Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e39362e302f32332d3234203d3e20313336303532.roa
File: 3135372e32302e39362e302f32332d3234203d3e20313336303532.roa (raw, json)
Hash identifier: Du1nKL/pOfPvuTs6baYEszA0qTlkoIM5l2UH2IG6MG4=
Subject key identifier: 1B:4A:03:6B:8D:4D:F9:91:09:A7:8D:7E:78:02:16:58:92:29:D8:DC
Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial: 3E922232266C92C7FF06D85D7483BFA1E65ACDBC
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e39362e302f32332d3234203d3e20313336303532.roa
Signing time: Mon 03 Feb 2025 04:01:44 +0000
ROA not before: Mon 03 Feb 2025 03:56:44 +0000
ROA not after: Mon 02 Feb 2026 04:01:44 +0000
asID: 136052
IP address blocks: 157.20.96.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 06 Apr 2025 09:20:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:92:22:32:26:6c:92:c7:ff:06:d8:5d:74:83:bf:a1:e6:5a:cd:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91862140000
Validity
Not Before: Feb 3 03:56:44 2025 GMT
Not After : Feb 2 04:01:44 2026 GMT
Subject: CN=1B4A036B8D4DF99109A78D7E780216589229D8DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:4d:c0:64:98:1a:00:67:4b:7e:29:65:67:0b:
fa:36:52:5e:31:ec:ed:ff:8d:d5:6f:d5:97:e9:55:
b9:7d:ae:ea:41:3c:f9:b4:72:58:ac:c2:73:d8:4c:
a7:ff:70:33:57:10:87:4f:f2:7f:50:d1:9a:90:a0:
32:d5:c3:d6:30:27:6d:66:30:8c:d2:3c:e0:70:18:
08:04:f4:6e:dc:bd:17:45:29:99:ec:be:4e:90:0e:
df:b1:16:8f:55:08:c0:d2:d7:96:36:b0:84:1f:72:
31:a4:20:80:4c:f5:17:a4:63:55:35:48:7e:d5:16:
40:0a:1c:d8:e6:bf:97:96:ca:14:79:ea:d6:29:e8:
10:60:38:99:d2:f6:58:fa:ec:0e:1a:dd:79:3e:7f:
26:77:3e:d4:a8:ae:6f:cb:d4:08:ef:98:3e:2b:0d:
aa:16:1d:8c:fc:88:f0:b6:73:3c:29:6a:35:b9:82:
6a:b2:2e:aa:7b:3e:6b:93:fc:cf:07:63:8d:9a:f5:
4e:9a:6a:5d:bb:ef:46:b6:a0:24:91:9d:5d:b8:c9:
50:80:d8:8c:93:c2:5f:88:1c:a0:61:87:50:01:0f:
4b:07:8f:c2:12:a7:3c:f4:3f:af:f0:0b:0f:f1:0e:
cd:fb:c6:e1:5f:c0:23:eb:ea:4a:45:b0:24:71:ea:
a0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:4A:03:6B:8D:4D:F9:91:09:A7:8D:7E:78:02:16:58:92:29:D8:DC
X509v3 Authority Key Identifier:
keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3135372e32302e39362e302f32332d3234203d3e20313336303532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.96.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:bc:86:e5:27:95:f1:b5:a3:91:a1:e1:b1:b0:26:65:b3:82:
e1:a4:07:71:56:25:c9:fc:b1:f7:a1:1c:d7:fa:27:f4:4e:ff:
01:ba:09:7d:44:99:f9:15:e5:97:9a:01:bb:8f:06:08:72:70:
6b:d0:c8:91:3f:f5:8b:99:d0:1b:33:d6:04:ef:ff:ea:04:28:
d3:3e:7d:af:09:21:7e:3f:4f:22:fa:b5:fa:a4:2f:27:8f:5c:
89:16:5f:a2:6c:e9:cc:3e:21:44:59:3f:c2:cd:91:3b:4b:b7:
8d:2a:ee:fd:4d:51:b2:8c:f9:2d:5e:64:cd:a1:7e:5b:fa:1c:
4c:15:61:30:fe:fb:6b:2e:7f:32:f8:66:2c:fa:1b:a0:b7:12:
7c:a1:19:b7:03:d7:5d:73:4c:21:e8:2a:95:d5:30:f2:c1:f3:
00:e7:50:83:a4:86:6e:f0:93:cd:8a:57:54:92:21:c9:f5:b1:
c6:25:fd:75:e4:61:68:53:1a:f3:98:dc:d7:3a:2c:93:c7:cf:
d5:60:c3:77:e3:6a:04:15:b9:c9:1d:ac:4d:03:f5:59:39:be:
16:b1:52:61:65:1f:18:cb:cb:fd:0a:2f:79:25:9f:43:88:8c:
46:76:35:b1:8e:87:d3:d8:01:02:e8:91:9f:b6:53:8e:23:a8:
1f:ba:e2:e6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUPpIiMiZsksf/BthddIO/oeZazbwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwMzAzNTY0NFoX
DTI2MDIwMjA0MDE0NFowMzExMC8GA1UEAxMoMUI0QTAzNkI4RDRERjk5MTA5QTc4
RDdFNzgwMjE2NTg5MjI5RDhEQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALtNwGSYGgBnS34pZWcL+jZSXjHs7f+N1W/Vl+lVuX2u6kE8+bRyWKzCc9hM
p/9wM1cQh0/yf1DRmpCgMtXD1jAnbWYwjNI84HAYCAT0bty9F0Upmey+TpAO37EW
j1UIwNLXljawhB9yMaQggEz1F6RjVTVIftUWQAoc2Oa/l5bKFHnq1inoEGA4mdL2
WPrsDhrdeT5/Jnc+1Kiub8vUCO+YPisNqhYdjPyI8LZzPClqNbmCarIuqns+a5P8
zwdjjZr1TppqXbvvRragJJGdXbjJUIDYjJPCX4gcoGGHUAEPSwePwhKnPPQ/r/AL
D/EOzfvG4V/AI+vqSkWwJHHqoIsCAwEAAaOCAf8wggH7MB0GA1UdDgQWBBQbSgNr
jU35kQmnjX54AhZYkinY3DAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG
1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy
NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey
NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT
b082dUZCdFEuY2VyMIGCBggrBgEFBQcBCwR2MHQwcgYIKwYBBQUHMAuGZnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL0lETklDLUlELzEvMzEzNTM3MmUz
MjMwMmUzOTM2MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzEzMzM2MzAzNTMyLnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQBnRRgMA0GCSqGSIb3DQEBCwUAA4IBAQBLvIblJ5XxtaORoeGxsCZl
s4LhpAdxViXJ/LH3oRzX+if0Tv8Bugl9RJn5FeWXmgG7jwYIcnBr0MiRP/WLmdAb
M9YE7//qBCjTPn2vCSF+P08i+rX6pC8nj1yJFl+ibOnMPiFEWT/CzZE7S7eNKu79
TVGyjPktXmTNoX5b+hxMFWEw/vtrLn8y+GYs+hugtxJ8oRm3A9ddc0wh6CqV1TDy
wfMA51CDpIZu8JPNildUkiHJ9bHGJf115GFoUxrzmNzXOiyTx8/VYMN342oEFbnJ
HaxNA/VZOb4WsVJhZR8Yy8v9Ci95JZ9DiIxGdjWxjofT2AEC6JGftlOOI6gfuuLm
-----END CERTIFICATE-----
Generated at Mon Apr 7 06:34:01 2025 by rpki-client