Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e3233302e302f32332d3234203d3e20313532343331.roa
File: 3135372e32302e3233302e302f32332d3234203d3e20313532343331.roa (raw, json)
Hash identifier: Cp+XbNmWOt2/gNVoghEmAT0J8hotIMe42TQXzx+hc7I=
Subject key identifier: 2B:65:3F:56:44:97:AB:F9:96:4F:94:11:70:35:F8:55:BB:B1:EC:7F
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 31E5F5A27F2A7713378F19054F9D8C181B77EB50
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e3233302e302f32332d3234203d3e20313532343331.roa
Signing time: Tue 16 Apr 2024 06:38:01 +0000
ROA not before: Tue 16 Apr 2024 06:33:01 +0000
ROA not after: Tue 15 Apr 2025 06:38:01 +0000
asID: 152431
IP address blocks: 157.20.230.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 06 Apr 2025 09:20:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:e5:f5:a2:7f:2a:77:13:37:8f:19:05:4f:9d:8c:18:1b:77:eb:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Apr 16 06:33:01 2024 GMT
Not After : Apr 15 06:38:01 2025 GMT
Subject: CN=2B653F564497ABF9964F94117035F855BBB1EC7F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:16:9a:c3:9a:17:3e:d9:a9:65:83:0b:fd:10:
61:6f:3b:88:6e:2a:e5:1a:ac:e1:bd:6e:ae:35:13:
ab:32:fa:95:06:9b:f6:f3:83:3c:8f:4b:e9:d8:2f:
3c:ea:d6:9a:f5:9b:9f:3e:43:7a:f3:2d:dc:87:5f:
d8:e6:a5:58:72:1a:4e:b7:bc:19:cc:af:82:f6:89:
59:77:fd:75:55:1f:24:43:d2:10:ea:c3:aa:e9:53:
4e:4d:bd:46:43:ae:95:7e:bc:4c:59:92:be:a2:5c:
52:d7:54:68:e4:df:23:b2:74:36:f3:77:a1:a5:71:
e3:d4:15:3f:8f:69:f4:00:03:bd:92:3d:0a:59:ad:
d3:b1:b1:90:5e:50:14:5a:de:21:87:7d:57:6b:95:
67:45:de:d2:98:f9:5b:95:3c:d7:f7:23:5f:d0:3a:
eb:cf:b8:02:98:59:f0:af:64:6d:39:f4:40:2f:d9:
c3:4a:3f:ce:ec:5b:b0:6a:07:52:89:57:e5:12:de:
fb:a6:b9:9a:77:d3:69:8d:aa:ed:c8:f1:9c:01:59:
aa:ee:64:a6:83:9c:ae:02:87:0c:ef:71:68:47:8d:
2b:32:22:01:c3:6e:14:d2:da:ed:b8:39:8e:24:9d:
aa:0b:25:85:df:1f:61:44:70:ee:8f:9c:5f:32:5c:
9b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:65:3F:56:44:97:AB:F9:96:4F:94:11:70:35:F8:55:BB:B1:EC:7F
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e3233302e302f32332d3234203d3e20313532343331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.230.0/23
Signature Algorithm: sha256WithRSAEncryption
34:ff:c5:a2:2f:33:a5:9a:5a:21:2f:ba:69:d0:cc:06:f8:77:
bd:04:f9:a9:69:43:d5:56:ac:b5:e8:30:05:5c:d8:4c:59:10:
08:15:31:9d:a0:a9:56:f1:c4:59:73:9a:40:47:26:f4:34:53:
e4:a8:5e:da:22:c4:f0:cc:e5:ec:de:dc:59:39:e0:84:58:8e:
6c:07:6c:f2:69:f1:6f:b0:ae:22:7d:5f:1c:ae:c3:01:b8:f7:
fa:9e:87:f5:48:2d:be:36:ae:50:97:87:4c:b6:43:de:bd:70:
68:2e:4f:ca:79:0b:d4:e5:68:94:9d:65:f4:3c:70:1c:83:03:
d2:01:77:00:9f:12:32:e8:58:b3:5d:78:c0:58:d6:00:6e:37:
89:05:96:aa:3d:e5:56:f7:06:e5:d5:41:69:12:a0:61:dd:6c:
fe:b3:61:31:7d:54:4c:79:c1:8e:9b:16:dd:4c:a2:2f:58:a1:
77:82:37:e4:09:73:5e:d6:a2:4c:1d:e9:f8:10:86:ea:d7:d7:
0c:57:35:90:0f:a9:a8:2d:bf:62:09:94:86:a2:0e:4e:c0:0c:
7d:c9:7b:00:df:5c:bb:bf:01:2c:4c:09:bd:40:aa:db:a0:36:
cf:75:46:c3:f6:b5:47:bb:cf:4f:9d:57:cb:48:d0:2c:9b:e9:
a6:c9:a2:e8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIUMeX1on8qdxM3jxkFT52MGBt361AwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDQxNjA2MzMwMVoX
DTI1MDQxNTA2MzgwMVowMzExMC8GA1UEAxMoMkI2NTNGNTY0NDk3QUJGOTk2NEY5
NDExNzAzNUY4NTVCQkIxRUM3RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAWmsOaFz7ZqWWDC/0QYW87iG4q5Rqs4b1urjUTqzL6lQab9vODPI9L6dgv
POrWmvWbnz5DevMt3Idf2OalWHIaTre8GcyvgvaJWXf9dVUfJEPSEOrDqulTTk29
RkOulX68TFmSvqJcUtdUaOTfI7J0NvN3oaVx49QVP49p9AADvZI9Clmt07GxkF5Q
FFreIYd9V2uVZ0Xe0pj5W5U81/cjX9A668+4AphZ8K9kbTn0QC/Zw0o/zuxbsGoH
UolX5RLe+6a5mnfTaY2q7cjxnAFZqu5kpoOcrgKHDO9xaEeNKzIiAcNuFNLa7bg5
jiSdqgslhd8fYURw7o+cXzJcm4ECAwEAAaOCAgEwggH9MB0GA1UdDgQWBBQrZT9W
RJer+ZZPlBFwNfhVu7HsfzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMIGEBggrBgEFBQcBCwR4MHYwdAYIKwYBBQUHMAuGaHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL0lETklDLUlELzEvMzEzNTM3MmUz
MjMwMmUzMjMzMzAyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMTM1MzIzNDMzMzEu
cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBAGdFOYwDQYJKoZIhvcNAQELBQADggEBADT/xaIvM6WaWiEvumnQ
zAb4d70E+alpQ9VWrLXoMAVc2ExZEAgVMZ2gqVbxxFlzmkBHJvQ0U+SoXtoixPDM
5eze3Fk54IRYjmwHbPJp8W+wriJ9XxyuwwG49/qeh/VILb42rlCXh0y2Q969cGgu
T8p5C9TlaJSdZfQ8cByDA9IBdwCfEjLoWLNdeMBY1gBuN4kFlqo95Vb3BuXVQWkS
oGHdbP6zYTF9VEx5wY6bFt1Moi9YoXeCN+QJc17Wokwd6fgQhurX1wxXNZAPqagt
v2IJlIaiDk7ADH3JewDfXLu/ASxMCb1AqtugNs91RsP2tUe7z0+dV8tI0Cyb6abJ
oug=
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:10:12 2025 by rpki-client