Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3330663a3a2f34382d3438203d3e203539323832.roa
File: 323430303a643638303a3330663a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier: D14PP39EMrY44cx+MsOzZQxq5yRKgg5Qs9W4dgk6diE=
Subject key identifier: 90:43:87:67:F5:BC:8D:86:D2:41:08:E8:1F:1B:E5:43:85:D1:F1:82
Certificate issuer: /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial: 6652D9082046DA8C9F55648D9399F4BE5FDE1BEC
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3330663a3a2f34382d3438203d3e203539323832.roa
Signing time: Mon 26 Sep 2022 10:00:04 +0000
ROA not before: Mon 26 Sep 2022 09:55:04 +0000
ROA not after: Mon 25 Sep 2023 10:00:04 +0000
asID: 59282
IP address blocks: 2400:d680:30f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:52:d9:08:20:46:da:8c:9f:55:64:8d:93:99:f4:be:5f:de:1b:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Validity
Not Before: Sep 26 09:55:04 2022 GMT
Not After : Sep 25 10:00:04 2023 GMT
Subject: CN=90438767F5BC8D86D24108E81F1BE54385D1F182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:6a:4d:9e:3b:fa:af:fc:c2:c2:c9:6b:3a:b5:
20:cc:dc:24:25:62:ee:5f:cb:fc:de:16:55:2d:7d:
0b:d1:be:8a:0d:6e:cb:ff:43:f5:69:cc:ea:ea:f9:
e5:4e:f4:26:fb:df:c1:7c:c8:ea:8c:96:6f:e1:88:
e3:10:8c:c8:ce:bd:58:f8:68:1c:93:98:fe:ab:07:
09:e4:cd:bd:ad:dc:08:1d:6b:b2:19:6e:f0:9e:fd:
f2:a0:8c:09:54:55:f8:7b:23:81:53:d0:17:48:81:
cd:e3:24:cb:ff:1f:9f:56:20:2a:d1:1f:04:d3:7c:
61:9b:e1:d4:23:b8:bc:d1:f6:fc:0f:2f:d3:86:3e:
6a:8d:5c:3d:dd:4c:60:bf:65:8c:09:21:4b:ca:08:
72:f0:f7:6b:04:2e:95:65:fe:e3:68:df:98:ef:3e:
ef:c3:5f:86:7f:d0:bb:ea:a3:63:3f:0c:37:5a:b6:
ea:29:3b:06:6a:e2:75:b0:99:6d:8a:09:b9:50:a6:
c9:d5:49:f9:84:87:ea:e4:dc:d7:01:44:15:fb:bc:
a0:30:8b:8b:61:ae:82:18:c1:41:cf:98:61:13:dc:
f6:b7:b7:7d:3d:bf:b8:bb:ed:ba:71:1b:b9:d0:ed:
ff:8a:6f:74:ff:a7:19:a1:b0:16:03:cd:88:7c:59:
51:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:43:87:67:F5:BC:8D:86:D2:41:08:E8:1F:1B:E5:43:85:D1:F1:82
X509v3 Authority Key Identifier:
keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3330663a3a2f34382d3438203d3e203539323832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:d680:30f::/48
Signature Algorithm: sha256WithRSAEncryption
04:75:95:c3:93:72:75:03:7b:89:5f:af:b3:01:fa:73:7b:5d:
7b:15:d8:e9:1f:be:41:9c:f2:38:3f:90:14:c8:81:d3:d5:18:
ea:f5:e6:1e:07:d5:1f:44:43:e8:a7:1f:80:c8:8f:3a:77:32:
a1:a7:aa:5c:4a:4d:69:de:b2:b6:49:ed:ab:1f:cf:63:c0:93:
25:bf:2d:8e:cf:e9:a7:30:a5:de:04:a8:6e:e5:6f:94:14:33:
74:9e:78:82:f7:5c:f6:74:e1:00:ca:fd:ac:0f:42:28:b0:e7:
be:6d:a2:c4:e5:93:34:8f:27:e3:5e:26:e2:03:18:07:e1:13:
b2:31:b7:86:59:96:b5:49:64:0b:f1:3e:03:1d:64:23:86:ee:
b6:78:52:f9:b0:3b:99:bf:ba:5e:68:10:7e:07:a0:b2:f8:1e:
75:47:f1:a4:69:26:cc:38:7f:ba:51:0d:13:90:1d:78:88:b6:
ed:cc:b5:fc:fe:03:7c:d5:e6:55:51:ef:2b:3b:25:de:27:21:
a2:a3:1e:1b:9e:c2:03:08:33:f8:00:e5:a9:7e:ea:81:17:01:
3d:1f:08:8a:f7:9a:96:36:88:82:17:a9:ea:b6:d4:0c:ec:07:
c2:97:49:81:b1:a1:8e:d7:02:da:2a:df:6f:81:f2:5c:16:a8:
60:b3:3c:65
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUZlLZCCBG2oyfVWSNk5n0vl/eG+wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwOTU1MDRaFw0yMzA5MjUxMDAwMDRaMDMxMTAvBgNV
BAMTKDkwNDM4NzY3RjVCQzhEODZEMjQxMDhFODFGMUJFNTQzODVEMUYxODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMak2eO/qv/MLCyWs6tSDM3CQl
Yu5fy/zeFlUtfQvRvooNbsv/Q/VpzOrq+eVO9Cb738F8yOqMlm/hiOMQjMjOvVj4
aByTmP6rBwnkzb2t3Agda7IZbvCe/fKgjAlUVfh7I4FT0BdIgc3jJMv/H59WICrR
HwTTfGGb4dQjuLzR9vwPL9OGPmqNXD3dTGC/ZYwJIUvKCHLw92sELpVl/uNo35jv
Pu/DX4Z/0Lvqo2M/DDdatuopOwZq4nWwmW2KCblQpsnVSfmEh+rk3NcBRBX7vKAw
i4throIYwUHPmGET3Pa3t309v7i77bpxG7nQ7f+Kb3T/pxmhsBYDzYh8WVFvAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUkEOHZ/W8jYbSQQjoHxvlQ4XR8YIwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzMzMDY2M2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAD
DzANBgkqhkiG9w0BAQsFAAOCAQEABHWVw5NydQN7iV+vswH6c3tdexXY6R++QZzy
OD+QFMiB09UY6vXmHgfVH0RD6KcfgMiPOncyoaeqXEpNad6ytkntqx/PY8CTJb8t
js/ppzCl3gSobuVvlBQzdJ54gvdc9nThAMr9rA9CKLDnvm2ixOWTNI8n414m4gMY
B+ETsjG3hlmWtUlkC/E+Ax1kI4butnhS+bA7mb+6XmgQfgegsvgedUfxpGkmzDh/
ulENE5AdeIi27cy1/P4DfNXmVVHvKzsl3ichoqMeG57CAwgz+ADlqX7qgRcBPR8I
ivealjaIghep6rbUDOwHwpdJgbGhjtcC2irfb4HyXBaoYLM8ZQ==
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:03:06 2025 by rpki-client