Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/214bb4c8-6fcf-4fff-bdcc-fe1fccee1045/0/3130332e3138372e3136342e302f32342d3234203d3e20313439383937.roa
File: 3130332e3138372e3136342e302f32342d3234203d3e20313439383937.roa (raw, json)
Hash identifier: 1d1jglJQYamlwXmUTi2MB59pQxl/KjaHk7dpKNXOmuU=
Subject key identifier: E6:AF:01:87:29:CA:E6:51:DF:12:BD:74:10:EF:0D:C0:2B:A2:14:51
Certificate issuer: /CN=AB2FF74AE26C6B3D3C718834D700985B9160087D
Certificate serial: 09D12C19862BDFD5A4A4E27FF74FBFC8433469C4
Authority key identifier: AB:2F:F7:4A:E2:6C:6B:3D:3C:71:88:34:D7:00:98:5B:91:60:08:7D
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AB2FF74AE26C6B3D3C718834D700985B9160087D.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/214bb4c8-6fcf-4fff-bdcc-fe1fccee1045/0/3130332e3138372e3136342e302f32342d3234203d3e20313439383937.roa
Signing time: Thu 01 May 2025 06:00:00 +0000
ROA not before: Thu 01 May 2025 05:55:00 +0000
ROA not after: Thu 30 Apr 2026 06:00:00 +0000
asID: 149897
IP address blocks: 103.187.164.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:d1:2c:19:86:2b:df:d5:a4:a4:e2:7f:f7:4f:bf:c8:43:34:69:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=AB2FF74AE26C6B3D3C718834D700985B9160087D
Validity
Not Before: May 1 05:55:00 2025 GMT
Not After : Apr 30 06:00:00 2026 GMT
Subject: CN=E6AF018729CAE651DF12BD7410EF0DC02BA21451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ee:d7:e5:85:84:9e:57:dd:33:e5:02:99:7d:
94:65:87:42:9b:9a:6b:50:15:8e:4c:fd:f2:39:ee:
dc:3c:af:35:b1:d7:d5:32:92:37:15:5c:b3:28:ad:
00:07:ef:29:96:aa:17:9e:1c:b8:7c:09:4a:93:3f:
19:6b:cc:25:db:6d:25:59:6f:46:36:01:3f:05:51:
fe:dd:62:41:a0:f0:34:61:ff:53:26:c5:14:2e:b7:
f0:77:21:bc:61:16:e7:16:45:44:53:8f:dd:94:18:
c7:99:12:16:41:73:ac:45:b6:60:f1:ab:ce:f5:35:
02:df:fc:4d:ef:39:27:b1:91:52:40:db:a4:79:19:
64:a9:c8:7b:b2:d9:50:6e:b8:b0:d7:6a:41:a5:48:
0c:27:5f:2b:34:23:54:18:e9:ba:c2:f5:38:2e:93:
ae:05:5b:21:df:37:a7:3d:2a:9b:88:83:99:d6:3f:
5a:f5:ec:be:cb:bf:90:ac:25:7c:ac:26:fb:d9:2a:
d6:e3:f5:bf:ac:cf:83:21:00:8f:c5:37:cd:66:f7:
3c:74:78:17:ac:73:07:19:21:e2:d1:bc:c8:31:5a:
3d:72:c5:55:7e:e9:ad:03:b6:4e:09:f9:c6:e0:54:
c4:a7:dd:79:bf:0b:b8:ca:89:9e:63:a6:ea:f1:48:
8d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:AF:01:87:29:CA:E6:51:DF:12:BD:74:10:EF:0D:C0:2B:A2:14:51
X509v3 Authority Key Identifier:
keyid:AB:2F:F7:4A:E2:6C:6B:3D:3C:71:88:34:D7:00:98:5B:91:60:08:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/214bb4c8-6fcf-4fff-bdcc-fe1fccee1045/0/AB2FF74AE26C6B3D3C718834D700985B9160087D.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AB2FF74AE26C6B3D3C718834D700985B9160087D.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/214bb4c8-6fcf-4fff-bdcc-fe1fccee1045/0/3130332e3138372e3136342e302f32342d3234203d3e20313439383937.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.187.164.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:34:0f:d9:a2:dc:3d:be:fb:2d:e7:c5:43:18:c8:5b:85:bf:
9f:0d:32:cf:6b:81:d3:6a:76:f9:87:a6:6d:1a:71:b2:0c:83:
5a:a7:96:3c:0f:c5:6e:b8:df:c6:9d:c1:a1:2d:7d:5b:c3:27:
ce:c5:75:5d:6b:16:78:43:d4:ba:30:d9:97:db:ec:99:b9:1d:
fe:f5:90:6b:b9:b4:f5:71:6a:c1:b7:57:b9:d8:67:85:02:68:
2c:85:f9:3e:b3:a6:f5:12:27:a2:0c:67:1d:b6:f1:67:7a:7c:
61:e6:81:a5:da:f6:71:0a:9e:69:66:c5:c1:a9:ce:e8:3d:70:
e8:92:c9:81:26:87:0b:1b:99:30:41:98:9d:ef:e9:cd:e9:4b:
d6:85:f2:c2:da:a8:24:2c:da:bd:ea:ca:02:a8:2f:95:25:16:
ea:02:b1:4e:b7:4b:1d:6a:98:23:cb:d5:3e:77:92:ed:02:63:
56:62:b9:bc:d1:43:64:e9:40:42:a8:b7:c8:36:47:6b:c7:b9:
28:6c:7b:8a:b7:75:61:1c:4f:30:f5:5e:ef:ce:77:83:8c:df:
d9:39:40:53:21:47:54:41:26:6d:94:72:d4:50:d8:a9:b9:26:
60:4b:2f:d7:b3:6e:22:04:ea:12:9e:11:67:06:28:40:6b:71:
c3:5f:58:a6
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUCdEsGYYr39WkpOJ/90+/yEM0acQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUIyRkY3NEFFMjZDNkIzRDNDNzE4ODM0RDcwMDk4NUI5
MTYwMDg3RDAeFw0yNTA1MDEwNTU1MDBaFw0yNjA0MzAwNjAwMDBaMDMxMTAvBgNV
BAMTKEU2QUYwMTg3MjlDQUU2NTFERjEyQkQ3NDEwRUYwREMwMkJBMjE0NTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ7tflhYSeV90z5QKZfZRlh0Kb
mmtQFY5M/fI57tw8rzWx19UykjcVXLMorQAH7ymWqheeHLh8CUqTPxlrzCXbbSVZ
b0Y2AT8FUf7dYkGg8DRh/1MmxRQut/B3IbxhFucWRURTj92UGMeZEhZBc6xFtmDx
q871NQLf/E3vOSexkVJA26R5GWSpyHuy2VBuuLDXakGlSAwnXys0I1QY6brC9Tgu
k64FWyHfN6c9KpuIg5nWP1r17L7Lv5CsJXysJvvZKtbj9b+sz4MhAI/FN81m9zx0
eBescwcZIeLRvMgxWj1yxVV+6a0Dtk4J+cbgVMSn3Xm/C7jKiZ5jpurxSI3dAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQU5q8BhynK5lHfEr10EO8NwCuiFFEwHwYDVR0j
BBgwFoAUqy/3SuJsaz08cYg01wCYW5FgCH0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
MTRiYjRjOC02ZmNmLTRmZmYtYmRjYy1mZTFmY2NlZTEwNDUvMC9BQjJGRjc0QUUy
NkM2QjNEM0M3MTg4MzRENzAwOTg1QjkxNjAwODdELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQUIyRkY3NEFFMjZDNkIzRDNDNzE4ODM0RDcwMDk4NUI5MTYw
MDg3RC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIxNGJiNGM4LTZmY2YtNGZmZi1i
ZGNjLWZlMWZjY2VlMTA0NS8wLzMxMzAzMzJlMzEzODM3MmUzMTM2MzQyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM0MzkzODM5Mzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnu6QwDQYJ
KoZIhvcNAQELBQADggEBAC00D9mi3D2++y3nxUMYyFuFv58NMs9rgdNqdvmHpm0a
cbIMg1qnljwPxW6438adwaEtfVvDJ87FdV1rFnhD1Low2Zfb7Jm5Hf71kGu5tPVx
asG3V7nYZ4UCaCyF+T6zpvUSJ6IMZx228Wd6fGHmgaXa9nEKnmlmxcGpzug9cOiS
yYEmhwsbmTBBmJ3v6c3pS9aF8sLaqCQs2r3qygKoL5UlFuoCsU63Sx1qmCPL1T53
ku0CY1ZiubzRQ2TpQEKot8g2R2vHuShse4q3dWEcTzD1Xu/Od4OM39k5QFMhR1RB
Jm2UctRQ2Km5JmBLL9ezbiIE6hKeEWcGKEBrccNfWKY=
-----END CERTIFICATE-----
Generated at Wed May 7 10:39:28 2025 by rpki-client