Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e35392e302f32342d3234203d3e203137383835.roa
File: 3132312e35322e35392e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: 1qsP9SiSGzU8oTv3WXawC6R/VMKtf0lSj5aSRCE374o=
Subject key identifier: E2:10:1E:FC:01:B4:09:15:36:D9:E6:56:BF:4E:7E:AE:CF:03:C1:03
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 6A3EF4B0396E835A8A5532134D8D500D3DBFD002
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e35392e302f32342d3234203d3e203137383835.roa
Signing time: Tue 12 Apr 2022 09:00:02 +0000
ROA not before: Tue 12 Apr 2022 08:55:02 +0000
ROA not after: Tue 11 Apr 2023 09:00:02 +0000
asID: 17885
IP address blocks: 121.52.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:3e:f4:b0:39:6e:83:5a:8a:55:32:13:4d:8d:50:0d:3d:bf:d0:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 12 08:55:02 2022 GMT
Not After : Apr 11 09:00:02 2023 GMT
Subject: CN=E2101EFC01B4091536D9E656BF4E7EAECF03C103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:3d:82:6d:4c:99:2f:8b:88:57:96:b2:94:87:
8d:c6:e0:70:90:1e:cc:d6:0a:ad:4a:83:2d:1e:ac:
3b:59:07:07:ca:ec:80:02:ff:23:2c:0b:e1:e6:2f:
95:ac:22:e8:bb:9a:47:09:ac:66:3d:f0:31:0a:10:
3f:a1:fe:ee:b8:17:09:54:f4:a8:48:7a:91:e9:4a:
a9:f4:b5:ee:74:ef:de:96:94:d7:f7:ef:f1:1e:08:
df:18:0c:a7:ce:93:25:e5:13:40:6c:82:e5:86:4e:
17:3c:89:09:ea:e8:c6:0a:09:9b:e6:cb:e2:7d:38:
9d:23:20:70:b3:01:cd:95:86:f2:07:cf:29:74:ca:
60:68:3a:01:27:d2:86:77:3d:ac:b8:aa:20:2c:1e:
1a:b6:98:21:a3:e2:59:b4:df:2f:93:2a:1a:38:d2:
ba:76:2b:ce:9f:f8:33:03:cb:37:4e:b6:d7:02:f6:
d6:e6:8f:91:c5:fd:e5:14:7f:10:59:a7:6f:93:0d:
53:de:d1:43:24:b2:41:d7:9f:42:79:83:a2:0f:fd:
16:76:c5:92:a0:9e:89:c8:c8:fd:b1:90:58:31:bb:
0f:76:26:7c:3c:ec:ca:bd:02:8a:40:5c:d1:46:75:
77:aa:36:e2:24:e2:41:e1:1c:60:c5:d3:ad:2b:ec:
0e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:10:1E:FC:01:B4:09:15:36:D9:E6:56:BF:4E:7E:AE:CF:03:C1:03
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e35392e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.52.59.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:bd:46:17:5c:24:af:09:e3:67:82:88:af:b8:64:41:62:9f:
14:61:b1:51:8f:97:5f:3e:c9:08:33:9b:2e:7f:3e:62:d3:79:
02:42:71:6b:be:98:33:ce:ac:54:24:32:c0:b7:5c:d6:38:99:
77:1d:5c:c6:82:06:38:ba:e7:64:64:8e:9b:8e:b9:58:fe:12:
d9:cc:bf:15:da:e1:18:00:86:4e:af:de:03:60:f9:9b:92:b9:
71:18:b3:8a:fe:e1:4e:d7:44:8e:3e:ac:46:63:a5:22:3f:12:
b0:78:6b:37:80:0b:b2:29:3e:c4:56:26:18:88:33:02:49:28:
47:bf:85:4d:38:50:15:1b:ac:29:72:61:6f:59:0f:61:55:8a:
08:1b:61:38:cd:54:a0:31:37:1b:d8:43:58:dc:d8:85:3f:34:
45:4e:d4:63:7b:77:e9:f4:42:21:34:3a:76:9c:cf:b9:4e:71:
9a:6b:f0:9b:df:b0:ba:8d:af:63:01:43:7e:1b:43:ad:f3:22:
39:cb:6e:ae:a5:fb:a8:68:13:4d:72:83:f1:ac:7e:fe:c6:d7:
c1:b8:be:40:a5:99:92:14:76:25:7b:9f:dc:72:e3:4c:e0:87:
09:84:26:9b:9a:e3:71:c6:03:60:f5:51:85:13:ba:50:06:7a:
b1:fe:17:9f
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUaj70sDlug1qKVTITTY1QDT2/0AIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MTIwODU1MDJaFw0yMzA0MTEwOTAwMDJaMDMxMTAvBgNV
BAMTKEUyMTAxRUZDMDFCNDA5MTUzNkQ5RTY1NkJGNEU3RUFFQ0YwM0MxMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbPYJtTJkvi4hXlrKUh43G4HCQ
HszWCq1Kgy0erDtZBwfK7IAC/yMsC+HmL5WsIui7mkcJrGY98DEKED+h/u64FwlU
9KhIepHpSqn0te50796WlNf37/EeCN8YDKfOkyXlE0BsguWGThc8iQnq6MYKCZvm
y+J9OJ0jIHCzAc2VhvIHzyl0ymBoOgEn0oZ3Pay4qiAsHhq2mCGj4lm03y+TKho4
0rp2K86f+DMDyzdOttcC9tbmj5HF/eUUfxBZp2+TDVPe0UMkskHXn0J5g6IP/RZ2
xZKgnonIyP2xkFgxuw92Jnw87Mq9AopAXNFGdXeqNuIk4kHhHGDF060r7A71AgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQU4hAe/AG0CRU22eZWv05+rs8DwQMwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzIzMTJlMzUzMjJlMzUzOTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB5NDswDQYJKoZIhvcN
AQELBQADggEBAKq9RhdcJK8J42eCiK+4ZEFinxRhsVGPl18+yQgzmy5/PmLTeQJC
cWu+mDPOrFQkMsC3XNY4mXcdXMaCBji652RkjpuOuVj+EtnMvxXa4RgAhk6v3gNg
+ZuSuXEYs4r+4U7XRI4+rEZjpSI/ErB4azeAC7IpPsRWJhiIMwJJKEe/hU04UBUb
rClyYW9ZD2FViggbYTjNVKAxNxvYQ1jc2IU/NEVO1GN7d+n0QiE0Onacz7lOcZpr
8JvfsLqNr2MBQ34bQ63zIjnLbq6l+6hoE01yg/Gsfv7G18G4vkClmZIUdiV7n9xy
40zghwmEJpua43HGA2D1UYUTulAGerH+F58=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:17:24 2025 by rpki-client