Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3230322e3135322e3235312e302f32342d3234203d3e203137383835.roa
File: 3230322e3135322e3235312e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: lhiIjqEnguVPxgoRNT0aY7C3gnZG7LgCkznrgd2q9+A=
Subject key identifier: 52:A0:6B:9E:DF:16:51:87:CD:C8:7A:4C:CC:A9:46:04:AA:0C:9C:F0
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 4BD7367500DD0D6ABDCD972E1F701EA5CACA4962
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3230322e3135322e3235312e302f32342d3234203d3e203137383835.roa
Signing time: Wed 20 Apr 2022 06:00:01 +0000
ROA not before: Wed 20 Apr 2022 05:55:01 +0000
ROA not after: Wed 19 Apr 2023 06:00:01 +0000
asID: 17885
IP address blocks: 202.152.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:d7:36:75:00:dd:0d:6a:bd:cd:97:2e:1f:70:1e:a5:ca:ca:49:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 20 05:55:01 2022 GMT
Not After : Apr 19 06:00:01 2023 GMT
Subject: CN=52A06B9EDF165187CDC87A4CCCA94604AA0C9CF0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:20:05:24:de:77:87:94:54:dd:1c:93:b6:ff:
23:58:fa:1a:7c:d4:48:bb:28:b8:45:16:b9:a6:47:
d4:42:b1:73:3d:2a:99:2d:09:80:06:c8:73:32:12:
58:dd:91:ab:1f:a6:29:04:dd:1e:0f:f9:84:d5:70:
52:2b:5b:f2:61:e9:a5:7f:4d:ae:3c:68:0d:26:b6:
49:a4:b8:6f:c8:b9:3d:d7:e1:ce:c8:da:f4:c4:17:
f1:2e:ce:b9:77:8b:04:1b:ae:87:df:ed:43:34:99:
66:eb:23:46:b1:ad:fb:fb:a3:65:52:74:91:1d:5e:
ef:51:d2:77:ea:4b:49:59:e0:31:72:ef:f5:f8:4d:
ed:d6:6f:69:81:42:de:b0:f8:3a:da:6f:ab:4c:6a:
78:b0:91:2e:13:09:42:81:3a:e5:48:fb:56:e5:80:
4e:b8:65:fd:74:64:44:7a:11:a7:e4:89:58:00:f6:
51:b7:3c:35:84:ee:51:14:cc:1a:68:93:18:cb:cc:
5a:25:10:e0:fb:a3:4a:d1:c4:d9:70:16:01:90:ef:
73:38:15:8c:a4:fb:c0:61:66:6e:a1:3a:2f:ca:f6:
ab:b8:7c:ff:46:45:57:12:9c:fb:d5:c0:02:ed:bb:
15:d0:5b:07:11:b2:dc:e5:b6:e3:5a:55:a9:7d:1e:
19:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:A0:6B:9E:DF:16:51:87:CD:C8:7A:4C:CC:A9:46:04:AA:0C:9C:F0
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3230322e3135322e3235312e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.152.251.0/24
Signature Algorithm: sha256WithRSAEncryption
68:4b:eb:8f:7a:59:ff:82:02:06:20:e3:cb:04:d3:68:1d:a0:
50:ab:75:f1:12:76:cf:59:5a:13:21:11:0c:ab:11:d4:b1:d7:
bd:07:8c:13:72:21:c4:e3:b6:ba:41:1a:36:3e:30:90:2e:1a:
71:a3:22:6a:40:bf:d0:54:93:e9:31:80:ef:05:c6:8e:1a:2f:
29:3b:a6:c9:23:b7:5e:32:e4:59:ca:93:91:e2:df:3e:81:4c:
5d:dd:68:aa:02:8b:83:08:f7:1a:5f:18:7b:98:fa:4b:0d:15:
fa:1f:0b:42:bd:41:0e:61:9d:19:0d:be:94:c0:95:66:6b:7c:
b6:d4:ea:62:36:c8:57:96:42:05:10:16:1b:12:ca:bc:01:3f:
fc:f2:9a:ea:b7:34:43:d7:2c:c7:1e:c8:12:3b:42:f7:e7:bd:
a7:a0:1c:10:97:74:91:59:d5:4c:56:02:3e:d3:f6:6d:74:8a:
75:86:ac:aa:97:4f:26:98:72:39:28:34:0c:ea:36:bf:2e:a1:
94:1f:27:f8:57:e8:5c:20:1c:1b:2a:4a:70:1d:90:30:03:b7:
35:95:f7:d1:9f:12:80:87:63:cb:72:43:cf:c2:55:f8:5b:d2:
27:3b:b6:37:a6:5e:a9:5d:c1:1c:97:19:d0:7c:55:56:26:a7:
1c:8e:58:e0
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUS9c2dQDdDWq9zZcuH3AepcrKSWIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MjAwNTU1MDFaFw0yMzA0MTkwNjAwMDFaMDMxMTAvBgNV
BAMTKDUyQTA2QjlFREYxNjUxODdDREM4N0E0Q0NDQTk0NjA0QUEwQzlDRjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYIAUk3neHlFTdHJO2/yNY+hp8
1Ei7KLhFFrmmR9RCsXM9KpktCYAGyHMyEljdkasfpikE3R4P+YTVcFIrW/Jh6aV/
Ta48aA0mtkmkuG/IuT3X4c7I2vTEF/Euzrl3iwQbroff7UM0mWbrI0axrfv7o2VS
dJEdXu9R0nfqS0lZ4DFy7/X4Te3Wb2mBQt6w+Drab6tManiwkS4TCUKBOuVI+1bl
gE64Zf10ZER6EafkiVgA9lG3PDWE7lEUzBpokxjLzFolEOD7o0rRxNlwFgGQ73M4
FYyk+8BhZm6hOi/K9qu4fP9GRVcSnPvVwALtuxXQWwcRstzltuNaVal9Hhn1AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUUqBrnt8WUYfNyHpMzKlGBKoMnPAwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMyMzAzMjJlMzEzNTMyMmUzMjM1MzEyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM3MzgzODM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAypj7MA0GCSqG
SIb3DQEBCwUAA4IBAQBoS+uPeln/ggIGIOPLBNNoHaBQq3XxEnbPWVoTIREMqxHU
sde9B4wTciHE47a6QRo2PjCQLhpxoyJqQL/QVJPpMYDvBcaOGi8pO6bJI7deMuRZ
ypOR4t8+gUxd3WiqAouDCPcaXxh7mPpLDRX6HwtCvUEOYZ0ZDb6UwJVma3y21Opi
NshXlkIFEBYbEsq8AT/88prqtzRD1yzHHsgSO0L3572noBwQl3SRWdVMVgI+0/Zt
dIp1hqyql08mmHI5KDQM6ja/LqGUHyf4V+hcIBwbKkpwHZAwA7c1lffRnxKAh2PL
ckPPwlX4W9InO7Y3pl6pXcEclxnQfFVWJqccjljg
-----END CERTIFICATE-----
Generated at Fri Jun 6 16:54:38 2025 by rpki-client