Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e35352e302f32342d3234203d3e203137383835.roa
File: 3132312e35322e35352e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: xPCVa/mQnxoWosGl0VFHseg1QndD8EOWpSkp39nIIbc=
Subject key identifier: 31:7E:D2:00:72:37:46:40:B4:61:9E:6B:16:BF:38:B2:4A:EF:E6:EC
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 13CC832F752F5C9308B4251B6B78394F8C5A435F
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e35352e302f32342d3234203d3e203137383835.roa
Signing time: Tue 12 Apr 2022 09:00:03 +0000
ROA not before: Tue 12 Apr 2022 08:55:03 +0000
ROA not after: Tue 11 Apr 2023 09:00:03 +0000
asID: 17885
IP address blocks: 121.52.55.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:cc:83:2f:75:2f:5c:93:08:b4:25:1b:6b:78:39:4f:8c:5a:43:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 12 08:55:03 2022 GMT
Not After : Apr 11 09:00:03 2023 GMT
Subject: CN=317ED20072374640B4619E6B16BF38B24AEFE6EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:10:34:c5:97:f3:93:60:bf:b3:4d:24:9c:b2:
c5:21:5d:fc:a3:8b:85:d5:85:31:1b:3f:40:f8:b8:
cf:e3:f3:5e:8b:62:84:37:cc:0e:cf:9b:4c:8f:44:
c9:81:ae:10:ce:5d:c7:af:93:8d:52:6c:47:3d:96:
70:74:8b:db:48:95:2e:5d:49:91:7a:53:4a:25:f0:
34:e8:28:31:5b:00:57:64:f5:93:8e:9c:4d:06:51:
7a:23:90:2d:5b:86:5a:c8:ad:f9:99:93:9c:94:94:
fb:6b:c2:3f:d9:f2:79:f3:df:96:ae:14:15:91:75:
98:aa:ed:5f:e3:5b:8c:d0:43:44:3e:f0:2c:35:52:
a3:2a:61:e0:26:f3:0d:9c:cc:aa:1e:c2:8c:e4:74:
12:c6:47:18:8a:16:1d:d2:3d:c5:02:54:1f:1d:9e:
89:f8:86:42:04:51:48:2c:4d:3f:2c:13:33:f2:62:
0a:52:73:3d:ad:13:95:cb:34:8b:53:7c:3b:f5:b1:
3f:e2:00:1b:b2:42:73:5c:bf:47:e5:bc:bd:05:54:
4f:e3:bc:fa:13:3e:c2:45:4b:b8:f8:5c:75:0c:de:
b0:fd:ef:29:52:e1:5c:53:90:72:27:c3:e1:52:9c:
cd:08:e5:14:cc:78:d4:c4:f3:35:24:5a:e9:94:7b:
9b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:7E:D2:00:72:37:46:40:B4:61:9E:6B:16:BF:38:B2:4A:EF:E6:EC
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e35352e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.52.55.0/24
Signature Algorithm: sha256WithRSAEncryption
56:ab:5d:a8:13:a0:21:dd:00:5e:3c:2c:ee:dc:d4:46:92:f0:
28:47:8b:4f:0f:45:73:a5:44:2e:a8:04:9c:be:ef:7c:e2:40:
39:98:88:6a:ae:fd:91:4f:15:3a:f2:10:ae:e1:c3:df:f8:04:
a7:ce:e2:03:10:fe:02:d1:ed:22:c6:49:94:81:f2:ad:ff:52:
cd:48:5c:d3:a6:70:00:aa:63:bc:c8:7a:4d:83:45:2a:d3:36:
b7:9d:6b:93:56:f6:e9:f3:0b:c4:1c:2e:3b:66:1a:66:87:be:
8b:a0:ff:83:74:ba:f5:88:8a:f9:c5:4b:1c:05:50:73:fc:5d:
c0:73:3c:cd:55:55:40:6e:bc:ce:20:b2:a2:ef:af:8d:58:43:
6a:25:3d:a8:93:91:ed:1b:ec:25:ed:fc:ca:09:38:fc:d7:f1:
9c:8b:8a:bc:98:40:12:da:8d:d4:a2:f4:65:61:57:47:46:0d:
f7:d2:4f:67:38:6a:83:b5:ff:07:74:c1:dd:91:0d:ce:c2:dd:
c3:8b:bb:45:d0:33:2e:ac:81:ce:c3:f3:59:39:af:f1:28:41:
1d:03:54:af:7e:f9:5c:18:aa:7d:8d:73:77:82:5c:80:7d:08:
31:6d:07:07:07:16:0c:f6:d3:95:20:ce:94:b7:6c:b1:9e:13:
17:c9:4e:3d
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUE8yDL3UvXJMItCUba3g5T4xaQ18wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MTIwODU1MDNaFw0yMzA0MTEwOTAwMDNaMDMxMTAvBgNV
BAMTKDMxN0VEMjAwNzIzNzQ2NDBCNDYxOUU2QjE2QkYzOEIyNEFFRkU2RUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHEDTFl/OTYL+zTSScssUhXfyj
i4XVhTEbP0D4uM/j816LYoQ3zA7Pm0yPRMmBrhDOXcevk41SbEc9lnB0i9tIlS5d
SZF6U0ol8DToKDFbAFdk9ZOOnE0GUXojkC1bhlrIrfmZk5yUlPtrwj/Z8nnz35au
FBWRdZiq7V/jW4zQQ0Q+8Cw1UqMqYeAm8w2czKoewozkdBLGRxiKFh3SPcUCVB8d
non4hkIEUUgsTT8sEzPyYgpScz2tE5XLNItTfDv1sT/iABuyQnNcv0flvL0FVE/j
vPoTPsJFS7j4XHUM3rD97ylS4VxTkHInw+FSnM0I5RTMeNTE8zUkWumUe5vTAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUMX7SAHI3RkC0YZ5rFr84skrv5uwwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzIzMTJlMzUzMjJlMzUzNTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB5NDcwDQYJKoZIhvcN
AQELBQADggEBAFarXagToCHdAF48LO7c1EaS8ChHi08PRXOlRC6oBJy+73ziQDmY
iGqu/ZFPFTryEK7hw9/4BKfO4gMQ/gLR7SLGSZSB8q3/Us1IXNOmcACqY7zIek2D
RSrTNreda5NW9unzC8QcLjtmGmaHvoug/4N0uvWIivnFSxwFUHP8XcBzPM1VVUBu
vM4gsqLvr41YQ2olPaiTke0b7CXt/MoJOPzX8ZyLiryYQBLajdSi9GVhV0dGDffS
T2c4aoO1/wd0wd2RDc7C3cOLu0XQMy6sgc7D81k5r/EoQR0DVK9++VwYqn2Nc3eC
XIB9CDFtBwcHFgz205UgzpS3bLGeExfJTj0=
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:20:38 2025 by rpki-client