Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e3137362e302f32332d3234203d3e20313339343238.roa
File: 3135372e32302e3137362e302f32332d3234203d3e20313339343238.roa (raw, json)
Hash identifier: gGOaz7JBKv+Y+Epq30Su+tnyFnCVOerNoo/ZdVz4XpI=
Subject key identifier: 5D:B0:41:02:EA:FF:E5:3C:19:14:10:FB:DA:AD:32:F2:54:7B:4F:63
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 0B94C4ACE1B0036A83BE55B0A243229609890AF5
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e3137362e302f32332d3234203d3e20313339343238.roa
Signing time: Thu 27 Jun 2024 03:00:07 +0000
ROA not before: Thu 27 Jun 2024 02:55:07 +0000
ROA not after: Thu 26 Jun 2025 03:00:07 +0000
asID: 139428
IP address blocks: 157.20.176.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Apr 2025 04:03:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:94:c4:ac:e1:b0:03:6a:83:be:55:b0:a2:43:22:96:09:89:0a:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Validity
Not Before: Jun 27 02:55:07 2024 GMT
Not After : Jun 26 03:00:07 2025 GMT
Subject: CN=5DB04102EAFFE53C191410FBDAAD32F2547B4F63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:1e:51:ba:f6:b9:3c:6e:06:a5:39:88:b8:82:
fa:56:fa:aa:ad:f0:c7:20:29:37:07:ad:44:00:b1:
7c:20:f2:4d:d8:47:16:13:cf:3d:a2:29:c6:97:3e:
9d:9b:2e:3d:34:51:59:ac:87:88:99:4e:fa:72:5c:
75:13:9e:a8:26:97:56:9f:72:b1:74:42:91:f4:45:
e8:7a:4a:2d:13:ed:46:4e:aa:db:2b:6c:03:86:7f:
f6:26:24:ab:f3:3d:18:bb:2c:4f:77:fb:6f:08:91:
0b:ca:81:27:47:a0:70:01:2d:95:a4:8a:57:79:f4:
6e:20:b6:b7:2a:a4:3d:e2:84:4e:2d:74:74:76:59:
b3:95:d0:2e:82:c2:7e:d8:26:90:f9:bf:86:8e:df:
fa:87:8d:c8:d2:87:c2:2f:52:88:f3:e2:4f:7b:ff:
49:37:a3:c8:32:f5:26:4d:f1:41:b4:82:77:d6:5e:
71:89:c0:bc:91:46:e3:be:7f:e6:ed:6c:0d:d1:a8:
20:ca:ab:fa:00:9e:75:c2:bc:ea:75:76:64:78:8c:
c5:27:44:7b:f8:13:1b:e6:b5:7a:30:5f:b7:61:b4:
26:ab:20:ca:a3:f0:5f:52:11:88:c0:42:d7:84:2d:
31:6b:76:38:bc:d1:8d:93:28:10:8d:a9:9b:a3:50:
7f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B0:41:02:EA:FF:E5:3C:19:14:10:FB:DA:AD:32:F2:54:7B:4F:63
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e3137362e302f32332d3234203d3e20313339343238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.176.0/23
Signature Algorithm: sha256WithRSAEncryption
90:98:d9:95:f0:82:3d:75:e1:53:d2:d1:f9:94:9b:d8:49:80:
e3:36:02:5e:ef:f6:95:5c:c4:41:b7:47:0a:c5:72:f2:1d:68:
21:bb:e1:46:35:21:aa:76:23:f6:96:fc:4c:95:ef:67:52:b1:
7e:c8:ba:02:69:5d:9f:62:4e:78:c8:ce:d1:0c:41:b7:6d:45:
45:8e:fe:bb:f1:fe:b4:44:13:cb:98:bf:4f:45:01:1d:dd:3e:
25:03:69:bc:5c:cc:d6:1c:7d:f1:fa:6a:ec:6e:1e:83:78:3c:
e0:9e:11:60:b7:d0:d5:a8:f6:4f:3e:4c:ff:65:82:c0:5b:f0:
e7:45:a0:10:69:80:75:b8:f8:25:b4:dc:b5:02:d8:6d:8a:53:
ce:0a:6a:64:fb:93:f2:3a:86:4f:f2:3b:37:cc:b7:77:7e:bb:
9f:51:d3:ae:1a:c1:ac:84:0c:b5:94:5f:ce:31:43:0c:fd:af:
e0:75:7c:a0:09:3c:88:f6:7a:7b:99:cd:d2:6d:dd:18:47:33:
09:8a:c9:26:d6:de:4f:b3:82:06:fb:db:57:52:8f:af:bb:c6:
22:b6:1f:31:50:e7:4c:48:6a:62:2a:25:28:a3:41:af:01:2d:
ad:95:f2:76:a2:e3:37:3c:2c:9b:61:91:c2:08:0e:cd:ef:92:
b8:ca:e3:05
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIUC5TErOGwA2qDvlWwokMilgmJCvUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDYyNzAyNTUwN1oX
DTI1MDYyNjAzMDAwN1owMzExMC8GA1UEAxMoNURCMDQxMDJFQUZGRTUzQzE5MTQx
MEZCREFBRDMyRjI1NDdCNEY2MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN4eUbr2uTxuBqU5iLiC+lb6qq3wxyApNwetRACxfCDyTdhHFhPPPaIpxpc+
nZsuPTRRWayHiJlO+nJcdROeqCaXVp9ysXRCkfRF6HpKLRPtRk6q2ytsA4Z/9iYk
q/M9GLssT3f7bwiRC8qBJ0egcAEtlaSKV3n0biC2tyqkPeKETi10dHZZs5XQLoLC
ftgmkPm/ho7f+oeNyNKHwi9SiPPiT3v/STejyDL1Jk3xQbSCd9ZecYnAvJFG475/
5u1sDdGoIMqr+gCedcK86nV2ZHiMxSdEe/gTG+a1ejBft2G0JqsgyqPwX1IRiMBC
14QtMWt2OLzRjZMoEI2pm6NQf2UCAwEAAaOCAgEwggH9MB0GA1UdDgQWBBRdsEEC
6v/lPBkUEPvarTLyVHtPYzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMIGEBggrBgEFBQcBCwR4MHYwdAYIKwYBBQUHMAuGaHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL0lETklDLUlELzEvMzEzNTM3MmUz
MjMwMmUzMTM3MzYyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMTMzMzkzNDMyMzgu
cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBAGdFLAwDQYJKoZIhvcNAQELBQADggEBAJCY2ZXwgj114VPS0fmU
m9hJgOM2Al7v9pVcxEG3RwrFcvIdaCG74UY1Iap2I/aW/EyV72dSsX7IugJpXZ9i
TnjIztEMQbdtRUWO/rvx/rREE8uYv09FAR3dPiUDabxczNYcffH6auxuHoN4POCe
EWC30NWo9k8+TP9lgsBb8OdFoBBpgHW4+CW03LUC2G2KU84KamT7k/I6hk/yOzfM
t3d+u59R064awayEDLWUX84xQwz9r+B1fKAJPIj2enuZzdJt3RhHMwmKySbW3k+z
ggb721dSj6+7xiK2HzFQ50xIamIqJSijQa8BLa2V8nai4zc8LJthkcIIDs3vkrjK
4wU=
-----END CERTIFICATE-----
Generated at Sun Apr 13 14:34:56 2025 by rpki-client