Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/34332e3234372e33342e302f32342d3234203d3e203136353039.roa
File: 34332e3234372e33342e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: I9Rk/Ok9fcrT+b3PAmLVtaqLvZrz1Snwm9pkeXGrmtQ=
Subject key identifier: CE:F8:97:36:9B:46:CF:41:3C:81:A9:FC:E3:02:48:7A:7C:EE:C6:7E
Certificate issuer: /CN=154EE03198467B96315FDB527FB3BBCCA0BFC441
Certificate serial: 16B4CB77B3E7AA33DCE1325AE586B71B33C296B7
Authority key identifier: 15:4E:E0:31:98:46:7B:96:31:5F:DB:52:7F:B3:BB:CC:A0:BF:C4:41
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/154EE03198467B96315FDB527FB3BBCCA0BFC441.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/34332e3234372e33342e302f32342d3234203d3e203136353039.roa
Signing time: Mon 31 Jul 2023 00:06:24 +0000
ROA not before: Mon 31 Jul 2023 00:01:24 +0000
ROA not after: Mon 29 Jul 2024 00:06:24 +0000
asID: 16509
IP address blocks: 43.247.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:b4:cb:77:b3:e7:aa:33:dc:e1:32:5a:e5:86:b7:1b:33:c2:96:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=154EE03198467B96315FDB527FB3BBCCA0BFC441
Validity
Not Before: Jul 31 00:01:24 2023 GMT
Not After : Jul 29 00:06:24 2024 GMT
Subject: CN=CEF897369B46CF413C81A9FCE302487A7CEEC67E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8f:5b:c0:cd:ca:81:bf:12:bc:3b:6c:6a:c8:
ea:f8:eb:51:cf:98:5f:53:7a:6e:2f:3e:fb:fa:51:
4f:67:3a:dc:e9:5d:4b:a6:ef:8e:00:87:2c:fb:65:
47:40:27:10:94:74:ee:3b:3d:77:b7:a7:69:99:ed:
cc:fe:82:d1:12:85:c8:e5:4c:fd:2d:24:49:53:d3:
3c:3e:82:5c:ec:a4:dc:35:8d:c2:d9:07:0e:7c:f2:
59:e4:df:2b:a9:c0:7e:dd:8a:8d:1a:6a:9e:3e:08:
e2:ff:f7:5b:2e:93:b9:5d:a3:55:88:b9:91:6d:cf:
c5:df:b1:a1:e2:b7:12:c2:5d:6d:f2:56:47:21:a5:
ed:dd:e0:fc:7b:f5:dc:20:85:8b:db:3a:0d:af:c5:
32:f5:d5:0e:04:60:56:d4:48:e6:5d:3e:10:01:88:
d1:a5:f8:1d:56:38:80:cd:3f:32:3c:0f:ba:d2:13:
02:d6:b9:94:e2:e4:fe:28:51:11:b0:11:13:d2:50:
32:3d:7e:63:ac:ea:f8:83:08:a5:7f:23:4c:8d:99:
f7:8a:5e:b8:e8:2e:13:30:ed:55:7f:a1:06:44:d4:
3e:b1:c0:56:26:4d:84:1d:80:f2:d7:81:18:b7:43:
3d:3a:9b:2c:27:17:55:22:ee:14:f9:37:80:cf:63:
4e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:F8:97:36:9B:46:CF:41:3C:81:A9:FC:E3:02:48:7A:7C:EE:C6:7E
X509v3 Authority Key Identifier:
keyid:15:4E:E0:31:98:46:7B:96:31:5F:DB:52:7F:B3:BB:CC:A0:BF:C4:41
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/154EE03198467B96315FDB527FB3BBCCA0BFC441.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/154EE03198467B96315FDB527FB3BBCCA0BFC441.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/34332e3234372e33342e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.247.34.0/24
Signature Algorithm: sha256WithRSAEncryption
af:8e:34:49:52:c8:b3:de:1c:f5:fd:b9:74:08:ca:bb:16:63:
c0:81:8e:66:df:ab:22:68:5c:92:00:58:32:81:bf:e9:cc:7d:
94:51:59:94:56:b0:77:4a:f7:98:08:06:06:65:ab:c0:a1:dc:
6f:84:90:71:b2:7a:f6:87:00:a5:19:53:2b:79:f6:ae:87:ea:
c8:c7:84:cd:e8:35:c7:67:70:cd:dd:3a:e7:79:49:28:62:7b:
c4:ce:46:c5:89:c3:0f:c6:e9:47:a9:a7:0f:e9:a6:2b:60:f6:
b3:79:40:0c:a2:92:9d:9d:39:9d:6d:ae:0e:91:71:42:b0:6c:
e0:11:6b:ac:ad:32:09:40:97:1c:69:28:09:3d:ef:93:ca:e9:
58:61:5b:05:1e:a2:25:c4:ed:88:87:de:5c:12:fd:a7:30:5d:
e6:99:39:d7:4a:78:cc:a7:f6:4b:6c:7f:63:48:d2:3c:8f:5f:
6d:4c:37:85:a5:53:88:e1:39:c6:cd:ca:45:1b:37:9c:de:07:
04:a5:7d:b2:5f:20:39:6c:04:d5:f0:1c:7c:3c:44:13:0f:f1:
25:13:f8:ff:f8:61:26:02:e5:30:e6:a8:58:8d:1d:f5:84:62:
53:55:83:c3:fb:26:b5:8f:b0:84:b7:2a:cf:8b:75:c1:f7:1c:
1a:f1:13:67
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUFrTLd7PnqjPc4TJa5Ya3GzPClrcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTU0RUUwMzE5ODQ2N0I5NjMxNUZEQjUyN0ZCM0JCQ0NB
MEJGQzQ0MTAeFw0yMzA3MzEwMDAxMjRaFw0yNDA3MjkwMDA2MjRaMDMxMTAvBgNV
BAMTKENFRjg5NzM2OUI0NkNGNDEzQzgxQTlGQ0UzMDI0ODdBN0NFRUM2N0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRj1vAzcqBvxK8O2xqyOr461HP
mF9Tem4vPvv6UU9nOtzpXUum744Ahyz7ZUdAJxCUdO47PXe3p2mZ7cz+gtEShcjl
TP0tJElT0zw+glzspNw1jcLZBw588lnk3yupwH7dio0aap4+COL/91suk7ldo1WI
uZFtz8XfsaHitxLCXW3yVkchpe3d4Px79dwghYvbOg2vxTL11Q4EYFbUSOZdPhAB
iNGl+B1WOIDNPzI8D7rSEwLWuZTi5P4oURGwERPSUDI9fmOs6viDCKV/I0yNmfeK
XrjoLhMw7VV/oQZE1D6xwFYmTYQdgPLXgRi3Qz06mywnF1Ui7hT5N4DPY049AgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUzviXNptGz0E8gan84wJIenzuxn4wHwYDVR0j
BBgwFoAUFU7gMZhGe5YxX9tSf7O7zKC/xEEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
NjIxZjc1My1hODhlLTRlZGYtYTMwNi1iZDkzZDVhMzhmZWEvMC8xNTRFRTAzMTk4
NDY3Qjk2MzE1RkRCNTI3RkIzQkJDQ0EwQkZDNDQxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTU0RUUwMzE5ODQ2N0I5NjMxNUZEQjUyN0ZCM0JCQ0NBMEJG
QzQ0MS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2M2MjFmNzUzLWE4OGUtNGVkZi1h
MzA2LWJkOTNkNWEzOGZlYS8wLzM0MzMyZTMyMzQzNzJlMzMzNDJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAr9yIwDQYJKoZIhvcN
AQELBQADggEBAK+ONElSyLPeHPX9uXQIyrsWY8CBjmbfqyJoXJIAWDKBv+nMfZRR
WZRWsHdK95gIBgZlq8Ch3G+EkHGyevaHAKUZUyt59q6H6sjHhM3oNcdncM3dOud5
SShie8TORsWJww/G6Ueppw/ppitg9rN5QAyikp2dOZ1trg6RcUKwbOARa6ytMglA
lxxpKAk975PK6VhhWwUeoiXE7YiH3lwS/acwXeaZOddKeMyn9ktsf2NI0jyPX21M
N4WlU4jhOcbNykUbN5zeBwSlfbJfIDlsBNXwHHw8RBMP8SUT+P/4YSYC5TDmqFiN
HfWEYlNVg8P7JrWPsIS3Ks+LdcH3HBrxE2c=
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:11:57 2025 by rpki-client