Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e39302e302f32332d3234203d3e20313532333935.roa
File: 3135372e32302e39302e302f32332d3234203d3e20313532333935.roa (raw, json)
Hash identifier: f2iinTC7h+BqFMlxii2SXQP0o3iulUuJZ71rJgVDTT0=
Subject key identifier: 7D:5D:06:57:54:C3:A8:0A:78:E0:C1:3E:13:52:30:B9:D8:6E:9D:81
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 1EF482664E57CEA23EDD286CF30D23B393DF39CA
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e39302e302f32332d3234203d3e20313532333935.roa
Signing time: Fri 15 Mar 2024 03:31:34 +0000
ROA not before: Fri 15 Mar 2024 03:26:34 +0000
ROA not after: Fri 14 Mar 2025 03:31:34 +0000
asID: 152395
IP address blocks: 157.20.90.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:f4:82:66:4e:57:ce:a2:3e:dd:28:6c:f3:0d:23:b3:93:df:39:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Mar 15 03:26:34 2024 GMT
Not After : Mar 14 03:31:34 2025 GMT
Subject: CN=7D5D065754C3A80A78E0C13E135230B9D86E9D81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:56:01:22:79:97:80:15:43:d5:64:fd:0a:7b:
b4:c5:87:06:8c:90:4b:f1:26:1e:b3:f0:51:ea:06:
2b:e0:c3:d2:2f:8b:e4:12:0a:fa:c2:c8:b5:da:72:
06:26:9c:70:f5:f6:58:77:fe:ff:d1:9b:85:52:aa:
2c:24:84:fa:f6:26:5b:ea:be:0f:92:51:88:b2:69:
b5:96:68:2d:01:ca:e1:4a:0d:fa:a7:7d:6a:55:54:
c9:bd:5d:3d:5f:4a:3b:ac:cb:4d:24:60:d8:5e:67:
44:9e:d8:43:08:69:59:c7:f7:e1:f1:d3:ed:4d:df:
f3:1f:60:50:35:0e:ea:df:af:08:25:49:51:d9:4d:
9e:39:c0:00:fa:42:04:b2:4f:2e:05:5e:b4:8d:f1:
f6:79:e8:f6:41:c7:b8:14:2b:80:30:49:e9:df:88:
05:30:50:ec:f1:2b:d0:9f:a1:2a:a8:c0:05:fc:6b:
0c:fe:0c:67:bb:d3:f5:24:49:87:b8:2f:68:6f:54:
31:ee:c6:a1:21:74:b6:0a:9a:21:1e:23:be:84:22:
90:2a:8d:bd:b0:f4:e4:a5:25:31:b9:b5:69:99:76:
64:46:a1:f4:92:eb:11:76:3c:fa:e4:99:49:17:d3:
76:f8:97:8b:47:df:26:90:ec:06:ba:98:bb:62:2c:
b1:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:5D:06:57:54:C3:A8:0A:78:E0:C1:3E:13:52:30:B9:D8:6E:9D:81
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e39302e302f32332d3234203d3e20313532333935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.90.0/23
Signature Algorithm: sha256WithRSAEncryption
06:1f:3e:ac:cf:c5:55:ef:0f:c3:d5:aa:21:1c:5c:65:6b:e6:
10:b6:bd:7d:c2:0d:88:47:bc:fc:0f:0d:a6:ee:bc:d8:14:e7:
02:c1:9d:e5:85:2d:0e:20:66:eb:6d:18:7b:f7:ec:9b:fb:4f:
e1:7d:85:57:be:36:44:d4:70:90:1f:56:37:83:64:e6:84:53:
f5:49:22:e4:f6:ce:ac:5d:7c:9d:e4:c7:ea:5e:38:10:ba:d5:
27:30:67:e6:b9:a6:f4:c5:69:31:c5:a4:f3:7d:df:43:c4:51:
21:38:15:35:ed:fa:57:ac:d9:94:37:ef:a2:c3:08:af:eb:53:
c5:26:11:a0:55:87:e8:ec:1c:8b:1e:b7:d3:97:2c:67:ed:bb:
79:93:d4:7a:d2:ac:28:6c:9f:5c:c5:75:53:37:1a:81:09:3c:
2a:99:1a:e6:d0:20:07:df:9b:7c:1b:98:6a:c6:cd:8a:63:77:
92:34:e2:07:c3:df:53:92:fa:e7:82:89:58:aa:cb:73:6a:5e:
0a:d6:84:04:9e:4e:12:6e:6e:e5:e7:3c:d9:6e:f3:dd:c2:54:
60:67:5c:d5:a6:72:c4:6a:e3:e8:90:6c:64:b0:76:0f:80:65:
3b:85:c9:e3:b8:12:ee:12:b2:28:34:33:4a:7f:2b:19:e1:61:
7b:a9:72:53
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUHvSCZk5XzqI+3Shs8w0js5PfOcowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDMxNTAzMjYzNFoX
DTI1MDMxNDAzMzEzNFowMzExMC8GA1UEAxMoN0Q1RDA2NTc1NEMzQTgwQTc4RTBD
MTNFMTM1MjMwQjlEODZFOUQ4MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANxWASJ5l4AVQ9Vk/Qp7tMWHBoyQS/EmHrPwUeoGK+DD0i+L5BIK+sLItdpy
BiaccPX2WHf+/9GbhVKqLCSE+vYmW+q+D5JRiLJptZZoLQHK4UoN+qd9alVUyb1d
PV9KO6zLTSRg2F5nRJ7YQwhpWcf34fHT7U3f8x9gUDUO6t+vCCVJUdlNnjnAAPpC
BLJPLgVetI3x9nno9kHHuBQrgDBJ6d+IBTBQ7PEr0J+hKqjABfxrDP4MZ7vT9SRJ
h7gvaG9UMe7GoSF0tgqaIR4jvoQikCqNvbD05KUlMbm1aZl2ZEah9JLrEXY8+uSZ
SRfTdviXi0ffJpDsBrqYu2IssXMCAwEAAaOCAf8wggH7MB0GA1UdDgQWBBR9XQZX
VMOoCnjgwT4TUjC52G6dgTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMIGCBggrBgEFBQcBCwR2MHQwcgYIKwYBBQUHMAuGZnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL0lETklDLUlELzEvMzEzNTM3MmUz
MjMwMmUzOTMwMmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzEzNTMyMzMzOTM1LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBnRRaMA0GCSqGSIb3DQEBCwUAA4IBAQAGHz6sz8VV7w/D1aohHFxl
a+YQtr19wg2IR7z8Dw2m7rzYFOcCwZ3lhS0OIGbrbRh79+yb+0/hfYVXvjZE1HCQ
H1Y3g2TmhFP1SSLk9s6sXXyd5MfqXjgQutUnMGfmuab0xWkxxaTzfd9DxFEhOBU1
7fpXrNmUN++iwwiv61PFJhGgVYfo7ByLHrfTlyxn7bt5k9R60qwobJ9cxXVTNxqB
CTwqmRrm0CAH35t8G5hqxs2KY3eSNOIHw99TkvrngolYqstzal4K1oQEnk4Sbm7l
5zzZbvPdwlRgZ1zVpnLEauPokGxksHYPgGU7hcnjuBLuErIoNDNKfysZ4WF7qXJT
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:41:29 2025 by rpki-client