Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/c1f7c25b-410b-482a-9436-221ab079d368/0/3130332e35322e3231322e302f32342d3234203d3e20313336383234.roa
File: 3130332e35322e3231322e302f32342d3234203d3e20313336383234.roa (raw, json)
Hash identifier: Hh+zwzxH6Lpdhg3vBJgY9ikVdMmVNLRN/ksjmE0fQKU=
Subject key identifier: 22:06:55:EC:F1:5C:67:8B:34:59:3C:17:79:0C:D8:2E:C9:B3:DC:67
Certificate issuer: /CN=121FC37C40B5B0AFD8F88B57216FD43E29D11E1C
Certificate serial: 71D9F09D227BFF36ECC6204D0583F4BDF86B70AE
Authority key identifier: 12:1F:C3:7C:40:B5:B0:AF:D8:F8:8B:57:21:6F:D4:3E:29:D1:1E:1C
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/121FC37C40B5B0AFD8F88B57216FD43E29D11E1C.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/c1f7c25b-410b-482a-9436-221ab079d368/0/3130332e35322e3231322e302f32342d3234203d3e20313336383234.roa
Signing time: Thu 02 Nov 2023 03:13:48 +0000
ROA not before: Thu 02 Nov 2023 03:08:48 +0000
ROA not after: Thu 31 Oct 2024 03:13:48 +0000
asID: 136824
IP address blocks: 103.52.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:d9:f0:9d:22:7b:ff:36:ec:c6:20:4d:05:83:f4:bd:f8:6b:70:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=121FC37C40B5B0AFD8F88B57216FD43E29D11E1C
Validity
Not Before: Nov 2 03:08:48 2023 GMT
Not After : Oct 31 03:13:48 2024 GMT
Subject: CN=220655ECF15C678B34593C17790CD82EC9B3DC67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:65:20:28:8b:da:e3:76:e2:49:67:57:18:ad:
4b:99:78:65:52:34:86:24:71:4b:17:26:28:b1:4f:
03:8e:54:1c:e1:b3:f1:8c:13:8a:82:21:81:70:42:
2f:35:02:4c:f9:37:ff:00:97:89:6b:96:e5:72:78:
a9:98:1e:a1:b2:2d:40:fc:13:ea:6e:ca:d8:49:b6:
d0:ce:1f:81:15:c1:b3:dd:1b:ec:a5:49:54:f2:9c:
05:7c:df:6b:61:01:a9:0d:4c:a8:f5:b8:f3:95:8c:
42:27:dd:36:22:a8:03:aa:19:5e:0a:0f:09:f9:3c:
7c:e6:e5:c6:5b:5f:77:3e:03:7e:8e:e0:af:5c:7c:
83:b4:1d:28:6b:0c:67:c8:60:d5:94:b9:bf:0c:7b:
4a:47:35:21:14:a2:41:8d:e0:0f:a2:26:9c:fe:d4:
12:c8:6c:6f:7b:6a:70:b8:ec:9d:85:f8:b4:50:fd:
58:4e:ab:70:ef:71:19:8f:d6:1b:4c:29:98:d3:3e:
89:53:0e:f7:38:e5:22:0e:b7:fb:a1:9c:85:d9:79:
87:e9:8d:d4:c0:dc:30:dd:52:72:fc:fd:09:cb:7d:
8f:a9:61:c6:e7:67:01:80:e5:14:c3:cd:bc:e7:f0:
88:2a:58:91:76:ed:4d:58:c2:75:c9:d7:6f:b3:75:
93:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:06:55:EC:F1:5C:67:8B:34:59:3C:17:79:0C:D8:2E:C9:B3:DC:67
X509v3 Authority Key Identifier:
keyid:12:1F:C3:7C:40:B5:B0:AF:D8:F8:8B:57:21:6F:D4:3E:29:D1:1E:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/c1f7c25b-410b-482a-9436-221ab079d368/0/121FC37C40B5B0AFD8F88B57216FD43E29D11E1C.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/121FC37C40B5B0AFD8F88B57216FD43E29D11E1C.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c1f7c25b-410b-482a-9436-221ab079d368/0/3130332e35322e3231322e302f32342d3234203d3e20313336383234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.52.212.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:d4:1f:5e:82:ca:4c:26:6c:ed:01:84:ce:ee:a0:c0:70:27:
eb:97:0b:d4:2e:16:a1:56:c3:fe:cb:33:e4:94:9c:b2:85:a7:
b7:db:eb:cb:b7:10:bd:d8:d9:69:cf:cf:53:cb:25:6f:c4:54:
4c:cb:f6:c8:f2:78:34:10:96:e3:61:71:de:a7:ef:2f:e3:ed:
cd:1a:d0:59:ed:51:24:cf:91:ca:7d:c8:03:27:09:fe:cb:03:
15:cf:43:f0:2c:58:36:a3:3a:d5:ea:27:7c:41:ad:1b:c0:ef:
2f:69:f4:56:c4:0e:e6:f5:bb:63:37:97:1d:72:df:d2:27:61:
5f:d4:b7:8d:12:70:c2:e5:48:22:11:77:fc:0f:e6:0a:85:12:
e8:36:94:0d:40:45:61:38:80:bf:61:0b:4d:bb:dd:b9:11:ac:
24:c4:fd:89:87:9e:8c:07:92:3d:71:46:04:da:61:03:ba:37:
c1:37:3c:83:f6:63:d1:a1:a2:c6:ad:9b:b4:5e:1f:c8:a1:33:
16:2c:7d:4c:8c:58:59:33:43:4a:c6:f7:41:9f:8b:8e:78:43:
ab:b3:1c:9b:66:9d:a9:b3:f8:69:3e:45:d8:97:92:34:bc:23:
b8:75:61:89:f8:5b:0c:c2:a6:d1:cf:5c:61:6a:4a:a2:ea:86:
75:7a:1c:f9
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUcdnwnSJ7/zbsxiBNBYP0vfhrcK4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTIxRkMzN0M0MEI1QjBBRkQ4Rjg4QjU3MjE2RkQ0M0Uy
OUQxMUUxQzAeFw0yMzExMDIwMzA4NDhaFw0yNDEwMzEwMzEzNDhaMDMxMTAvBgNV
BAMTKDIyMDY1NUVDRjE1QzY3OEIzNDU5M0MxNzc5MENEODJFQzlCM0RDNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD7ZSAoi9rjduJJZ1cYrUuZeGVS
NIYkcUsXJiixTwOOVBzhs/GME4qCIYFwQi81Akz5N/8Al4lrluVyeKmYHqGyLUD8
E+puythJttDOH4EVwbPdG+ylSVTynAV832thAakNTKj1uPOVjEIn3TYiqAOqGV4K
Dwn5PHzm5cZbX3c+A36O4K9cfIO0HShrDGfIYNWUub8Me0pHNSEUokGN4A+iJpz+
1BLIbG97anC47J2F+LRQ/VhOq3DvcRmP1htMKZjTPolTDvc45SIOt/uhnIXZeYfp
jdTA3DDdUnL8/QnLfY+pYcbnZwGA5RTDzbzn8IgqWJF27U1YwnXJ12+zdZOTAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUIgZV7PFcZ4s0WTwXeQzYLsmz3GcwHwYDVR0j
BBgwFoAUEh/DfEC1sK/Y+ItXIW/UPinRHhwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
MWY3YzI1Yi00MTBiLTQ4MmEtOTQzNi0yMjFhYjA3OWQzNjgvMC8xMjFGQzM3QzQw
QjVCMEFGRDhGODhCNTcyMTZGRDQzRTI5RDExRTFDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTIxRkMzN0M0MEI1QjBBRkQ4Rjg4QjU3MjE2RkQ0M0UyOUQx
MUUxQy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2MxZjdjMjViLTQxMGItNDgyYS05
NDM2LTIyMWFiMDc5ZDM2OC8wLzMxMzAzMzJlMzUzMjJlMzIzMTMyMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzM2MzgzMjM0LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZzTUMA0GCSqG
SIb3DQEBCwUAA4IBAQCf1B9egspMJmztAYTO7qDAcCfrlwvULhahVsP+yzPklJyy
hae32+vLtxC92Nlpz89TyyVvxFRMy/bI8ng0EJbjYXHep+8v4+3NGtBZ7VEkz5HK
fcgDJwn+ywMVz0PwLFg2ozrV6id8Qa0bwO8vafRWxA7m9btjN5cdct/SJ2Ff1LeN
EnDC5UgiEXf8D+YKhRLoNpQNQEVhOIC/YQtNu925EawkxP2Jh56MB5I9cUYE2mED
ujfBNzyD9mPRoaLGrZu0Xh/IoTMWLH1MjFhZM0NKxvdBn4uOeEOrsxybZp2ps/hp
PkXYl5I0vCO4dWGJ+FsMwqbRz1xhakqi6oZ1ehz5
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:40:56 2025 by rpki-client