Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e3134342e302f32342d3234203d3e20313530323739.roa
File: 3135372e32302e3134342e302f32342d3234203d3e20313530323739.roa (raw, json)
Hash identifier: Kf6ZeFu/4Zu0BumEuO4yEHVja53TCAmgZ/mVAoXk3G0=
Subject key identifier: C6:C2:A5:FB:11:10:AD:2A:61:63:E3:5A:69:D7:3B:F7:05:2F:D9:F6
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 5D8B803628E49FF2AC7470D476F0D2E60AB61718
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e3134342e302f32342d3234203d3e20313530323739.roa
Signing time: Wed 20 Mar 2024 04:30:24 +0000
ROA not before: Wed 20 Mar 2024 04:25:24 +0000
ROA not after: Wed 19 Mar 2025 04:30:24 +0000
asID: 150279
IP address blocks: 157.20.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:8b:80:36:28:e4:9f:f2:ac:74:70:d4:76:f0:d2:e6:0a:b6:17:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Mar 20 04:25:24 2024 GMT
Not After : Mar 19 04:30:24 2025 GMT
Subject: CN=C6C2A5FB1110AD2A6163E35A69D73BF7052FD9F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:28:29:b2:df:17:e8:42:3d:e9:3c:b5:75:3d:
71:68:49:75:12:1f:16:60:dc:24:55:c6:35:56:c1:
e3:78:b8:fd:29:27:23:8f:2f:6c:f4:08:37:95:94:
a0:a0:03:bd:68:55:10:ee:cb:3c:92:09:a0:21:bc:
d8:a5:32:ed:ba:e1:dc:63:69:eb:f3:11:13:db:fb:
5e:a2:53:77:4c:a3:3f:f8:eb:45:2a:3e:86:0c:6e:
bb:a9:06:c5:65:68:8a:e2:68:40:4c:56:63:b4:f2:
40:45:46:f9:1b:96:fe:f0:a1:61:1a:92:6f:4d:ae:
68:91:9e:44:b9:8e:13:c7:6b:28:4c:7f:fc:60:cf:
d4:3c:44:d6:4f:52:b8:17:a6:a2:85:48:c5:bd:ab:
d5:d9:0f:5e:21:37:8b:2b:7b:04:28:ac:a0:0b:ac:
08:bd:0f:66:d7:e3:1b:67:5a:68:d2:0a:65:58:9a:
2e:72:db:50:b3:a3:d6:df:9f:60:4f:22:73:91:33:
6d:da:94:d2:1e:aa:69:f8:3e:c6:48:ff:a4:2a:f5:
9f:4e:44:ce:aa:e9:5f:78:3a:1b:b7:2b:02:4f:8d:
2c:28:06:81:d3:3f:12:11:2d:2b:7e:1f:d9:8a:bc:
4f:b7:26:aa:f5:a9:49:7a:89:92:8f:75:cd:b5:ed:
03:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:C2:A5:FB:11:10:AD:2A:61:63:E3:5A:69:D7:3B:F7:05:2F:D9:F6
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e3134342e302f32342d3234203d3e20313530323739.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.144.0/24
Signature Algorithm: sha256WithRSAEncryption
60:73:9d:86:21:a0:6b:fd:6a:e6:8c:49:22:8e:09:fc:5c:50:
7f:58:af:be:1c:30:bb:50:71:69:94:b4:c8:3b:2d:70:25:90:
ef:8f:d4:8e:ac:09:a9:06:8f:58:42:65:b8:b4:5a:33:37:94:
c0:1d:58:bd:5e:b3:19:96:bf:43:b2:75:f0:be:09:c7:61:58:
aa:0c:34:47:1d:6c:8a:28:93:5c:94:8c:b2:23:6c:71:8c:f9:
cb:e6:35:4c:02:ef:66:c1:a1:ae:6f:c4:c8:90:f8:bd:01:b8:
70:b4:e3:55:17:a3:6a:36:29:3c:55:9d:0f:46:a9:24:06:5e:
5b:59:78:bf:1c:3b:ce:3b:cb:11:1d:ce:08:33:3c:1d:b5:cb:
18:26:05:a4:7b:b9:e7:14:cc:6c:e1:90:82:5f:23:d5:a7:e9:
7c:2a:71:52:cb:14:80:a1:6e:49:0e:a2:1a:c5:f9:bc:0f:69:
c6:52:67:04:ca:b4:ce:92:33:e4:d4:d5:d2:0f:e8:a2:19:46:
fa:8b:b2:bf:56:7c:51:88:bf:d4:94:10:67:3e:9f:58:e8:b4:
47:8b:6b:45:e3:7c:ce:32:83:b5:24:65:75:6f:19:78:70:81:
63:41:cb:d2:11:76:c0:f8:3d:3e:8c:69:b5:36:b6:39:18:fd:
24:18:8d:a9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIUXYuANijkn/KsdHDUdvDS5gq2FxgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDMyMDA0MjUyNFoX
DTI1MDMxOTA0MzAyNFowMzExMC8GA1UEAxMoQzZDMkE1RkIxMTEwQUQyQTYxNjNF
MzVBNjlENzNCRjcwNTJGRDlGNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANAoKbLfF+hCPek8tXU9cWhJdRIfFmDcJFXGNVbB43i4/SknI48vbPQIN5WU
oKADvWhVEO7LPJIJoCG82KUy7brh3GNp6/MRE9v7XqJTd0yjP/jrRSo+hgxuu6kG
xWVoiuJoQExWY7TyQEVG+RuW/vChYRqSb02uaJGeRLmOE8drKEx//GDP1DxE1k9S
uBemooVIxb2r1dkPXiE3iyt7BCisoAusCL0PZtfjG2daaNIKZViaLnLbULOj1t+f
YE8ic5EzbdqU0h6qafg+xkj/pCr1n05EzqrpX3g6G7crAk+NLCgGgdM/EhEtK34f
2Yq8T7cmqvWpSXqJko91zbXtA+cCAwEAAaOCAgEwggH9MB0GA1UdDgQWBBTGwqX7
ERCtKmFj41pp1zv3BS/Z9jAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMIGEBggrBgEFBQcBCwR4MHYwdAYIKwYBBQUHMAuGaHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL0lETklDLUlELzEvMzEzNTM3MmUz
MjMwMmUzMTM0MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzAzMjM3Mzku
cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBACdFJAwDQYJKoZIhvcNAQELBQADggEBAGBznYYhoGv9auaMSSKO
CfxcUH9Yr74cMLtQcWmUtMg7LXAlkO+P1I6sCakGj1hCZbi0WjM3lMAdWL1esxmW
v0OydfC+CcdhWKoMNEcdbIook1yUjLIjbHGM+cvmNUwC72bBoa5vxMiQ+L0BuHC0
41UXo2o2KTxVnQ9GqSQGXltZeL8cO847yxEdzggzPB21yxgmBaR7uecUzGzhkIJf
I9Wn6XwqcVLLFIChbkkOohrF+bwPacZSZwTKtM6SM+TU1dIP6KIZRvqLsr9WfFGI
v9SUEGc+n1jotEeLa0XjfM4yg7UkZXVvGXhwgWNBy9IRdsD4PT6MabU2tjkY/SQY
jak=
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:17:30 2025 by rpki-client