Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3338353a3a2f34382d3438203d3e203539323832.roa
File: 323430303a643638303a3338353a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier: rKy0aM/4SC/AceRri0tNv6ZnJfNkQMEq/ldEHf143XM=
Subject key identifier: 73:D4:48:65:34:4A:CE:3F:27:61:29:45:8C:2F:7B:A3:FA:89:9C:43
Certificate issuer: /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial: 7AECDC047D61AEE0FCB5B8D6CE747971B9D20412
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3338353a3a2f34382d3438203d3e203539323832.roa
Signing time: Mon 26 Sep 2022 11:00:33 +0000
ROA not before: Mon 26 Sep 2022 10:55:33 +0000
ROA not after: Mon 25 Sep 2023 11:00:33 +0000
asID: 59282
IP address blocks: 2400:d680:385::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:ec:dc:04:7d:61:ae:e0:fc:b5:b8:d6:ce:74:79:71:b9:d2:04:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Validity
Not Before: Sep 26 10:55:33 2022 GMT
Not After : Sep 25 11:00:33 2023 GMT
Subject: CN=73D44865344ACE3F276129458C2F7BA3FA899C43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:14:43:e9:e7:80:64:3f:81:9a:f6:60:34:29:
1f:fb:4b:86:e7:35:17:85:39:e3:4d:59:2a:21:c7:
54:29:11:ea:52:32:2d:f4:8f:d6:50:8a:24:49:18:
ad:2e:6a:da:ea:f3:62:2a:9b:63:78:f4:c1:ff:a9:
7d:36:34:72:9c:48:e6:19:26:14:78:30:ec:d4:9b:
07:d2:30:9e:68:b3:57:b7:3d:19:05:ba:f6:5c:f4:
75:ca:60:af:9e:4d:35:57:9f:26:51:7b:6b:40:33:
c8:87:53:92:fe:06:87:6c:33:51:aa:4f:76:68:c8:
de:05:fe:c7:43:24:43:37:f8:55:6b:de:f8:75:cc:
07:03:86:de:6d:be:01:a3:cb:8e:35:e1:ba:9f:29:
18:b5:54:e4:d8:18:ca:0c:0f:12:24:9a:ea:13:b5:
29:8d:a7:93:e5:c4:dd:b0:a0:9d:19:8d:66:55:e4:
37:22:a4:c3:cf:2b:a7:89:bc:fd:b1:a8:8f:f5:fb:
d4:4d:06:5e:0d:23:2b:a1:55:f6:e5:d9:ba:6e:f9:
46:0a:6b:97:8d:18:37:12:b2:c2:e0:01:43:13:d3:
ce:07:11:0e:50:77:8c:26:9a:18:4b:7e:06:39:e2:
8a:17:bd:a0:7c:6d:f1:01:d1:61:ce:46:e2:66:91:
93:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D4:48:65:34:4A:CE:3F:27:61:29:45:8C:2F:7B:A3:FA:89:9C:43
X509v3 Authority Key Identifier:
keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3338353a3a2f34382d3438203d3e203539323832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:d680:385::/48
Signature Algorithm: sha256WithRSAEncryption
87:61:64:91:e2:61:4c:08:75:92:07:90:3f:ce:be:b8:25:ab:
00:f0:ce:52:20:a8:1a:f3:83:cb:1c:57:b6:c2:f7:e0:28:e1:
0a:90:99:af:55:fa:90:28:4d:f5:cc:a0:87:bc:4f:b9:e3:d8:
36:24:f6:d8:6a:bd:60:a4:e8:82:0a:35:6b:18:9d:ec:ac:f7:
a4:49:fa:a6:de:c7:64:c1:5b:20:37:66:94:77:dd:bd:c7:a1:
73:88:a4:92:1a:26:df:32:d4:88:72:00:3e:91:10:aa:b3:15:
0a:b2:c1:2d:b3:08:21:14:12:86:9d:35:9c:0f:c1:e9:8f:48:
19:c6:a6:57:b4:2c:4b:3e:b1:e9:41:d4:aa:c6:f4:14:94:5f:
b5:71:9c:12:11:42:dd:65:b5:02:54:75:96:c6:0a:d9:3d:1c:
0c:53:f3:b3:eb:16:85:f2:6b:33:0d:a1:71:76:8f:6d:f1:22:
79:5d:6f:79:ef:82:f3:4e:e4:42:4b:30:83:0a:e2:4b:09:54:
16:7f:f0:9f:6b:c3:50:6c:02:48:36:bf:8f:23:cf:fd:78:bb:
d4:07:77:a2:23:96:ab:cf:55:75:7d:81:8c:29:e9:d7:90:84:
ac:e2:10:78:b9:71:fa:35:10:16:86:57:5e:bb:63:af:bf:fb:
38:10:42:76
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUeuzcBH1hruD8tbjWznR5cbnSBBIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYxMDU1MzNaFw0yMzA5MjUxMTAwMzNaMDMxMTAvBgNV
BAMTKDczRDQ0ODY1MzQ0QUNFM0YyNzYxMjk0NThDMkY3QkEzRkE4OTlDNDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQFEPp54BkP4Ga9mA0KR/7S4bn
NReFOeNNWSohx1QpEepSMi30j9ZQiiRJGK0uatrq82Iqm2N49MH/qX02NHKcSOYZ
JhR4MOzUmwfSMJ5os1e3PRkFuvZc9HXKYK+eTTVXnyZRe2tAM8iHU5L+BodsM1Gq
T3ZoyN4F/sdDJEM3+FVr3vh1zAcDht5tvgGjy4414bqfKRi1VOTYGMoMDxIkmuoT
tSmNp5PlxN2woJ0ZjWZV5DcipMPPK6eJvP2xqI/1+9RNBl4NIyuhVfbl2bpu+UYK
a5eNGDcSssLgAUMT084HEQ5Qd4wmmhhLfgY54ooXvaB8bfEB0WHORuJmkZMLAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUc9RIZTRKzj8nYSlFjC97o/qJnEMwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzMzODM1M2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAD
hTANBgkqhkiG9w0BAQsFAAOCAQEAh2FkkeJhTAh1kgeQP86+uCWrAPDOUiCoGvOD
yxxXtsL34CjhCpCZr1X6kChN9cygh7xPuePYNiT22Gq9YKToggo1axid7Kz3pEn6
pt7HZMFbIDdmlHfdvcehc4ikkhom3zLUiHIAPpEQqrMVCrLBLbMIIRQShp01nA/B
6Y9IGcamV7QsSz6x6UHUqsb0FJRftXGcEhFC3WW1AlR1lsYK2T0cDFPzs+sWhfJr
Mw2hcXaPbfEieV1vee+C807kQkswgwriSwlUFn/wn2vDUGwCSDa/jyPP/Xi71Ad3
oiOWq89VdX2BjCnp15CErOIQeLlx+jUQFoZXXrtjr7/7OBBCdg==
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:05:17 2025 by rpki-client