Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e31352e3133392e302f32342d3234203d3e20313431363432.roa
File: 3135372e31352e3133392e302f32342d3234203d3e20313431363432.roa (raw, json)
Hash identifier: 2S3UbNkuW+kHBP4FUxKDyhyU3aMYG6NHYn0bwEFPJQk=
Subject key identifier: 54:6F:BD:74:EE:F7:A7:2F:0D:A8:30:F7:EE:1F:18:C4:B7:D3:D7:8D
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 294BBDA8ECA5F4C170B2A7254D679FC5A37EDE7C
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e31352e3133392e302f32342d3234203d3e20313431363432.roa
Signing time: Thu 16 Jan 2025 03:00:00 +0000
ROA not before: Thu 16 Jan 2025 02:55:00 +0000
ROA not after: Thu 15 Jan 2026 03:00:00 +0000
asID: 141642
IP address blocks: 157.15.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Apr 2025 04:03:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:4b:bd:a8:ec:a5:f4:c1:70:b2:a7:25:4d:67:9f:c5:a3:7e:de:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Validity
Not Before: Jan 16 02:55:00 2025 GMT
Not After : Jan 15 03:00:00 2026 GMT
Subject: CN=546FBD74EEF7A72F0DA830F7EE1F18C4B7D3D78D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9a:8c:9e:00:e5:7f:b2:f8:68:e1:84:6e:49:
36:56:9a:e7:d9:f7:d6:36:ee:81:40:74:2b:1e:76:
c9:31:b4:93:9c:cf:3d:31:19:78:ca:e5:38:46:1e:
e2:05:07:ca:17:d2:5f:f4:27:0b:e2:2e:fb:7e:d8:
df:f4:d3:e2:a3:c8:4a:6f:f0:e4:6d:40:b8:3b:ee:
6e:3e:a1:4b:48:a5:f1:b3:38:ee:20:35:42:81:a7:
de:1f:76:af:73:df:c2:cd:b4:e1:2c:ed:57:56:d5:
03:39:c0:64:33:01:71:16:db:45:0d:f5:54:21:c3:
ca:aa:37:c5:9d:a3:10:8e:28:0a:e6:f4:a2:9a:cc:
3a:b2:d2:d1:12:c9:9d:25:1d:cb:ef:52:01:c8:56:
46:f2:0a:c5:9e:9c:5a:e6:c1:d4:89:eb:24:c4:0f:
e8:47:af:9f:5a:ef:df:23:06:f0:8e:a4:8f:5b:45:
93:85:aa:73:8c:89:e2:20:9d:93:b7:7b:e0:f0:fb:
c2:84:01:fa:31:6f:2a:6d:7f:ce:98:7d:92:2a:e3:
3b:63:4f:bd:fd:40:8e:11:96:a5:6b:22:15:28:f7:
8c:31:d1:22:87:c8:90:61:62:45:59:c0:ac:a0:b0:
89:97:a8:87:43:64:e0:e9:e1:64:5b:c0:04:ae:a7:
31:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:6F:BD:74:EE:F7:A7:2F:0D:A8:30:F7:EE:1F:18:C4:B7:D3:D7:8D
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e31352e3133392e302f32342d3234203d3e20313431363432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.15.139.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:0f:13:c4:5f:8f:b0:70:00:48:69:45:fb:d4:7d:aa:95:a4:
e4:68:b7:f9:0f:55:78:76:aa:f4:6a:39:48:dd:c6:07:fc:04:
d7:9c:65:45:78:4c:8e:93:e0:c3:6b:81:56:14:d6:89:36:78:
bf:d5:64:50:0e:19:1c:5c:70:0d:ef:14:9f:3b:cb:8a:1f:b2:
26:0e:6d:38:af:42:2b:ea:8e:eb:01:02:53:28:ec:cc:9f:9f:
53:27:73:49:2d:87:29:80:de:de:b9:7e:a1:ef:3c:b6:a7:7d:
97:0e:17:a4:0f:10:1d:37:3d:9d:96:bf:0d:32:73:f4:77:8a:
e3:96:2e:51:ff:d8:bd:57:eb:73:5e:d5:1c:61:e2:16:de:b6:
9f:2a:85:2f:85:55:d4:39:6d:46:3a:83:5a:75:41:68:1c:42:
61:77:50:12:43:51:d5:c5:56:94:1d:4e:0e:33:e7:5d:6a:23:
47:6f:28:7b:65:f8:23:8e:f5:27:c3:6b:54:56:c4:03:49:57:
db:ee:a5:1c:91:b6:bc:36:93:e4:db:fc:d0:a4:ba:20:da:fb:
53:53:fe:de:38:54:6c:85:ca:9d:e3:05:91:ed:84:a5:b1:18:
18:69:34:52:38:ab:f6:93:1a:0e:db:4a:bb:7a:ff:a1:a6:27:
7a:0a:67:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIUKUu9qOyl9MFwsqclTWefxaN+3nwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDExNjAyNTUwMFoX
DTI2MDExNTAzMDAwMFowMzExMC8GA1UEAxMoNTQ2RkJENzRFRUY3QTcyRjBEQTgz
MEY3RUUxRjE4QzRCN0QzRDc4RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCajJ4A5X+y+GjhhG5JNlaa59n31jbugUB0Kx52yTG0k5zPPTEZeMrlOEYe
4gUHyhfSX/QnC+Iu+37Y3/TT4qPISm/w5G1AuDvubj6hS0il8bM47iA1QoGn3h92
r3Pfws204SztV1bVAznAZDMBcRbbRQ31VCHDyqo3xZ2jEI4oCub0oprMOrLS0RLJ
nSUdy+9SAchWRvIKxZ6cWubB1InrJMQP6Eevn1rv3yMG8I6kj1tFk4Wqc4yJ4iCd
k7d74PD7woQB+jFvKm1/zph9kirjO2NPvf1AjhGWpWsiFSj3jDHRIofIkGFiRVnA
rKCwiZeoh0Nk4OnhZFvABK6nMcECAwEAAaOCAgEwggH9MB0GA1UdDgQWBBRUb710
7venLw2oMPfuHxjEt9PXjTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMIGEBggrBgEFBQcBCwR4MHYwdAYIKwYBBQUHMAuGaHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL0lETklDLUlELzEvMzEzNTM3MmUz
MTM1MmUzMTMzMzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzEzNjM0MzIu
cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBACdD4swDQYJKoZIhvcNAQELBQADggEBAG8PE8Rfj7BwAEhpRfvU
faqVpORot/kPVXh2qvRqOUjdxgf8BNecZUV4TI6T4MNrgVYU1ok2eL/VZFAOGRxc
cA3vFJ87y4ofsiYObTivQivqjusBAlMo7Myfn1Mnc0kthymA3t65fqHvPLanfZcO
F6QPEB03PZ2Wvw0yc/R3iuOWLlH/2L1X63Ne1Rxh4hbetp8qhS+FVdQ5bUY6g1p1
QWgcQmF3UBJDUdXFVpQdTg4z511qI0dvKHtl+COO9SfDa1RWxANJV9vupRyRtrw2
k+Tb/NCkuiDa+1NT/t44VGyFyp3jBZHthKWxGBhpNFI4q/aTGg7bSrt6/6GmJ3oK
Z5A=
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:36:25 2025 by rpki-client