Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/6d4aa7ef-6d95-4eba-a354-fd41858c1ba7/0/3130332e3133372e33322e302f32332d3233203d3e20313338383131.roa
File: 3130332e3133372e33322e302f32332d3233203d3e20313338383131.roa (raw, json)
Hash identifier: yxz3djEmSwBa/SuzfVfEPZb3gK/XRbkhOcEgbaKLzVE=
Subject key identifier: A7:02:38:41:6D:A0:52:4F:9B:CE:CE:88:DA:27:25:66:02:0A:70:D7
Certificate issuer: /CN=7ED240749DF73AB541823D94017C578425D757A6
Certificate serial: 6D3C98D76D4DA9048B19BBEBB992DCB0AF62D0D6
Authority key identifier: 7E:D2:40:74:9D:F7:3A:B5:41:82:3D:94:01:7C:57:84:25:D7:57:A6
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7ED240749DF73AB541823D94017C578425D757A6.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/6d4aa7ef-6d95-4eba-a354-fd41858c1ba7/0/3130332e3133372e33322e302f32332d3233203d3e20313338383131.roa
Signing time: Thu 23 May 2024 02:51:50 +0000
ROA not before: Thu 23 May 2024 02:46:50 +0000
ROA not after: Thu 22 May 2025 02:51:50 +0000
asID: 138811
IP address blocks: 103.137.32.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:3c:98:d7:6d:4d:a9:04:8b:19:bb:eb:b9:92:dc:b0:af:62:d0:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ED240749DF73AB541823D94017C578425D757A6
Validity
Not Before: May 23 02:46:50 2024 GMT
Not After : May 22 02:51:50 2025 GMT
Subject: CN=A70238416DA0524F9BCECE88DA272566020A70D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:79:b9:79:b9:99:27:d0:0b:ef:5e:a4:ca:73:
2d:2d:1d:92:24:1d:e6:fb:8a:8e:02:67:bd:f9:4a:
22:e9:60:e6:1c:74:4d:63:86:a6:d2:74:1e:7d:f8:
35:e8:b5:94:f1:80:ae:32:dc:d3:a6:ee:e7:98:f5:
12:d9:f6:6d:d7:64:7f:53:78:6a:e4:24:c7:37:bb:
6d:7f:e8:cb:35:63:06:cd:13:fd:6a:44:df:fc:28:
8a:ca:ac:fe:97:66:8d:d3:85:ef:3e:9d:6f:2e:15:
f6:c9:0a:65:3e:17:76:a7:11:4b:75:6c:5c:eb:48:
e0:9e:54:0f:0d:04:5d:e2:41:7a:b1:b2:76:1b:7a:
61:06:ef:a4:85:32:61:eb:79:6c:e4:f0:47:0b:d4:
ac:6f:65:ac:ea:e8:08:a5:17:c9:b3:3e:e3:91:d0:
62:2c:a2:40:5a:28:af:e7:6f:81:f5:1d:8a:c4:54:
d4:3c:87:c2:4c:b1:9b:e5:b0:47:24:8e:6d:8f:3e:
f3:bf:99:73:57:c0:88:53:38:3c:24:9d:06:86:91:
97:7f:ce:c2:27:2e:0e:d7:2d:69:a0:12:03:8a:8a:
af:ab:5d:03:ed:e8:77:c0:d3:ba:02:d5:bd:81:21:
eb:25:41:d4:c9:13:85:45:be:c1:0e:96:01:ab:09:
00:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:02:38:41:6D:A0:52:4F:9B:CE:CE:88:DA:27:25:66:02:0A:70:D7
X509v3 Authority Key Identifier:
keyid:7E:D2:40:74:9D:F7:3A:B5:41:82:3D:94:01:7C:57:84:25:D7:57:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/6d4aa7ef-6d95-4eba-a354-fd41858c1ba7/0/7ED240749DF73AB541823D94017C578425D757A6.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7ED240749DF73AB541823D94017C578425D757A6.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/6d4aa7ef-6d95-4eba-a354-fd41858c1ba7/0/3130332e3133372e33322e302f32332d3233203d3e20313338383131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.137.32.0/23
Signature Algorithm: sha256WithRSAEncryption
9f:6d:23:ad:8e:46:0f:5e:91:b5:97:a8:8b:cb:89:ef:92:3e:
b3:8a:c8:c8:a8:a8:66:dc:0d:c8:95:a1:f7:2f:4f:95:e8:a8:
ee:df:ff:54:76:ff:91:96:e8:0a:87:19:0c:3d:04:13:88:4a:
95:ba:e0:4f:01:5c:4c:4f:39:a4:4c:63:56:5d:fe:93:7a:31:
96:c2:ef:39:f9:43:7d:c3:24:03:20:cd:d6:f0:28:af:e5:6d:
bb:d1:54:24:d4:ba:0d:eb:66:77:86:c1:14:51:43:11:a0:84:
82:c6:ac:d6:9d:18:dc:fb:8e:8f:62:bd:f9:3b:a2:29:8a:e3:
3c:89:84:d6:91:b9:03:a4:5a:54:14:18:6a:18:bb:b1:cc:f0:
f6:55:19:f7:78:da:e3:da:a4:2e:c8:d9:ab:68:85:72:6c:39:
7c:d5:e8:70:ab:ac:f3:77:78:13:5a:e5:5f:db:b7:9d:d4:32:
d8:27:6e:b1:ba:7e:a0:e5:13:e8:27:bd:51:98:86:08:d4:e4:
b4:8d:ed:50:bf:a0:e5:91:49:b4:de:8f:7b:7e:84:b9:30:ac:
8b:fb:73:94:82:d3:43:ee:ed:d5:00:96:92:a9:b4:51:c4:cc:
58:fe:4a:f8:63:53:9f:1c:e6:b5:e7:88:66:8e:f1:e2:e0:c5:
bf:1e:e8:99
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUbTyY121NqQSLGbvruZLcsK9i0NYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0VEMjQwNzQ5REY3M0FCNTQxODIzRDk0MDE3QzU3ODQy
NUQ3NTdBNjAeFw0yNDA1MjMwMjQ2NTBaFw0yNTA1MjIwMjUxNTBaMDMxMTAvBgNV
BAMTKEE3MDIzODQxNkRBMDUyNEY5QkNFQ0U4OERBMjcyNTY2MDIwQTcwRDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcebl5uZkn0AvvXqTKcy0tHZIk
Heb7io4CZ735SiLpYOYcdE1jhqbSdB59+DXotZTxgK4y3NOm7ueY9RLZ9m3XZH9T
eGrkJMc3u21/6Ms1YwbNE/1qRN/8KIrKrP6XZo3The8+nW8uFfbJCmU+F3anEUt1
bFzrSOCeVA8NBF3iQXqxsnYbemEG76SFMmHreWzk8EcL1KxvZazq6AilF8mzPuOR
0GIsokBaKK/nb4H1HYrEVNQ8h8JMsZvlsEckjm2PPvO/mXNXwIhTODwknQaGkZd/
zsInLg7XLWmgEgOKiq+rXQPt6HfA07oC1b2BIeslQdTJE4VFvsEOlgGrCQAhAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUpwI4QW2gUk+bzs6I2iclZgIKcNcwHwYDVR0j
BBgwFoAUftJAdJ33OrVBgj2UAXxXhCXXV6YwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
ZDRhYTdlZi02ZDk1LTRlYmEtYTM1NC1mZDQxODU4YzFiYTcvMC83RUQyNDA3NDlE
RjczQUI1NDE4MjNEOTQwMTdDNTc4NDI1RDc1N0E2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvN0VEMjQwNzQ5REY3M0FCNTQxODIzRDk0MDE3QzU3ODQyNUQ3
NTdBNi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzZkNGFhN2VmLTZkOTUtNGViYS1h
MzU0LWZkNDE4NThjMWJhNy8wLzMxMzAzMzJlMzEzMzM3MmUzMzMyMmUzMDJmMzIz
MzJkMzIzMzIwM2QzZTIwMzEzMzM4MzgzMTMxLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ4kgMA0GCSqG
SIb3DQEBCwUAA4IBAQCfbSOtjkYPXpG1l6iLy4nvkj6zisjIqKhm3A3IlaH3L0+V
6Kju3/9Udv+RlugKhxkMPQQTiEqVuuBPAVxMTzmkTGNWXf6TejGWwu85+UN9wyQD
IM3W8Civ5W270VQk1LoN62Z3hsEUUUMRoISCxqzWnRjc+46PYr35O6IpiuM8iYTW
kbkDpFpUFBhqGLuxzPD2VRn3eNrj2qQuyNmraIVybDl81ehwq6zzd3gTWuVf27ed
1DLYJ26xun6g5RPoJ71RmIYI1OS0je1Qv6DlkUm03o97foS5MKyL+3OUgtND7u3V
AJaSqbRRxMxY/kr4Y1OfHOa154hmjvHi4MW/HuiZ
-----END CERTIFICATE-----
Generated at Tue Jun 17 10:04:17 2025 by rpki-client