie2Oj4ams93W6DAiXbLE2sN7pnHRGc7ISYEb4d9DYof8G
kngXkAxNkN20nTzGxMG4/KfBnyoejrlYfIMXgrWrKsuLVQ9/uSCLsKVfVfNdXaHF
wE3BLh/SCu4aaOPeumzvzqd4GKGyYUxvZ2+T7NzbCrSjSJ+lAsTulGEiJgHnT0Nk
0fBmeVAlEDrgHKZODpl3TjIB9mEZLjTWdhxZwRV9ZlgbvIyLVsVr+I95zr4lGvvD
0FHZJk/xau4NKJZk17s7n3uC94UCAwEAAaOCArQwggKwMB0GA1UdDgQWBBSJLrFX
0r/94fd7r6eVl4mY3X80CzAfBgNVHSMEGDAWgBS+6MO0xTXDr6D25sT2nGiVkEX5
FjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MzExRUUvMzk3QkFEMEE4QkE4MTFFRjhBNzQwODQyNzYyRTk1MUEvdnVqRHRN
VTF3Ni1nOXViRTlweG9sWkJGLVJZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvdnVqRHRNVTF3Ni1nOXViRTlweG9sWkJGLVJZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MzExRUUvMzk3QkFEMEE4QkE4MTFFRjhBNzQwODQyNzYy
RTk1MUEvRjUyOUM1RkE4QkE4MTFFRjg3Q0M3MjQ4NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAilPaDANBAIAAjAHAwUALA/w
gDANBgkqhkiG9w0BAQsFAAOCAQEASLB/UlILMew0C94fjX/kfOJg88ssZuJWa3Rw
LmrH3Jyl+3jWFyHQxV6/msCPu0U9XmlBZ8zBXkyLrVBe8CSyTh2kg+aDfe1i1sQt
pxQQzhd5BcdGcyeFHACHVzaUHAtHMnHZLtTkTTT9gAzagXMYn1EPpZmmw7fARmwx
osbOOUnqk05xWso7c/qaTEgYS9K/O41PRnPLfYJf9p08doDc88RfK7uNrAIb2uFx
6ssx4M7Z1y0dfTvEcXoWAFcsnwQvIPxXf1hanUUZqqsr8SRYSl1sZs+IlLlr9jhL
wyUMXe2mkTD0nQiSnxGYf8FoPB/G+bFP6TL6plyh4ARJdvphKQ==
-----END CERTIFICATE-----
Generated at Wed Oct 16 14:03:27 2024 by rpki-client on console.sobornost.net