Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/29ab60b1-a244-4a78-b31b-feca3d14ed9f/0/3230322e39312e33312e302f32342d3234203d3e203435333036.roa
File: 3230322e39312e33312e302f32342d3234203d3e203435333036.roa (raw, json)
Hash identifier: PY8IzktNPbChQTjp51gYrr+QVTCLUqVhsoMbpojKabc=
Subject key identifier: BE:14:88:E3:52:81:E7:11:FF:D4:4C:D4:E7:2C:95:64:26:29:6F:D0
Certificate issuer: /CN=F1853A1C5C1ECAFE1076F94A61FA7796DD3C671A
Certificate serial: 518B584424F25EC2F6C8040BE9E7CE08A96D8C53
Authority key identifier: F1:85:3A:1C:5C:1E:CA:FE:10:76:F9:4A:61:FA:77:96:DD:3C:67:1A
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F1853A1C5C1ECAFE1076F94A61FA7796DD3C671A.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/29ab60b1-a244-4a78-b31b-feca3d14ed9f/0/3230322e39312e33312e302f32342d3234203d3e203435333036.roa
Signing time: Thu 16 Oct 2025 10:47:03 +0000
ROA not before: Thu 16 Oct 2025 10:42:03 +0000
ROA not after: Thu 15 Oct 2026 10:47:03 +0000
asID: 45306
IP address blocks: 202.91.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Oct 2025 14:36:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:8b:58:44:24:f2:5e:c2:f6:c8:04:0b:e9:e7:ce:08:a9:6d:8c:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F1853A1C5C1ECAFE1076F94A61FA7796DD3C671A
Validity
Not Before: Oct 16 10:42:03 2025 GMT
Not After : Oct 15 10:47:03 2026 GMT
Subject: CN=BE1488E35281E711FFD44CD4E72C956426296FD0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:da:b4:6c:34:88:2c:6f:c2:fb:06:93:e9:cc:
88:70:05:99:60:b4:98:ac:9f:df:40:15:f2:c0:34:
0c:f7:5b:8f:7d:39:47:c5:be:20:cd:ce:06:16:b6:
62:80:5b:d1:a8:59:7a:da:1f:17:ce:d4:6e:66:cf:
bd:32:41:31:72:2b:8d:3f:84:36:54:c1:0c:7d:0d:
b8:5c:5c:db:42:b4:7a:cc:58:90:c2:82:86:df:f6:
75:93:f5:37:90:74:58:05:dc:a8:a3:0e:87:6c:5f:
8f:33:1e:89:01:ea:62:f6:36:cb:cd:2b:be:00:7c:
52:90:b0:29:46:1c:20:cf:31:f4:c9:ac:c9:47:1a:
b8:1a:20:5b:b4:51:99:93:8b:48:bd:16:10:f2:57:
0d:6a:7d:7a:b4:3d:40:f9:3e:7c:45:1c:43:d6:92:
47:6c:8c:60:ad:32:ed:8e:a8:33:da:3f:de:92:9b:
f9:2f:7b:2a:05:b4:c4:96:a5:2c:5b:85:ee:c2:0c:
71:04:d2:7d:df:40:79:05:fa:5f:ef:50:f7:5e:14:
6c:87:51:f4:ac:ff:cc:69:2f:3f:6e:32:ff:64:0e:
38:b1:6f:8d:3a:0c:1b:9f:67:4d:19:15:6a:d6:d0:
eb:04:5b:0e:0f:67:e8:a4:23:4b:ce:3b:68:e1:b3:
ab:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:14:88:E3:52:81:E7:11:FF:D4:4C:D4:E7:2C:95:64:26:29:6F:D0
X509v3 Authority Key Identifier:
keyid:F1:85:3A:1C:5C:1E:CA:FE:10:76:F9:4A:61:FA:77:96:DD:3C:67:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/29ab60b1-a244-4a78-b31b-feca3d14ed9f/0/F1853A1C5C1ECAFE1076F94A61FA7796DD3C671A.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F1853A1C5C1ECAFE1076F94A61FA7796DD3C671A.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/29ab60b1-a244-4a78-b31b-feca3d14ed9f/0/3230322e39312e33312e302f32342d3234203d3e203435333036.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.91.31.0/24
Signature Algorithm: sha256WithRSAEncryption
51:c2:66:5a:ae:42:19:88:74:11:a4:38:9d:d9:fe:a8:f3:c7:
4c:5f:35:42:60:02:19:80:09:d7:70:f0:34:5d:1c:dd:9e:b0:
9a:31:fd:1d:bc:96:81:02:0b:8d:48:71:7f:70:6e:37:13:4e:
b9:9e:5c:0e:c5:21:39:65:c2:ac:b3:00:8a:10:30:df:b9:a7:
e6:4d:ac:9e:54:85:56:bd:71:c4:d8:19:fb:ac:fb:4d:40:bc:
91:07:ae:d2:ee:f3:6c:79:1a:eb:58:81:4b:a2:36:fb:5a:82:
54:27:29:16:b8:10:b1:66:12:c0:1e:8a:54:49:cf:93:3c:73:
76:16:a7:d7:c1:48:d5:61:e5:f1:97:b0:43:1a:c5:e9:e8:ac:
ed:2c:c4:d0:8f:c2:19:eb:9a:7f:be:65:36:36:c5:f5:0d:9b:
57:4a:bc:a5:86:cf:34:d6:8d:e1:bb:a0:28:80:88:85:0b:fc:
79:b3:06:9f:84:aa:53:a2:eb:b8:20:14:15:4b:81:f4:70:98:
df:8a:5b:03:eb:21:ca:ff:13:86:1b:a3:b3:19:d9:ed:90:25:
b6:a9:02:44:b3:25:7a:37:1e:bd:59:98:d8:b1:66:68:42:f8:
49:a9:2c:d2:53:50:8c:c4:a9:4e:40:8c:36:99:04:71:2a:e8:
70:28:29:45
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUUYtYRCTyXsL2yAQL6efOCKltjFMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjE4NTNBMUM1QzFFQ0FGRTEwNzZGOTRBNjFGQTc3OTZE
RDNDNjcxQTAeFw0yNTEwMTYxMDQyMDNaFw0yNjEwMTUxMDQ3MDNaMDMxMTAvBgNV
BAMTKEJFMTQ4OEUzNTI4MUU3MTFGRkQ0NENENEU3MkM5NTY0MjYyOTZGRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC32rRsNIgsb8L7BpPpzIhwBZlg
tJisn99AFfLANAz3W499OUfFviDNzgYWtmKAW9GoWXraHxfO1G5mz70yQTFyK40/
hDZUwQx9DbhcXNtCtHrMWJDCgobf9nWT9TeQdFgF3KijDodsX48zHokB6mL2NsvN
K74AfFKQsClGHCDPMfTJrMlHGrgaIFu0UZmTi0i9FhDyVw1qfXq0PUD5PnxFHEPW
kkdsjGCtMu2OqDPaP96Sm/kveyoFtMSWpSxbhe7CDHEE0n3fQHkF+l/vUPdeFGyH
UfSs/8xpLz9uMv9kDjixb406DBufZ00ZFWrW0OsEWw4PZ+ikI0vOO2jhs6sJAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUvhSI41KB5xH/1EzU5yyVZCYpb9AwHwYDVR0j
BBgwFoAU8YU6HFweyv4QdvlKYfp3lt08ZxowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
OWFiNjBiMS1hMjQ0LTRhNzgtYjMxYi1mZWNhM2QxNGVkOWYvMC9GMTg1M0ExQzVD
MUVDQUZFMTA3NkY5NEE2MUZBNzc5NkREM0M2NzFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRjE4NTNBMUM1QzFFQ0FGRTEwNzZGOTRBNjFGQTc3OTZERDND
NjcxQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzI5YWI2MGIxLWEyNDQtNGE3OC1i
MzFiLWZlY2EzZDE0ZWQ5Zi8wLzMyMzAzMjJlMzkzMTJlMzMzMTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDM0MzUzMzMwMzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKWx8wDQYJKoZIhvcN
AQELBQADggEBAFHCZlquQhmIdBGkOJ3Z/qjzx0xfNUJgAhmACddw8DRdHN2esJox
/R28loECC41IcX9wbjcTTrmeXA7FITllwqyzAIoQMN+5p+ZNrJ5UhVa9ccTYGfus
+01AvJEHrtLu82x5GutYgUuiNvtaglQnKRa4ELFmEsAeilRJz5M8c3YWp9fBSNVh
5fGXsEMaxenorO0sxNCPwhnrmn++ZTY2xfUNm1dKvKWGzzTWjeG7oCiAiIUL/Hmz
Bp+EqlOi67ggFBVLgfRwmN+KWwPrIcr/E4Ybo7MZ2e2QJbapAkSzJXo3Hr1ZmNix
ZmhC+EmpLNJTUIzEqU5AjDaZBHEq6HAoKUU=
-----END CERTIFICATE-----
Generated at Mon Oct 20 20:26:10 2025 by rpki-client