Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/aae6379e-b886-436e-b0ed-3aaff9c08501/0/3130332e3137302e33332e302f32342d3234203d3e20313432333631.roa
File: 3130332e3137302e33332e302f32342d3234203d3e20313432333631.roa (raw, json)
Hash identifier: IA7p71+DWlfg2TSnqFnnLYMstbrcym3xiITP/eIVvnw=
Subject key identifier: E2:A3:B4:D2:C7:BD:75:F2:A0:CE:EA:C1:C7:9B:FA:B7:34:F2:D9:38
Certificate issuer: /CN=B90B0AED87ECD7C87066450AB56ADE2996647CD5
Certificate serial: 386C3B706FE5F6F85951B42DA6873208028E3A16
Authority key identifier: B9:0B:0A:ED:87:EC:D7:C8:70:66:45:0A:B5:6A:DE:29:96:64:7C:D5
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B90B0AED87ECD7C87066450AB56ADE2996647CD5.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/aae6379e-b886-436e-b0ed-3aaff9c08501/0/3130332e3137302e33332e302f32342d3234203d3e20313432333631.roa
Signing time: Wed 20 Mar 2024 06:00:00 +0000
ROA not before: Wed 20 Mar 2024 05:55:00 +0000
ROA not after: Wed 19 Mar 2025 06:00:00 +0000
asID: 142361
IP address blocks: 103.170.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:6c:3b:70:6f:e5:f6:f8:59:51:b4:2d:a6:87:32:08:02:8e:3a:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B90B0AED87ECD7C87066450AB56ADE2996647CD5
Validity
Not Before: Mar 20 05:55:00 2024 GMT
Not After : Mar 19 06:00:00 2025 GMT
Subject: CN=E2A3B4D2C7BD75F2A0CEEAC1C79BFAB734F2D938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d0:b6:9e:a1:9a:0d:7e:07:f4:0c:b8:a8:a0:
0e:90:62:4e:2e:c0:02:57:f2:52:b2:6b:52:d2:1e:
03:48:1b:18:9a:33:92:f2:95:ca:c9:46:c1:7d:53:
f9:40:f2:02:e3:62:12:87:75:a6:ab:b6:57:4e:0a:
34:27:45:ad:ae:a0:f7:ac:ce:26:a7:bc:f3:57:85:
a3:e4:56:b1:2a:e3:6f:14:67:a1:c3:60:d3:5a:8c:
f0:67:d4:b5:4e:89:52:da:52:74:92:17:8b:a8:0d:
11:46:7d:49:24:3e:ea:13:6a:bb:c8:45:c7:57:65:
15:ca:cb:d2:6f:c8:c3:73:4e:af:63:62:b0:64:74:
04:db:0b:e2:24:65:ed:8d:97:96:63:c2:17:19:4e:
1a:3d:6a:37:06:06:4d:36:c9:8d:60:ec:16:d1:ab:
13:a5:1a:1d:75:1e:4c:0a:ea:0e:e4:30:a1:4e:c5:
9b:f6:58:50:03:c4:f1:1d:d4:91:21:57:85:b2:ea:
e2:1c:9a:08:d0:82:d6:d7:53:79:35:e1:78:bc:e6:
08:38:78:94:9b:f0:83:99:2b:13:97:74:f8:da:a5:
af:37:9f:ed:1f:57:3c:c4:88:c5:9f:fe:d6:6c:fc:
46:35:67:20:1b:e6:cf:6a:5c:67:3f:70:e3:f7:f8:
e3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A3:B4:D2:C7:BD:75:F2:A0:CE:EA:C1:C7:9B:FA:B7:34:F2:D9:38
X509v3 Authority Key Identifier:
keyid:B9:0B:0A:ED:87:EC:D7:C8:70:66:45:0A:B5:6A:DE:29:96:64:7C:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/aae6379e-b886-436e-b0ed-3aaff9c08501/0/B90B0AED87ECD7C87066450AB56ADE2996647CD5.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B90B0AED87ECD7C87066450AB56ADE2996647CD5.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/aae6379e-b886-436e-b0ed-3aaff9c08501/0/3130332e3137302e33332e302f32342d3234203d3e20313432333631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.170.33.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:86:9b:76:8c:15:a1:fd:8f:e6:99:e7:9f:9b:9a:eb:1b:c5:
de:0b:ec:6a:cc:44:5a:0c:05:02:15:f8:1c:2a:b6:20:45:72:
b0:8b:cd:38:c2:b9:5d:72:59:ee:95:3b:2e:69:4c:b1:50:c2:
6a:57:43:7d:a4:7f:da:05:d9:4b:b3:23:2d:de:8a:25:b7:c2:
f9:92:d7:68:e0:17:e8:78:20:77:f0:d3:1a:ff:a5:1e:a6:33:
a0:1e:c5:5a:fb:92:23:66:42:63:31:f8:fb:b1:25:80:44:48:
6d:69:6a:f1:50:0a:2f:87:a4:dd:5f:2c:ce:44:a0:c2:b4:fc:
62:ce:c1:ca:83:3a:d5:d7:4f:f4:93:30:08:56:e1:76:ee:62:
44:37:bf:a3:7e:a7:f6:19:d7:7a:30:07:d3:ea:4f:60:9d:8d:
2d:e0:cb:87:c2:b6:9f:82:af:3f:05:46:b8:13:6a:68:69:31:
67:ae:d3:ff:d1:0b:16:af:a1:4f:22:bd:cf:14:64:2a:cf:29:
d4:f7:9d:cd:47:4b:9f:d0:1c:f6:9e:4a:7a:57:e6:7c:06:b7:
e9:78:a0:e4:f8:33:e8:d2:28:d0:f3:94:4d:d3:02:07:f6:b1:
84:34:d6:58:85:42:87:46:e0:2e:c9:a5:19:88:4a:57:23:93:
d8:2b:51:df
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUOGw7cG/l9vhZUbQtpocyCAKOOhYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjkwQjBBRUQ4N0VDRDdDODcwNjY0NTBBQjU2QURFMjk5
NjY0N0NENTAeFw0yNDAzMjAwNTU1MDBaFw0yNTAzMTkwNjAwMDBaMDMxMTAvBgNV
BAMTKEUyQTNCNEQyQzdCRDc1RjJBMENFRUFDMUM3OUJGQUI3MzRGMkQ5MzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDj0LaeoZoNfgf0DLiooA6QYk4u
wAJX8lKya1LSHgNIGxiaM5LylcrJRsF9U/lA8gLjYhKHdaartldOCjQnRa2uoPes
zianvPNXhaPkVrEq428UZ6HDYNNajPBn1LVOiVLaUnSSF4uoDRFGfUkkPuoTarvI
RcdXZRXKy9JvyMNzTq9jYrBkdATbC+IkZe2Nl5ZjwhcZTho9ajcGBk02yY1g7BbR
qxOlGh11HkwK6g7kMKFOxZv2WFADxPEd1JEhV4Wy6uIcmgjQgtbXU3k14Xi85gg4
eJSb8IOZKxOXdPjapa83n+0fVzzEiMWf/tZs/EY1ZyAb5s9qXGc/cOP3+OPzAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU4qO00se9dfKgzurBx5v6tzTy2TgwHwYDVR0j
BBgwFoAUuQsK7Yfs18hwZkUKtWreKZZkfNUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
YWU2Mzc5ZS1iODg2LTQzNmUtYjBlZC0zYWFmZjljMDg1MDEvMC9COTBCMEFFRDg3
RUNEN0M4NzA2NjQ1MEFCNTZBREUyOTk2NjQ3Q0Q1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjkwQjBBRUQ4N0VDRDdDODcwNjY0NTBBQjU2QURFMjk5NjY0
N0NENS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2FhZTYzNzllLWI4ODYtNDM2ZS1i
MGVkLTNhYWZmOWMwODUwMS8wLzMxMzAzMzJlMzEzNzMwMmUzMzMzMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNDMyMzMzNjMxLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ6ohMA0GCSqG
SIb3DQEBCwUAA4IBAQCmhpt2jBWh/Y/mmeefm5rrG8XeC+xqzERaDAUCFfgcKrYg
RXKwi804wrldclnulTsuaUyxUMJqV0N9pH/aBdlLsyMt3oolt8L5ktdo4BfoeCB3
8NMa/6UepjOgHsVa+5IjZkJjMfj7sSWAREhtaWrxUAovh6TdXyzORKDCtPxizsHK
gzrV10/0kzAIVuF27mJEN7+jfqf2Gdd6MAfT6k9gnY0t4MuHwrafgq8/BUa4E2po
aTFnrtP/0QsWr6FPIr3PFGQqzynU953NR0uf0Bz2nkp6V+Z8BrfpeKDk+DPo0ijQ
85RN0wIH9rGENNZYhUKHRuAuyaUZiEpXI5PYK1Hf
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:54:01 2025 by rpki-client