Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3130332e332e3232312e302f32342d3234203d3e203137383835.roa
File: 3130332e332e3232312e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: rF/9GD9nFqTOTJWYqeDwYhxANEjk1H7GAkXVJlLYD2Q=
Subject key identifier: 03:43:71:5E:7A:CC:43:D0:E0:75:71:89:D5:C8:4E:22:82:D0:EC:C5
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 06A7F2E7DB4D6DF8775582BC48D88FF3D989AF3F
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3130332e332e3232312e302f32342d3234203d3e203137383835.roa
Signing time: Fri 25 Mar 2022 06:00:00 +0000
ROA not before: Fri 25 Mar 2022 05:55:00 +0000
ROA not after: Fri 24 Mar 2023 06:00:00 +0000
asID: 17885
IP address blocks: 103.3.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:a7:f2:e7:db:4d:6d:f8:77:55:82:bc:48:d8:8f:f3:d9:89:af:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Mar 25 05:55:00 2022 GMT
Not After : Mar 24 06:00:00 2023 GMT
Subject: CN=0343715E7ACC43D0E0757189D5C84E2282D0ECC5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c2:cb:05:b7:f2:c7:5d:7f:7e:a9:19:4f:de:
30:ed:29:59:c7:89:14:ec:49:d1:93:53:48:0a:f8:
e8:84:89:31:b6:f8:e4:9a:57:06:d6:b9:14:de:57:
2b:39:4e:91:52:d9:4a:1e:4e:82:c9:55:74:5c:69:
0b:66:f7:66:f1:21:7d:fe:54:f8:93:d0:a3:9e:76:
a9:27:0c:c1:15:00:e7:2d:16:2d:fb:1b:12:cd:8c:
1e:c3:1d:50:6e:fd:cf:4f:4d:03:67:40:50:35:e9:
f9:a1:58:11:9e:1f:4f:37:05:df:20:13:fe:d0:b6:
70:3e:09:8f:cc:bb:41:14:8d:bb:cb:32:e8:91:9c:
07:ce:67:73:fe:10:36:0e:49:95:e4:08:b3:25:b8:
49:c7:bc:9b:d6:fe:55:51:bb:06:40:49:e4:6f:5e:
48:a5:1c:13:7d:2b:66:ee:e1:eb:5c:b1:3c:1c:d8:
0a:b5:30:ca:80:02:b3:6d:9d:eb:21:44:28:59:6e:
3b:2b:c8:fc:20:3a:4b:eb:c2:b9:b4:ae:22:aa:32:
e7:25:cb:29:df:5f:b3:97:33:43:90:99:67:d3:fd:
e3:13:e3:dd:cb:c5:9e:22:ed:c1:c4:dc:3f:1b:c7:
6d:63:0a:7c:9b:4e:71:89:3a:8c:51:65:90:ab:ba:
11:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:43:71:5E:7A:CC:43:D0:E0:75:71:89:D5:C8:4E:22:82:D0:EC:C5
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3130332e332e3232312e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.3.221.0/24
Signature Algorithm: sha256WithRSAEncryption
29:85:07:b1:7b:31:7c:67:50:e8:28:f9:12:54:6f:45:a1:1e:
8b:2d:6d:8f:29:ba:3b:7f:5d:8d:7c:42:88:a2:27:41:99:6f:
a1:57:a5:08:c9:a4:79:37:b4:b5:cb:03:84:6c:25:69:10:0a:
6f:48:90:36:c2:08:0b:a5:2d:da:38:22:30:0f:5a:8e:9b:89:
fe:6e:b9:75:17:f0:52:48:69:b3:b3:4d:57:78:0d:50:2f:a8:
8a:d1:cc:f9:1f:0d:b7:d2:cf:98:6a:ef:1a:d9:15:db:1b:3d:
ff:e7:de:78:2b:9c:6f:f8:3b:43:45:5b:24:0b:f5:6a:0e:f6:
1a:f9:27:ba:93:24:31:a2:3e:0e:1d:b2:3e:19:af:c2:ad:63:
e6:9a:6d:70:3e:34:e1:71:32:8b:8f:06:37:ad:06:5d:4b:f7:
ea:1d:d0:1f:01:aa:84:b0:cc:6c:82:89:ce:a7:a5:24:d1:7c:
82:53:8b:2b:cb:27:b4:d6:7b:43:de:3f:a0:c4:fc:39:13:9a:
8c:38:5b:48:34:36:90:0d:e3:fd:64:56:bc:65:d1:93:24:97:
db:ad:20:7c:47:e1:87:13:bd:4c:69:4e:9d:9f:6e:a2:a6:99:
5d:93:f8:2d:00:20:39:0d:38:88:c0:ff:f5:28:77:9e:56:86:
31:0b:9d:b2
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUBqfy59tNbfh3VYK8SNiP89mJrz8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjAzMjUwNTU1MDBaFw0yMzAzMjQwNjAwMDBaMDMxMTAvBgNV
BAMTKDAzNDM3MTVFN0FDQzQzRDBFMDc1NzE4OUQ1Qzg0RTIyODJEMEVDQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDwssFt/LHXX9+qRlP3jDtKVnH
iRTsSdGTU0gK+OiEiTG2+OSaVwbWuRTeVys5TpFS2UoeToLJVXRcaQtm92bxIX3+
VPiT0KOedqknDMEVAOctFi37GxLNjB7DHVBu/c9PTQNnQFA16fmhWBGeH083Bd8g
E/7QtnA+CY/Mu0EUjbvLMuiRnAfOZ3P+EDYOSZXkCLMluEnHvJvW/lVRuwZASeRv
XkilHBN9K2bu4etcsTwc2Aq1MMqAArNtneshRChZbjsryPwgOkvrwrm0riKqMucl
yynfX7OXM0OQmWfT/eMT493LxZ4i7cHE3D8bx21jCnybTnGJOoxRZZCruhELAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUA0NxXnrMQ9DgdXGJ1chOIoLQ7MUwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzAzMzJlMzMyZTMyMzIzMTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnA90wDQYJKoZIhvcN
AQELBQADggEBACmFB7F7MXxnUOgo+RJUb0WhHostbY8pujt/XY18QoiiJ0GZb6FX
pQjJpHk3tLXLA4RsJWkQCm9IkDbCCAulLdo4IjAPWo6bif5uuXUX8FJIabOzTVd4
DVAvqIrRzPkfDbfSz5hq7xrZFdsbPf/n3ngrnG/4O0NFWyQL9WoO9hr5J7qTJDGi
Pg4dsj4Zr8KtY+aabXA+NOFxMouPBjetBl1L9+od0B8BqoSwzGyCic6npSTRfIJT
iyvLJ7TWe0PeP6DE/DkTmow4W0g0NpAN4/1kVrxl0ZMkl9utIHxH4YcTvUxpTp2f
bqKmmV2T+C0AIDkNOIjA//Uod55WhjELnbI=
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:21:27 2025 by rpki-client