Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/d1085b4a-f573-42f3-825c-1cf0c872b152/0/3230322e31302e35382e302f32332d3234203d3e20313337333633.roa
File: 3230322e31302e35382e302f32332d3234203d3e20313337333633.roa (raw, json)
Hash identifier: ZFUMNVWYPwc+bMLL5bGP5YgilLZFd1niPrD+1wwEKCc=
Subject key identifier: 6A:AA:E2:15:91:32:57:B2:E7:8B:EB:50:62:A5:AF:EC:B9:64:63:45
Certificate issuer: /CN=B6EE1F61D6E8E9EEC640CCC1D791DBA124993CA3
Certificate serial: 6C128BCB9007A2BA12476444B25E9F207FB26D59
Authority key identifier: B6:EE:1F:61:D6:E8:E9:EE:C6:40:CC:C1:D7:91:DB:A1:24:99:3C:A3
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B6EE1F61D6E8E9EEC640CCC1D791DBA124993CA3.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/d1085b4a-f573-42f3-825c-1cf0c872b152/0/3230322e31302e35382e302f32332d3234203d3e20313337333633.roa
Signing time: Wed 17 May 2023 09:37:54 +0000
ROA not before: Wed 17 May 2023 09:32:54 +0000
ROA not after: Wed 15 May 2024 09:37:54 +0000
asID: 137363
IP address blocks: 202.10.58.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:12:8b:cb:90:07:a2:ba:12:47:64:44:b2:5e:9f:20:7f:b2:6d:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B6EE1F61D6E8E9EEC640CCC1D791DBA124993CA3
Validity
Not Before: May 17 09:32:54 2023 GMT
Not After : May 15 09:37:54 2024 GMT
Subject: CN=6AAAE215913257B2E78BEB5062A5AFECB9646345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:58:87:0c:62:56:55:a9:a4:0c:06:77:fd:7a:
39:65:7f:3a:5d:52:fd:e1:0b:2b:b4:75:e7:4e:5e:
67:3b:bd:0e:d5:fd:d2:55:ff:85:8b:9b:9a:3a:e3:
66:25:1a:66:93:4d:e4:79:4d:12:a4:e5:21:5c:e5:
30:1e:ed:8a:55:89:76:2a:5b:b4:48:ff:77:f3:9c:
0f:5c:46:f6:25:4f:d6:a1:00:4d:8e:0c:15:d6:5d:
c7:9a:7f:64:3f:c1:87:ef:f8:59:18:d4:4f:6e:ff:
b3:ef:c4:e5:68:e4:7c:65:01:e3:a3:69:ae:e1:f8:
5e:f6:41:9f:b8:bf:d7:61:db:ab:1e:95:9e:52:64:
9e:4f:f3:d5:95:c4:d0:88:78:a3:12:b7:12:1e:5d:
02:c7:bb:be:39:a3:8a:9c:35:38:b0:21:58:d9:f9:
94:39:e2:92:ab:7a:25:46:e0:a1:cb:de:0c:b6:65:
3a:f1:e0:25:86:60:73:1e:f7:f7:67:24:1a:c4:2e:
e9:a7:a2:89:99:7c:00:7c:05:59:41:5a:76:89:6e:
16:37:96:f7:77:d5:5f:ce:a3:49:62:4c:59:42:31:
01:53:4e:fb:b0:fe:17:8b:30:e3:0d:ed:8d:4f:82:
fa:eb:f6:5e:dc:ac:61:9d:5a:0b:c6:9e:bc:e9:55:
1a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:AA:E2:15:91:32:57:B2:E7:8B:EB:50:62:A5:AF:EC:B9:64:63:45
X509v3 Authority Key Identifier:
keyid:B6:EE:1F:61:D6:E8:E9:EE:C6:40:CC:C1:D7:91:DB:A1:24:99:3C:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/d1085b4a-f573-42f3-825c-1cf0c872b152/0/B6EE1F61D6E8E9EEC640CCC1D791DBA124993CA3.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B6EE1F61D6E8E9EEC640CCC1D791DBA124993CA3.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d1085b4a-f573-42f3-825c-1cf0c872b152/0/3230322e31302e35382e302f32332d3234203d3e20313337333633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.10.58.0/23
Signature Algorithm: sha256WithRSAEncryption
bb:2d:31:0a:4f:de:bb:20:2d:f3:4a:6c:a6:0c:a0:41:56:92:
fa:9d:a5:2b:e3:ea:58:6e:1b:67:4c:29:9c:0e:ce:91:35:db:
47:92:12:48:87:f1:6a:b9:c3:83:f2:6d:a4:27:bb:15:16:91:
a0:9f:20:4f:83:28:03:74:23:5b:89:00:56:14:75:e1:28:a4:
56:9a:b6:95:1f:de:25:cb:ac:83:eb:f6:1f:55:0d:92:b4:d4:
d9:37:2b:ca:9c:b7:0b:85:c0:c9:8e:8e:48:9f:ea:9e:03:2f:
69:a5:5d:1c:78:d0:85:0a:d8:9f:1d:bb:b4:23:0b:23:bc:a6:
4c:d6:da:09:2a:da:70:37:1b:ab:63:99:d7:30:fa:1e:1e:31:
4b:b9:d6:3b:0c:59:63:3a:77:3d:36:9a:83:56:05:00:e2:07:
b8:56:15:de:e3:f8:52:0d:fe:88:e5:6d:7d:19:e5:f5:bd:50:
87:60:f1:41:9c:b4:b1:12:5b:80:3e:52:be:7b:1e:77:72:21:
02:55:a2:4b:9e:da:ae:6a:fc:8d:1b:f8:e8:e5:89:b1:7e:ff:
95:39:51:47:c2:a5:08:fa:fb:2f:aa:15:ee:e7:24:75:af:bc:
a2:3a:eb:5b:96:85:a1:c3:3f:79:8e:5e:ec:9a:73:20:2d:7e:
4c:ac:78:c7
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUbBKLy5AHoroSR2REsl6fIH+ybVkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjZFRTFGNjFENkU4RTlFRUM2NDBDQ0MxRDc5MURCQTEy
NDk5M0NBMzAeFw0yMzA1MTcwOTMyNTRaFw0yNDA1MTUwOTM3NTRaMDMxMTAvBgNV
BAMTKDZBQUFFMjE1OTEzMjU3QjJFNzhCRUI1MDYyQTVBRkVDQjk2NDYzNDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSWIcMYlZVqaQMBnf9ejllfzpd
Uv3hCyu0dedOXmc7vQ7V/dJV/4WLm5o642YlGmaTTeR5TRKk5SFc5TAe7YpViXYq
W7RI/3fznA9cRvYlT9ahAE2ODBXWXceaf2Q/wYfv+FkY1E9u/7PvxOVo5HxlAeOj
aa7h+F72QZ+4v9dh26selZ5SZJ5P89WVxNCIeKMStxIeXQLHu745o4qcNTiwIVjZ
+ZQ54pKreiVG4KHL3gy2ZTrx4CWGYHMe9/dnJBrELumnoomZfAB8BVlBWnaJbhY3
lvd31V/Oo0liTFlCMQFTTvuw/heLMOMN7Y1Pgvrr9l7crGGdWgvGnrzpVRqlAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUaqriFZEyV7Lni+tQYqWv7LlkY0UwHwYDVR0j
BBgwFoAUtu4fYdbo6e7GQMzB15HboSSZPKMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
MTA4NWI0YS1mNTczLTQyZjMtODI1Yy0xY2YwYzg3MmIxNTIvMC9CNkVFMUY2MUQ2
RThFOUVFQzY0MENDQzFENzkxREJBMTI0OTkzQ0EzLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjZFRTFGNjFENkU4RTlFRUM2NDBDQ0MxRDc5MURCQTEyNDk5
M0NBMy5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2QxMDg1YjRhLWY1NzMtNDJmMy04
MjVjLTFjZjBjODcyYjE1Mi8wLzMyMzAzMjJlMzEzMDJlMzUzODJlMzAyZjMyMzMy
ZDMyMzQyMDNkM2UyMDMxMzMzNzMzMzYzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcoKOjANBgkqhkiG
9w0BAQsFAAOCAQEAuy0xCk/euyAt80pspgygQVaS+p2lK+PqWG4bZ0wpnA7OkTXb
R5ISSIfxarnDg/JtpCe7FRaRoJ8gT4MoA3QjW4kAVhR14SikVpq2lR/eJcusg+v2
H1UNkrTU2Tcrypy3C4XAyY6OSJ/qngMvaaVdHHjQhQrYnx27tCMLI7ymTNbaCSra
cDcbq2OZ1zD6Hh4xS7nWOwxZYzp3PTaag1YFAOIHuFYV3uP4Ug3+iOVtfRnl9b1Q
h2DxQZy0sRJbgD5Svnsed3IhAlWiS57armr8jRv46OWJsX7/lTlRR8KlCPr7L6oV
7uckda+8ojrrW5aFocM/eY5e7JpzIC1+TKx4xw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:52 2024 by rpki-client on console-ams.rpki-client.org