Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3266323a3a2f34382d3438203d3e203539323832.roa
File: 323430303a643638303a3266323a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier: z+bfXIVywbgOGYYe5GR+SV6atZIgXtS4slG6YLRpBLI=
Subject key identifier: 87:4F:B9:76:97:42:E5:FF:77:E4:66:D5:30:EF:B0:11:A3:F3:90:7C
Certificate issuer: /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial: 70B5484B909BFAEDC289DDEF1677255EE285D160
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3266323a3a2f34382d3438203d3e203539323832.roa
Signing time: Mon 26 Sep 2022 13:00:22 +0000
ROA not before: Mon 26 Sep 2022 12:55:22 +0000
ROA not after: Mon 25 Sep 2023 13:00:22 +0000
asID: 59282
IP address blocks: 2400:d680:2f2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:b5:48:4b:90:9b:fa:ed:c2:89:dd:ef:16:77:25:5e:e2:85:d1:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Validity
Not Before: Sep 26 12:55:22 2022 GMT
Not After : Sep 25 13:00:22 2023 GMT
Subject: CN=874FB9769742E5FF77E466D530EFB011A3F3907C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:76:62:cb:7e:64:22:40:73:32:43:83:ed:2a:
1f:84:a9:0d:df:bb:ef:43:06:bb:99:dd:60:1f:e6:
ec:04:28:f7:98:7b:4a:74:8a:5f:1a:56:c8:6e:9b:
20:6e:5d:3f:f2:78:6d:e0:53:39:f3:9d:d8:eb:c9:
c0:23:9b:44:07:3e:99:39:1a:05:8c:cd:97:be:28:
66:a2:72:e8:71:90:5b:ca:ab:82:72:28:a5:97:08:
01:40:f5:f3:b6:f8:e1:cd:8f:10:ee:54:e0:65:f4:
59:51:e0:8c:d5:72:77:c4:d2:da:8c:dc:c4:0d:23:
c8:5b:65:53:3e:80:ea:e8:3f:bc:0a:5f:01:b9:48:
b1:84:1e:06:e6:a2:8a:d1:60:c2:9a:53:b3:2d:11:
e9:31:8f:e7:12:f6:12:0a:fa:d7:30:1e:c8:c8:e3:
10:1c:86:2d:84:78:40:38:35:b3:d3:5a:ad:f8:0a:
44:54:70:fc:1b:2f:b8:ea:7b:8d:76:72:61:1c:10:
09:e1:0f:fe:97:b5:a4:28:ee:95:20:3c:51:06:5e:
20:81:61:e8:58:dd:97:04:d5:07:e4:5b:09:79:d6:
30:9d:1a:92:37:b7:35:d7:30:2d:0f:2c:dc:4f:88:
9a:be:6a:10:7e:52:53:43:c8:e5:b6:a0:77:58:35:
52:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:4F:B9:76:97:42:E5:FF:77:E4:66:D5:30:EF:B0:11:A3:F3:90:7C
X509v3 Authority Key Identifier:
keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3266323a3a2f34382d3438203d3e203539323832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:d680:2f2::/48
Signature Algorithm: sha256WithRSAEncryption
73:92:b2:1b:72:bc:61:59:2a:c4:83:d5:30:e8:f9:72:54:8c:
0a:82:72:8b:0a:78:97:67:39:c2:30:ec:c5:ae:14:5b:76:96:
f2:51:fd:80:e1:51:f2:04:11:a5:e4:07:8e:12:f5:cf:f2:0e:
19:40:ae:ce:a2:99:9c:cf:35:53:9b:44:5d:a1:9a:ee:20:d3:
bf:30:f4:f6:0e:b4:90:b8:23:45:6c:f3:0b:34:48:ef:d0:1c:
1b:1f:ee:61:bf:b3:bb:bc:c3:8d:b3:d5:37:dd:16:99:13:60:
8f:f3:19:ab:41:ee:ea:7f:4a:dd:dd:9d:21:e9:6b:cc:2d:7a:
4b:67:19:67:3a:cf:d2:9a:41:17:42:ec:57:27:a8:37:0f:44:
43:14:84:7c:09:88:9f:d4:20:09:d9:93:5c:bf:b1:0f:97:a3:
94:a2:03:38:e4:8d:99:4c:02:76:39:d2:47:19:0e:32:fe:34:
a1:78:a3:81:81:db:d2:af:ce:a4:07:e6:30:a5:21:5c:82:b5:
ff:5f:1d:6c:c1:76:42:05:52:1f:4d:74:23:ae:1d:39:00:02:
b5:00:b2:3f:5e:60:69:89:3e:36:6d:83:89:b5:53:b3:a7:1c:
17:16:e6:05:1a:b0:60:a6:a8:76:85:e0:f7:3e:f3:0c:92:c7:
42:29:cb:96
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUcLVIS5Cb+u3Cid3vFnclXuKF0WAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYxMjU1MjJaFw0yMzA5MjUxMzAwMjJaMDMxMTAvBgNV
BAMTKDg3NEZCOTc2OTc0MkU1RkY3N0U0NjZENTMwRUZCMDExQTNGMzkwN0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7dmLLfmQiQHMyQ4PtKh+EqQ3f
u+9DBruZ3WAf5uwEKPeYe0p0il8aVshumyBuXT/yeG3gUznzndjrycAjm0QHPpk5
GgWMzZe+KGaicuhxkFvKq4JyKKWXCAFA9fO2+OHNjxDuVOBl9FlR4IzVcnfE0tqM
3MQNI8hbZVM+gOroP7wKXwG5SLGEHgbmoorRYMKaU7MtEekxj+cS9hIK+tcwHsjI
4xAchi2EeEA4NbPTWq34CkRUcPwbL7jqe412cmEcEAnhD/6XtaQo7pUgPFEGXiCB
YehY3ZcE1QfkWwl51jCdGpI3tzXXMC0PLNxPiJq+ahB+UlNDyOW2oHdYNVL7AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUh0+5dpdC5f935GbVMO+wEaPzkHwwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzI2NjMyM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAC
8jANBgkqhkiG9w0BAQsFAAOCAQEAc5KyG3K8YVkqxIPVMOj5clSMCoJyiwp4l2c5
wjDsxa4UW3aW8lH9gOFR8gQRpeQHjhL1z/IOGUCuzqKZnM81U5tEXaGa7iDTvzD0
9g60kLgjRWzzCzRI79AcGx/uYb+zu7zDjbPVN90WmRNgj/MZq0Hu6n9K3d2dIelr
zC16S2cZZzrP0ppBF0LsVyeoNw9EQxSEfAmIn9QgCdmTXL+xD5ejlKIDOOSNmUwC
djnSRxkOMv40oXijgYHb0q/OpAfmMKUhXIK1/18dbMF2QgVSH010I64dOQACtQCy
P15gaYk+Nm2DibVTs6ccFxbmBRqwYKaodoXg9z7zDJLHQinLlg==
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:04:12 2025 by rpki-client