Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e39352e302f32342d3234203d3e203137383835.roa
File: 3132312e35322e39352e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: Ur8JuIcqSw7ns0w+0+deck9n3l6CL0J8orFD+iQkMV0=
Subject key identifier: 87:1B:2F:AC:91:6B:C0:77:25:52:51:FF:A4:07:B4:3C:96:45:B4:05
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 716DEDBBD0010DAF8892BEB038ECBABC49A3EB9B
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e39352e302f32342d3234203d3e203137383835.roa
Signing time: Wed 13 Apr 2022 08:00:01 +0000
ROA not before: Wed 13 Apr 2022 07:55:01 +0000
ROA not after: Wed 12 Apr 2023 08:00:01 +0000
asID: 17885
IP address blocks: 121.52.95.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:6d:ed:bb:d0:01:0d:af:88:92:be:b0:38:ec:ba:bc:49:a3:eb:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 13 07:55:01 2022 GMT
Not After : Apr 12 08:00:01 2023 GMT
Subject: CN=871B2FAC916BC077255251FFA407B43C9645B405
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bf:0b:7f:0c:b7:b8:15:eb:65:4a:13:c4:7d:
52:51:d0:7d:d8:3c:62:f6:88:c3:cf:27:99:70:af:
04:59:3a:0c:05:f0:f4:88:14:0a:65:6a:a3:68:60:
bf:d6:02:17:2a:39:fc:79:40:f8:b1:c0:83:0e:58:
7c:ae:32:00:96:f0:da:b5:95:b0:d6:bf:13:c9:7b:
2f:9b:f7:ee:e6:65:d3:34:45:8d:15:06:16:0e:bd:
0b:0d:60:64:b0:83:28:31:5c:ec:ad:46:04:0b:38:
0c:66:eb:2e:71:60:5a:36:cb:56:33:0b:8b:3d:f7:
b5:d3:26:9f:dc:27:4e:32:81:6d:e0:85:59:c3:c2:
51:bb:a0:92:68:c5:c1:7e:fd:81:c8:88:be:7a:89:
84:3c:d1:a5:94:28:f0:49:4e:58:13:af:26:7c:b4:
ed:6b:15:40:68:4e:66:ce:06:53:7f:e9:93:7a:25:
e4:59:87:ea:bf:3e:a2:d1:c9:18:c2:58:73:f9:96:
9b:11:8c:b2:a5:dd:e7:25:12:15:44:15:62:9e:63:
ea:d2:39:05:e5:1e:03:11:b0:2d:2a:6b:ca:d2:72:
ca:f9:34:f7:19:67:13:3b:24:b5:57:12:b5:0e:57:
5f:bf:8e:49:d8:a8:2a:d6:a5:4e:de:7c:f9:e3:9e:
64:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:1B:2F:AC:91:6B:C0:77:25:52:51:FF:A4:07:B4:3C:96:45:B4:05
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e39352e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.52.95.0/24
Signature Algorithm: sha256WithRSAEncryption
17:d7:fd:cd:fd:b1:2c:86:06:05:2a:fd:49:85:3e:e7:33:af:
34:21:77:d3:20:2b:17:8d:04:d6:ad:72:02:05:6d:9a:c5:f8:
62:21:3e:7f:7d:bf:bd:20:b0:b9:f3:af:19:87:7e:c2:74:93:
5c:ec:05:82:5d:74:5a:4f:38:5e:63:9d:ab:9e:db:5d:de:7b:
a4:b6:ee:4d:e8:76:91:3c:3b:14:d4:da:12:31:34:09:6a:3b:
69:27:0f:04:b2:c3:b2:12:6d:60:28:8f:9b:98:e2:9f:52:ab:
a4:25:8c:96:24:05:a9:9a:3e:ce:4d:16:30:d7:60:0a:e0:63:
e1:e6:0a:6b:03:88:9a:b9:fa:36:bb:c3:76:35:45:57:a8:da:
72:57:04:63:ed:9f:60:24:c2:54:bf:52:4e:65:f0:e5:c7:13:
ac:3e:1d:90:b5:f7:53:e3:db:bd:40:bb:22:57:13:a0:03:c9:
7e:a7:cd:27:4d:c8:21:8c:a7:41:4b:a0:7f:42:66:a5:b5:04:
65:fe:48:b9:e1:76:d3:fc:80:7a:60:e2:31:6f:4d:36:39:84:
be:f3:69:7e:1a:84:ae:ac:15:c1:10:ce:2b:3d:04:0e:3a:d1:
30:96:12:9c:27:fc:c0:e4:5b:2c:ee:03:36:6f:04:ee:65:f5:
27:b1:11:b3
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUcW3tu9ABDa+Ikr6wOOy6vEmj65swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MTMwNzU1MDFaFw0yMzA0MTIwODAwMDFaMDMxMTAvBgNV
BAMTKDg3MUIyRkFDOTE2QkMwNzcyNTUyNTFGRkE0MDdCNDNDOTY0NUI0MDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQvwt/DLe4FetlShPEfVJR0H3Y
PGL2iMPPJ5lwrwRZOgwF8PSIFAplaqNoYL/WAhcqOfx5QPixwIMOWHyuMgCW8Nq1
lbDWvxPJey+b9+7mZdM0RY0VBhYOvQsNYGSwgygxXOytRgQLOAxm6y5xYFo2y1Yz
C4s997XTJp/cJ04ygW3ghVnDwlG7oJJoxcF+/YHIiL56iYQ80aWUKPBJTlgTryZ8
tO1rFUBoTmbOBlN/6ZN6JeRZh+q/PqLRyRjCWHP5lpsRjLKl3eclEhVEFWKeY+rS
OQXlHgMRsC0qa8rScsr5NPcZZxM7JLVXErUOV1+/jknYqCrWpU7efPnjnmSBAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUhxsvrJFrwHclUlH/pAe0PJZFtAUwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzIzMTJlMzUzMjJlMzkzNTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB5NF8wDQYJKoZIhvcN
AQELBQADggEBABfX/c39sSyGBgUq/UmFPuczrzQhd9MgKxeNBNatcgIFbZrF+GIh
Pn99v70gsLnzrxmHfsJ0k1zsBYJddFpPOF5jnaue213ee6S27k3odpE8OxTU2hIx
NAlqO2knDwSyw7ISbWAoj5uY4p9Sq6QljJYkBamaPs5NFjDXYArgY+HmCmsDiJq5
+ja7w3Y1RVeo2nJXBGPtn2AkwlS/Uk5l8OXHE6w+HZC191Pj271AuyJXE6ADyX6n
zSdNyCGMp0FLoH9CZqW1BGX+SLnhdtP8gHpg4jFvTTY5hL7zaX4ahK6sFcEQzis9
BA460TCWEpwn/MDkWyzuAzZvBO5l9SexEbM=
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:21:00 2025 by rpki-client