Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/3230322e35372e31362e302f32332d3234203d3e2039333431.roa
File: 3230322e35372e31362e302f32332d3234203d3e2039333431.roa (raw, json)
Hash identifier: C55RhexLQYnftxnYzpq3kSJlyJzl+TA5/i6DAF9pPmo=
Subject key identifier: 10:A4:80:E3:E3:E1:E2:07:2A:F8:EB:6B:EB:EE:FD:CD:00:AC:8C:BD
Certificate issuer: /CN=61566F205F7037962069571320603B274357CC6D
Certificate serial: 56E7A1B7FF220B7FBE421810B5EB5E3C89E31E6B
Authority key identifier: 61:56:6F:20:5F:70:37:96:20:69:57:13:20:60:3B:27:43:57:CC:6D
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/61566F205F7037962069571320603B274357CC6D.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/3230322e35372e31362e302f32332d3234203d3e2039333431.roa
Signing time: Mon 16 Oct 2023 23:31:25 +0000
ROA not before: Mon 16 Oct 2023 23:26:25 +0000
ROA not after: Mon 14 Oct 2024 23:31:25 +0000
asID: 9341
IP address blocks: 202.57.16.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:e7:a1:b7:ff:22:0b:7f:be:42:18:10:b5:eb:5e:3c:89:e3:1e:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61566F205F7037962069571320603B274357CC6D
Validity
Not Before: Oct 16 23:26:25 2023 GMT
Not After : Oct 14 23:31:25 2024 GMT
Subject: CN=10A480E3E3E1E2072AF8EB6BEBEEFDCD00AC8CBD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:5a:a5:b1:78:af:a3:77:45:2b:c5:b6:44:46:
95:30:4a:80:23:fa:dd:9f:e1:1a:49:ce:9e:ab:e6:
92:64:7a:44:1c:db:34:87:e9:f3:88:d0:db:be:20:
0e:89:23:b6:a2:0c:9e:58:01:1f:e7:f8:ff:41:bb:
49:83:92:3c:2b:24:95:26:dc:38:bc:13:c9:e0:c4:
bb:95:c0:ee:25:10:7f:50:21:81:b9:12:53:70:db:
1a:de:93:11:48:8e:c9:e2:a6:be:0f:63:7c:7d:d8:
dd:04:f0:f2:3b:1e:d8:b7:9a:93:0a:77:37:a5:b1:
e2:67:61:26:99:1d:81:4c:9b:97:3a:e4:fa:a7:e4:
31:bc:03:78:71:09:45:aa:b4:ba:08:8b:c9:40:5b:
00:ed:31:f2:ba:33:96:f7:90:f6:8e:5d:ec:01:b5:
66:b7:be:f1:65:8f:ec:8c:2c:11:b6:5c:d7:e7:cf:
e5:db:43:e2:60:5a:a8:35:ea:cc:f2:0c:f5:67:84:
36:a2:d7:41:a9:e9:e7:06:43:d6:1b:37:ea:d7:7d:
5e:24:9a:cc:1d:90:56:3e:0c:1a:7c:11:45:61:7a:
e4:c3:4d:d4:28:de:aa:d7:4f:ae:bb:bc:fb:71:28:
40:aa:fc:a9:04:a7:bf:90:12:ef:f4:57:e8:42:4b:
79:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:A4:80:E3:E3:E1:E2:07:2A:F8:EB:6B:EB:EE:FD:CD:00:AC:8C:BD
X509v3 Authority Key Identifier:
keyid:61:56:6F:20:5F:70:37:96:20:69:57:13:20:60:3B:27:43:57:CC:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/61566F205F7037962069571320603B274357CC6D.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/61566F205F7037962069571320603B274357CC6D.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/3230322e35372e31362e302f32332d3234203d3e2039333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.57.16.0/23
Signature Algorithm: sha256WithRSAEncryption
25:34:59:bd:b2:a4:aa:0a:57:6d:da:d0:0d:fa:c2:78:9b:1a:
a2:27:9a:87:d6:c2:28:4b:72:99:9d:2e:2d:d9:56:b0:fe:70:
ed:86:ad:96:bc:5f:2f:4c:6e:03:cb:84:90:64:3b:22:f2:49:
1d:c6:ee:5c:a0:a0:39:7a:71:24:85:19:59:43:83:e9:e4:a4:
21:76:6d:75:6f:bd:e7:00:74:9c:21:4e:53:91:7e:65:e2:a5:
64:24:b7:a1:f9:a5:dd:7c:36:11:cb:4c:b9:f1:e9:d7:d9:64:
0b:ca:62:1e:0a:2e:a2:5b:b7:0e:9c:cc:a3:63:cc:13:ba:6e:
1a:e6:cd:29:9c:e2:7b:f5:eb:1e:e8:89:0e:35:e2:d8:74:22:
17:c1:70:f2:2a:cb:06:ad:b4:6f:31:73:a2:dd:15:0c:12:8d:
00:86:3a:af:ca:bf:e4:58:7b:90:00:34:89:53:8a:7d:c2:85:
a8:c6:0d:10:47:13:62:7b:45:b3:0b:97:69:19:4f:33:02:c2:
ae:d7:35:50:f7:89:3d:ad:e9:55:50:d8:d1:62:92:69:bf:45:
21:18:35:2f:e6:f5:34:6d:ae:9d:92:1f:ea:a4:a3:bd:48:c1:
22:6d:92:8a:a8:4c:f8:fc:66:ab:47:27:c5:82:6a:97:03:71:
16:0d:26:2e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUVueht/8iC3++QhgQtetePInjHmswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjE1NjZGMjA1RjcwMzc5NjIwNjk1NzEzMjA2MDNCMjc0
MzU3Q0M2RDAeFw0yMzEwMTYyMzI2MjVaFw0yNDEwMTQyMzMxMjVaMDMxMTAvBgNV
BAMTKDEwQTQ4MEUzRTNFMUUyMDcyQUY4RUI2QkVCRUVGRENEMDBBQzhDQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwWqWxeK+jd0UrxbZERpUwSoAj
+t2f4RpJzp6r5pJkekQc2zSH6fOI0Nu+IA6JI7aiDJ5YAR/n+P9Bu0mDkjwrJJUm
3Di8E8ngxLuVwO4lEH9QIYG5ElNw2xrekxFIjsnipr4PY3x92N0E8PI7Hti3mpMK
dzelseJnYSaZHYFMm5c65Pqn5DG8A3hxCUWqtLoIi8lAWwDtMfK6M5b3kPaOXewB
tWa3vvFlj+yMLBG2XNfnz+XbQ+JgWqg16szyDPVnhDai10Gp6ecGQ9YbN+rXfV4k
mswdkFY+DBp8EUVheuTDTdQo3qrXT667vPtxKECq/KkEp7+QEu/0V+hCS3k5AgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUEKSA4+Ph4gcq+Otr6+79zQCsjL0wHwYDVR0j
BBgwFoAUYVZvIF9wN5YgaVcTIGA7J0NXzG0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
M2JkY2JhZS0yZTlkLTRmM2YtOGFiOS0zNDI0ZTQ0ODQ4NGUvMC82MTU2NkYyMDVG
NzAzNzk2MjA2OTU3MTMyMDYwM0IyNzQzNTdDQzZELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjE1NjZGMjA1RjcwMzc5NjIwNjk1NzEzMjA2MDNCMjc0MzU3
Q0M2RC5jZXIwgZ0GCCsGAQUFBwELBIGQMIGNMIGKBggrBgEFBQcwC4Z+cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNzNiZGNiYWUtMmU5ZC00ZjNmLThh
YjktMzQyNGU0NDg0ODRlLzAvMzIzMDMyMmUzNTM3MmUzMTM2MmUzMDJmMzIzMzJk
MzIzNDIwM2QzZTIwMzkzMzM0MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHKORAwDQYJKoZIhvcNAQEL
BQADggEBACU0Wb2ypKoKV23a0A36wnibGqInmofWwihLcpmdLi3ZVrD+cO2GrZa8
Xy9MbgPLhJBkOyLySR3G7lygoDl6cSSFGVlDg+nkpCF2bXVvvecAdJwhTlORfmXi
pWQkt6H5pd18NhHLTLnx6dfZZAvKYh4KLqJbtw6czKNjzBO6bhrmzSmc4nv16x7o
iQ414th0IhfBcPIqywattG8xc6LdFQwSjQCGOq/Kv+RYe5AANIlTin3ChajGDRBH
E2J7RbMLl2kZTzMCwq7XNVD3iT2t6VVQ2NFikmm/RSEYNS/m9TRtrp2SH+qko71I
wSJtkoqoTPj8ZqtHJ8WCapcDcRYNJi4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:07 2024 by rpki-client on console-fra.rpki-client.org