Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e3132342e302f32332d3234203d3e20313532343032.roa
File: 3135372e32302e3132342e302f32332d3234203d3e20313532343032.roa (raw, json)
Hash identifier: ULD3aeDGFXwYHAjM8+9esrWrxBzzXuqKbw3BVAuJFqY=
Subject key identifier: 38:05:FA:0A:C5:E7:97:E1:D8:4A:A8:9D:0A:78:0A:B1:36:CE:02:4B
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 7C9A1DE53D3333CFD894D881CE8CCA6CC5277703
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e3132342e302f32332d3234203d3e20313532343032.roa
Signing time: Mon 25 Mar 2024 03:14:19 +0000
ROA not before: Mon 25 Mar 2024 03:09:19 +0000
ROA not after: Mon 24 Mar 2025 03:14:19 +0000
asID: 152402
IP address blocks: 157.20.124.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:9a:1d:e5:3d:33:33:cf:d8:94:d8:81:ce:8c:ca:6c:c5:27:77:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Mar 25 03:09:19 2024 GMT
Not After : Mar 24 03:14:19 2025 GMT
Subject: CN=3805FA0AC5E797E1D84AA89D0A780AB136CE024B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:6b:5c:b1:b0:1b:05:cc:a4:99:bf:29:ec:3f:
5c:e1:4e:b1:22:3a:42:be:ef:e7:50:0e:9c:08:08:
8d:8a:d8:46:38:ba:6d:1c:f0:7e:5b:7b:b5:7f:f0:
ff:4f:46:ab:dd:bd:e8:b5:b8:c8:53:bb:94:14:af:
32:5a:c8:1a:86:6f:5f:3f:78:96:51:81:6d:d3:1b:
42:23:af:7a:7a:ba:11:bc:eb:6a:a9:ce:1e:88:0f:
4b:23:a5:83:02:18:7f:84:03:e6:24:1b:f0:2c:ac:
9c:93:6a:98:bf:e2:81:2d:7d:0b:81:c9:0c:2e:ee:
b1:70:97:95:68:a5:12:f9:26:58:0e:85:b8:cd:47:
63:41:6a:af:24:c6:7f:80:29:90:7b:4e:4c:c4:ba:
08:1c:95:98:d2:84:3a:59:11:27:e1:72:43:95:f5:
56:ea:20:41:70:93:32:39:05:aa:ff:91:60:73:f9:
d2:98:ea:3b:dc:ad:47:cc:93:a0:dd:25:e1:b5:86:
b1:6a:ff:8d:27:2f:bb:1e:02:1f:86:43:1b:93:5a:
17:a5:a8:06:cc:5a:a2:dc:eb:4a:ae:73:a0:6e:a6:
b1:5d:ec:e1:33:98:66:9c:24:2e:da:7c:51:0f:9a:
35:9a:7e:09:37:53:ce:40:71:9a:38:28:be:ef:42:
6c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:05:FA:0A:C5:E7:97:E1:D8:4A:A8:9D:0A:78:0A:B1:36:CE:02:4B
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e3132342e302f32332d3234203d3e20313532343032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.124.0/23
Signature Algorithm: sha256WithRSAEncryption
83:6d:e7:9e:5f:3f:1c:dc:8f:63:be:58:4e:e0:11:a4:0a:b7:
0d:99:d1:52:c9:0a:52:eb:b8:45:d7:0b:6e:a7:da:45:92:10:
5e:ac:d1:43:1f:93:1e:61:0a:62:64:2b:bf:a3:a7:8d:3c:dd:
a4:54:51:44:72:b2:64:1e:71:56:a1:a9:e7:d9:0b:0a:e2:89:
ee:e3:ec:f2:3f:07:29:fe:a5:93:db:e9:42:91:d1:42:63:a5:
3a:ac:b6:b4:60:12:fe:c1:e0:c3:03:04:7a:ff:af:85:c7:aa:
12:10:5b:b0:27:a8:14:c5:9b:c2:b7:15:28:7b:c0:ee:fd:70:
93:eb:b4:38:8b:5e:7d:17:ae:d4:a2:42:6f:46:08:fb:9d:35:
05:00:f0:e1:02:56:66:82:06:52:ce:f7:1b:bc:e2:2e:8a:a7:
55:74:e6:aa:e2:74:13:8f:50:94:c9:98:90:68:9a:48:37:57:
94:52:f9:3f:f0:00:90:37:31:36:61:9e:b8:4a:c1:7d:50:45:
b6:71:9a:5b:99:21:07:0d:94:c1:6d:be:52:34:ff:11:d3:63:
0d:0a:98:95:37:a7:e9:79:21:dd:2c:ed:24:31:2d:26:ec:d1:
77:47:5c:ff:4d:2d:bd:5e:fc:69:f8:03:a7:09:52:bf:df:6a:
78:60:80:af
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIUfJod5T0zM8/YlNiBzozKbMUndwMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDMyNTAzMDkxOVoX
DTI1MDMyNDAzMTQxOVowMzExMC8GA1UEAxMoMzgwNUZBMEFDNUU3OTdFMUQ4NEFB
ODlEMEE3ODBBQjEzNkNFMDI0QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJxrXLGwGwXMpJm/Kew/XOFOsSI6Qr7v51AOnAgIjYrYRji6bRzwflt7tX/w
/09Gq9296LW4yFO7lBSvMlrIGoZvXz94llGBbdMbQiOvenq6EbzraqnOHogPSyOl
gwIYf4QD5iQb8CysnJNqmL/igS19C4HJDC7usXCXlWilEvkmWA6FuM1HY0FqryTG
f4ApkHtOTMS6CByVmNKEOlkRJ+FyQ5X1VuogQXCTMjkFqv+RYHP50pjqO9ytR8yT
oN0l4bWGsWr/jScvux4CH4ZDG5NaF6WoBsxaotzrSq5zoG6msV3s4TOYZpwkLtp8
UQ+aNZp+CTdTzkBxmjgovu9CbDcCAwEAAaOCAgEwggH9MB0GA1UdDgQWBBQ4BfoK
xeeX4dhKqJ0KeAqxNs4CSzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMIGEBggrBgEFBQcBCwR4MHYwdAYIKwYBBQUHMAuGaHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL0lETklDLUlELzEvMzEzNTM3MmUz
MjMwMmUzMTMyMzQyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMTM1MzIzNDMwMzIu
cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBAGdFHwwDQYJKoZIhvcNAQELBQADggEBAINt555fPxzcj2O+WE7g
EaQKtw2Z0VLJClLruEXXC26n2kWSEF6s0UMfkx5hCmJkK7+jp4083aRUUURysmQe
cVahqefZCwriie7j7PI/Byn+pZPb6UKR0UJjpTqstrRgEv7B4MMDBHr/r4XHqhIQ
W7AnqBTFm8K3FSh7wO79cJPrtDiLXn0XrtSiQm9GCPudNQUA8OECVmaCBlLO9xu8
4i6Kp1V05qridBOPUJTJmJBomkg3V5RS+T/wAJA3MTZhnrhKwX1QRbZxmluZIQcN
lMFtvlI0/xHTYw0KmJU3p+l5Id0s7SQxLSbs0XdHXP9NLb1e/Gn4A6cJUr/fanhg
gK8=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:38:47 2025 by rpki-client