Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e3235342e302f32332d3234203d3e20313531303030.roa
File: 3135372e32302e3235342e302f32332d3234203d3e20313531303030.roa (raw, json)
Hash identifier: q9aPMf8OOckA4TIPXBX4sr0LcRpisEawj2Q7pyBbXkM=
Subject key identifier: 85:4A:D0:54:FC:0D:E7:48:34:8B:42:1A:37:E8:8A:07:8E:C0:AF:E7
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 56EE271ADD2BD83BE168A17A28358AFC41513E3C
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e3235342e302f32332d3234203d3e20313531303030.roa
Signing time: Wed 27 Mar 2024 04:00:09 +0000
ROA not before: Wed 27 Mar 2024 03:55:09 +0000
ROA not after: Wed 26 Mar 2025 04:00:09 +0000
asID: 151000
IP address blocks: 157.20.254.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:ee:27:1a:dd:2b:d8:3b:e1:68:a1:7a:28:35:8a:fc:41:51:3e:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Mar 27 03:55:09 2024 GMT
Not After : Mar 26 04:00:09 2025 GMT
Subject: CN=854AD054FC0DE748348B421A37E88A078EC0AFE7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9f:cf:85:a0:a5:f2:e2:d0:9d:22:4e:f5:f2:
f1:fe:f8:44:59:aa:7f:b4:e1:59:72:1c:94:b4:0d:
52:20:2b:b9:9c:b8:0b:c2:eb:24:55:d4:b6:86:e2:
7d:a2:1f:45:c1:31:e0:20:71:56:38:1c:85:a2:5f:
c5:c9:bf:6d:72:55:2f:37:91:1c:1a:dd:d0:2b:d7:
9d:33:f7:3f:33:0d:8e:fb:9d:4b:5c:50:39:a5:f7:
e3:7b:2d:6c:f8:12:28:27:63:21:2c:3b:17:58:c7:
91:b5:5e:14:37:f3:a2:29:cf:1c:b6:5e:2a:14:88:
08:14:c6:3f:20:bd:f2:a0:96:17:b2:52:5e:41:a8:
5d:2a:d1:e9:de:ba:5b:1d:72:cd:3c:b5:01:f7:2e:
8f:be:48:85:32:8b:fb:1b:80:07:af:e1:7c:b4:be:
9b:85:65:51:ec:1e:3d:f1:e6:71:7b:6f:bf:59:f5:
76:13:ac:49:c1:93:0c:32:ed:8f:ee:06:35:55:86:
77:43:0c:37:ca:66:53:5c:06:1e:a3:4a:9f:4d:02:
d6:80:56:72:0f:dc:0e:05:4d:78:61:71:7a:f5:82:
37:e5:1d:2b:77:5f:17:50:84:a9:03:1f:4e:eb:bd:
0e:7f:c1:ab:e5:d4:83:4e:fe:c7:7d:f3:6e:74:35:
24:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:4A:D0:54:FC:0D:E7:48:34:8B:42:1A:37:E8:8A:07:8E:C0:AF:E7
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e3235342e302f32332d3234203d3e20313531303030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.254.0/23
Signature Algorithm: sha256WithRSAEncryption
03:29:76:31:6a:e1:a3:01:70:5a:e5:e6:50:cd:30:1b:99:e7:
e9:13:48:63:24:59:b5:4e:1e:dc:c4:b4:a9:33:61:fd:b9:a9:
2b:b2:ac:a2:c7:be:cd:ab:c5:45:db:f7:2b:e0:3b:a5:a2:4c:
ce:f2:02:57:eb:cd:06:86:e9:c5:68:ef:34:33:e4:83:b4:b6:
7f:d2:0a:8a:c1:39:29:39:7a:33:bf:74:73:ab:81:55:ff:d2:
34:c8:5d:f5:51:06:49:cf:b9:b8:82:7f:f6:a7:24:6f:59:bc:
f1:59:3a:f4:11:c6:9d:4a:1b:11:2b:b7:ed:29:e6:d8:6a:b1:
fb:a1:64:8e:21:65:f8:e2:7e:42:b5:3a:7c:6d:80:ed:42:50:
37:e1:0f:a3:53:17:ee:5b:e1:09:bc:5a:05:22:c5:6a:47:cd:
85:18:a2:94:ee:9a:84:46:ad:24:6a:63:32:c7:15:cc:6e:4d:
6c:8d:bd:63:e6:a7:39:09:4d:ec:32:19:a3:49:df:02:35:b4:
5e:12:3e:de:cd:12:28:ab:9e:b6:42:a0:bf:47:d6:41:9e:fa:
eb:ee:3a:fd:ac:6b:e7:74:ac:e3:01:b0:68:d7:c0:87:f0:e3:
f0:30:eb:b3:b8:17:14:b5:b1:b1:f4:38:9c:85:67:76:ca:70:
19:75:b2:c3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIUVu4nGt0r2DvhaKF6KDWK/EFRPjwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDMyNzAzNTUwOVoX
DTI1MDMyNjA0MDAwOVowMzExMC8GA1UEAxMoODU0QUQwNTRGQzBERTc0ODM0OEI0
MjFBMzdFODhBMDc4RUMwQUZFNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKifz4WgpfLi0J0iTvXy8f74RFmqf7ThWXIclLQNUiAruZy4C8LrJFXUtobi
faIfRcEx4CBxVjgchaJfxcm/bXJVLzeRHBrd0CvXnTP3PzMNjvudS1xQOaX343st
bPgSKCdjISw7F1jHkbVeFDfzoinPHLZeKhSICBTGPyC98qCWF7JSXkGoXSrR6d66
Wx1yzTy1Afcuj75IhTKL+xuAB6/hfLS+m4VlUewePfHmcXtvv1n1dhOsScGTDDLt
j+4GNVWGd0MMN8pmU1wGHqNKn00C1oBWcg/cDgVNeGFxevWCN+UdK3dfF1CEqQMf
Tuu9Dn/Bq+XUg07+x33zbnQ1JNMCAwEAAaOCAgEwggH9MB0GA1UdDgQWBBSFStBU
/A3nSDSLQho36IoHjsCv5zAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMIGEBggrBgEFBQcBCwR4MHYwdAYIKwYBBQUHMAuGaHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL0lETklDLUlELzEvMzEzNTM3MmUz
MjMwMmUzMjM1MzQyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMTM1MzEzMDMwMzAu
cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBAGdFP4wDQYJKoZIhvcNAQELBQADggEBAAMpdjFq4aMBcFrl5lDN
MBuZ5+kTSGMkWbVOHtzEtKkzYf25qSuyrKLHvs2rxUXb9yvgO6WiTM7yAlfrzQaG
6cVo7zQz5IO0tn/SCorBOSk5ejO/dHOrgVX/0jTIXfVRBknPubiCf/anJG9ZvPFZ
OvQRxp1KGxErt+0p5thqsfuhZI4hZfjifkK1OnxtgO1CUDfhD6NTF+5b4Qm8WgUi
xWpHzYUYopTumoRGrSRqYzLHFcxuTWyNvWPmpzkJTewyGaNJ3wI1tF4SPt7NEiir
nrZCoL9H1kGe+uvuOv2sa+d0rOMBsGjXwIfw4/Aw67O4FxS1sbH0OJyFZ3bKcBl1
ssM=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:41:24 2025 by rpki-client