Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3131322e3231352e3230382e302f32342d3234203d3e203234323033.roa
File: 3131322e3231352e3230382e302f32342d3234203d3e203234323033.roa (raw, json)
Hash identifier: s2o9t5ygtCOX6Vhoogn83LxVLMSPpf8+JH8jplQkjQI=
Subject key identifier: A2:A8:A4:62:84:13:88:86:8A:5E:A2:60:94:10:5C:77:8D:04:D9:DB
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 0E59BC148ED8DB09C3B05A429E7F2B0CB76F41AD
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3131322e3231352e3230382e302f32342d3234203d3e203234323033.roa
Signing time: Thu 07 Apr 2022 17:00:01 +0000
ROA not before: Thu 07 Apr 2022 16:55:01 +0000
ROA not after: Thu 06 Apr 2023 17:00:01 +0000
asID: 24203
IP address blocks: 112.215.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:59:bc:14:8e:d8:db:09:c3:b0:5a:42:9e:7f:2b:0c:b7:6f:41:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 7 16:55:01 2022 GMT
Not After : Apr 6 17:00:01 2023 GMT
Subject: CN=A2A8A462841388868A5EA26094105C778D04D9DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e1:c7:16:79:e8:c2:41:ad:28:81:08:15:8d:
99:25:50:52:7d:36:3d:bf:24:3f:f0:18:8b:99:49:
c5:06:97:ec:b2:6a:95:bb:87:cc:11:8a:4d:ab:10:
8e:37:79:43:6f:9f:22:06:d9:3e:bb:31:d6:5b:9c:
ef:e5:c3:f9:3d:72:3a:43:5a:98:7a:3c:13:60:fa:
13:53:9d:55:d1:b7:e6:e6:10:d0:c8:7f:56:46:11:
c7:55:5e:14:c4:67:c8:d0:c3:69:e3:a2:c2:28:7f:
18:5b:7d:55:88:c9:f4:8d:4b:dc:2d:eb:f8:0d:26:
4a:11:98:d8:da:e2:f9:af:45:0b:b1:7c:65:eb:f7:
06:68:59:fa:91:bb:eb:ca:ab:b6:74:44:50:6e:d2:
88:74:35:20:b9:d4:3f:04:95:19:34:f5:e9:89:2a:
e9:56:76:8b:69:7c:2f:14:29:65:65:85:d8:e4:8e:
86:c9:31:ee:1b:6b:42:43:f2:cc:86:a1:16:59:cb:
ee:6f:d8:ba:d9:45:c7:31:ab:81:5d:8a:6c:88:d7:
b8:b1:cc:6b:92:b3:9c:f6:0a:37:e0:10:f1:52:57:
07:cd:a5:99:62:18:51:da:1e:46:33:99:49:17:02:
e2:e8:ba:2e:28:ee:80:31:6c:7d:39:de:91:65:54:
36:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A8:A4:62:84:13:88:86:8A:5E:A2:60:94:10:5C:77:8D:04:D9:DB
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3131322e3231352e3230382e302f32342d3234203d3e203234323033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
112.215.208.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:b7:7d:66:4a:a0:b6:a1:a7:16:c2:65:6f:35:a9:c4:64:b8:
ca:77:33:81:6e:30:b2:6f:e2:b6:c1:7a:99:ee:0d:c4:d7:43:
9b:52:0e:f8:10:51:fb:a4:2f:8c:fe:6f:fb:05:b1:4d:6a:41:
f2:6e:48:5b:23:f8:d5:8b:2b:67:52:f2:6b:b5:13:00:70:99:
ba:80:8d:fc:a8:13:4f:84:20:ab:a0:c6:2f:09:17:87:da:97:
40:5c:c6:ec:f2:98:f3:25:e3:da:ca:90:4e:98:33:f4:3f:b5:
e9:a4:fb:fa:88:4f:3e:8d:d7:f2:7f:fd:8f:f0:82:43:b4:c4:
69:df:2e:51:2a:a2:19:98:a8:54:cf:77:e0:44:48:1a:ef:88:
1b:ea:65:48:72:eb:bd:9d:d4:92:c5:3a:63:bd:36:20:64:1c:
37:8a:45:a8:c6:36:33:a7:e4:11:82:8b:37:e8:f3:8c:8d:10:
4d:cc:e0:cb:c1:6e:22:bf:d7:ef:22:d5:65:71:ab:9b:36:ac:
63:33:2e:3a:57:c8:72:58:df:b5:ca:f3:b3:3c:2a:ce:ba:a6:
4e:1e:86:b3:af:f2:49:e3:5a:ca:74:ad:a1:4e:ee:db:b6:59:
a2:e5:62:02:df:4b:3d:dd:81:a4:6f:02:8a:21:ad:49:5b:0a:
0c:c7:9c:f6
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUDlm8FI7Y2wnDsFpCnn8rDLdvQa0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MDcxNjU1MDFaFw0yMzA0MDYxNzAwMDFaMDMxMTAvBgNV
BAMTKEEyQThBNDYyODQxMzg4ODY4QTVFQTI2MDk0MTA1Qzc3OEQwNEQ5REIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF4ccWeejCQa0ogQgVjZklUFJ9
Nj2/JD/wGIuZScUGl+yyapW7h8wRik2rEI43eUNvnyIG2T67MdZbnO/lw/k9cjpD
Wph6PBNg+hNTnVXRt+bmENDIf1ZGEcdVXhTEZ8jQw2njosIofxhbfVWIyfSNS9wt
6/gNJkoRmNja4vmvRQuxfGXr9wZoWfqRu+vKq7Z0RFBu0oh0NSC51D8ElRk09emJ
KulWdotpfC8UKWVlhdjkjobJMe4ba0JD8syGoRZZy+5v2LrZRccxq4FdimyI17ix
zGuSs5z2CjfgEPFSVwfNpZliGFHaHkYzmUkXAuLoui4o7oAxbH053pFlVDZXAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUoqikYoQTiIaKXqJglBBcd40E2dswHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzEzMjJlMzIzMTM1MmUzMjMwMzgyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMjM0MzIzMDMzLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAcNfQMA0GCSqG
SIb3DQEBCwUAA4IBAQBqt31mSqC2oacWwmVvNanEZLjKdzOBbjCyb+K2wXqZ7g3E
10ObUg74EFH7pC+M/m/7BbFNakHybkhbI/jViytnUvJrtRMAcJm6gI38qBNPhCCr
oMYvCReH2pdAXMbs8pjzJePaypBOmDP0P7XppPv6iE8+jdfyf/2P8IJDtMRp3y5R
KqIZmKhUz3fgREga74gb6mVIcuu9ndSSxTpjvTYgZBw3ikWoxjYzp+QRgos36POM
jRBNzODLwW4iv9fvItVlcaubNqxjMy46V8hyWN+1yvOzPCrOuqZOHoazr/JJ41rK
dK2hTu7btlmi5WIC30s93YGkbwKKIa1JWwoMx5z2
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:35:53 2025 by rpki-client