Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a2e23dc4-4fd5-43e2-bb6a-4fdc387ebc58/0/3230322e35322e35382e302f32342d3234203d3e203436303538.roa
File: 3230322e35322e35382e302f32342d3234203d3e203436303538.roa (raw, json)
Hash identifier: UMm8CVytUz3mnXPaURu9cvBWCMEG+/Kh9q1dvGzVdN0=
Subject key identifier: FA:44:C6:E3:F7:74:13:6E:EC:99:94:C2:08:2E:B8:78:F0:2E:A1:A0
Certificate issuer: /CN=2E55483B906244D2DA357F014F9AFA606D95C345
Certificate serial: 77A4B4B45350225672313F2FBABA091D3237E890
Authority key identifier: 2E:55:48:3B:90:62:44:D2:DA:35:7F:01:4F:9A:FA:60:6D:95:C3:45
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2E55483B906244D2DA357F014F9AFA606D95C345.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a2e23dc4-4fd5-43e2-bb6a-4fdc387ebc58/0/3230322e35322e35382e302f32342d3234203d3e203436303538.roa
Signing time: Sat 19 Apr 2025 07:00:01 +0000
ROA not before: Sat 19 Apr 2025 06:55:01 +0000
ROA not after: Sat 18 Apr 2026 07:00:01 +0000
asID: 46058
IP address blocks: 202.52.58.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:a4:b4:b4:53:50:22:56:72:31:3f:2f:ba:ba:09:1d:32:37:e8:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E55483B906244D2DA357F014F9AFA606D95C345
Validity
Not Before: Apr 19 06:55:01 2025 GMT
Not After : Apr 18 07:00:01 2026 GMT
Subject: CN=FA44C6E3F774136EEC9994C2082EB878F02EA1A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1a:dd:92:16:fa:f0:15:1e:d5:27:ce:83:da:
07:e5:07:7a:a4:d9:00:be:b6:ad:fa:be:48:95:bc:
ff:c6:3f:f5:a2:99:ca:78:62:44:a0:a0:40:9a:fd:
7d:ba:2a:b0:7e:b1:ac:4d:69:5f:42:c7:7e:ce:2d:
d2:31:8b:51:97:cc:a2:0d:df:86:00:f3:46:0b:38:
7c:f2:04:c6:42:4e:71:f9:ea:07:67:26:40:3d:de:
0f:b4:fe:ec:5a:31:90:4a:68:d9:10:cd:7d:0c:8e:
2c:1b:3c:e1:c8:37:3b:9b:e5:44:f2:eb:0c:78:e7:
42:a3:01:25:e4:69:3a:e4:2b:41:4b:01:8a:0e:a3:
e9:21:a4:2c:7d:2f:e0:1d:7d:4e:4c:3f:7a:64:9f:
ab:b3:36:af:0c:70:3d:45:a2:04:b8:d5:cc:86:c5:
42:03:78:a1:0b:01:5f:50:34:d6:61:22:a7:d6:83:
7c:81:f4:ea:76:a3:9f:aa:11:08:ba:93:2f:81:29:
40:71:9a:7b:7e:7e:37:21:15:b5:56:1c:a8:d2:94:
fe:cc:b3:08:31:51:b4:c8:3c:10:0b:3e:d5:1c:9e:
64:95:7d:9e:09:56:4c:0d:01:12:da:d0:5c:2c:80:
3d:a1:f9:19:b8:d2:d8:48:f5:6c:45:d5:d9:e3:a9:
7d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:44:C6:E3:F7:74:13:6E:EC:99:94:C2:08:2E:B8:78:F0:2E:A1:A0
X509v3 Authority Key Identifier:
keyid:2E:55:48:3B:90:62:44:D2:DA:35:7F:01:4F:9A:FA:60:6D:95:C3:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a2e23dc4-4fd5-43e2-bb6a-4fdc387ebc58/0/2E55483B906244D2DA357F014F9AFA606D95C345.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2E55483B906244D2DA357F014F9AFA606D95C345.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a2e23dc4-4fd5-43e2-bb6a-4fdc387ebc58/0/3230322e35322e35382e302f32342d3234203d3e203436303538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.52.58.0/24
Signature Algorithm: sha256WithRSAEncryption
31:68:68:72:c6:4e:42:f4:ab:d0:cd:51:94:7f:ed:db:ec:89:
e7:d5:f2:3c:8f:09:61:11:84:5e:9f:cb:b8:cb:6d:74:fb:9f:
f2:36:78:a2:91:09:d0:12:da:0f:6a:25:5b:e3:d0:d7:7c:c5:
3d:24:d0:45:78:38:bc:6d:ca:2e:86:f5:92:b3:88:ee:b1:6a:
bf:52:b8:9c:ba:d7:5a:da:f4:eb:97:86:cd:c6:a8:6d:47:a6:
00:2f:a8:82:54:ea:0b:0e:65:ae:6e:8f:74:74:06:58:46:10:
42:c0:25:34:15:b9:d3:53:4c:0b:1d:32:f5:98:81:28:3c:9e:
ec:99:93:02:12:07:29:11:b1:1f:3e:8c:dd:26:e4:fd:bf:63:
ca:36:6f:08:00:3d:c4:3b:0d:9b:b1:41:cc:16:11:0a:f6:f9:
c3:12:d3:6e:96:04:87:62:72:76:cd:df:49:16:ee:38:a1:4b:
ec:d0:18:72:21:6f:51:31:cb:4d:cd:54:62:c5:05:15:b9:77:
1f:8e:13:e4:52:ee:c4:99:61:c1:3e:9e:95:46:84:2d:b4:1e:
f1:60:8c:60:8c:b1:b7:74:2d:27:87:69:50:2d:31:58:a4:fa:
f7:1e:14:10:97:9d:26:3e:ef:d8:db:24:2b:e4:4a:fb:f3:49:
9a:5f:5d:de
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUd6S0tFNQIlZyMT8vuroJHTI36JAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkU1NTQ4M0I5MDYyNDREMkRBMzU3RjAxNEY5QUZBNjA2
RDk1QzM0NTAeFw0yNTA0MTkwNjU1MDFaFw0yNjA0MTgwNzAwMDFaMDMxMTAvBgNV
BAMTKEZBNDRDNkUzRjc3NDEzNkVFQzk5OTRDMjA4MkVCODc4RjAyRUExQTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrGt2SFvrwFR7VJ86D2gflB3qk
2QC+tq36vkiVvP/GP/Wimcp4YkSgoECa/X26KrB+saxNaV9Cx37OLdIxi1GXzKIN
34YA80YLOHzyBMZCTnH56gdnJkA93g+0/uxaMZBKaNkQzX0MjiwbPOHINzub5UTy
6wx450KjASXkaTrkK0FLAYoOo+khpCx9L+AdfU5MP3pkn6uzNq8McD1FogS41cyG
xUIDeKELAV9QNNZhIqfWg3yB9Op2o5+qEQi6ky+BKUBxmnt+fjchFbVWHKjSlP7M
swgxUbTIPBALPtUcnmSVfZ4JVkwNARLa0FwsgD2h+Rm40thI9WxF1dnjqX2RAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQU+kTG4/d0E27smZTCCC64ePAuoaAwHwYDVR0j
BBgwFoAULlVIO5BiRNLaNX8BT5r6YG2Vw0UwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
MmUyM2RjNC00ZmQ1LTQzZTItYmI2YS00ZmRjMzg3ZWJjNTgvMC8yRTU1NDgzQjkw
NjI0NEQyREEzNTdGMDE0RjlBRkE2MDZEOTVDMzQ1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMkU1NTQ4M0I5MDYyNDREMkRBMzU3RjAxNEY5QUZBNjA2RDk1
QzM0NS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2EyZTIzZGM0LTRmZDUtNDNlMi1i
YjZhLTRmZGMzODdlYmM1OC8wLzMyMzAzMjJlMzUzMjJlMzUzODJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDM0MzYzMDM1Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKNDowDQYJKoZIhvcN
AQELBQADggEBADFoaHLGTkL0q9DNUZR/7dvsiefV8jyPCWERhF6fy7jLbXT7n/I2
eKKRCdAS2g9qJVvj0Nd8xT0k0EV4OLxtyi6G9ZKziO6xar9SuJy611ra9OuXhs3G
qG1HpgAvqIJU6gsOZa5uj3R0BlhGEELAJTQVudNTTAsdMvWYgSg8nuyZkwISBykR
sR8+jN0m5P2/Y8o2bwgAPcQ7DZuxQcwWEQr2+cMS026WBIdicnbN30kW7jihS+zQ
GHIhb1Exy03NVGLFBRW5dx+OE+RS7sSZYcE+npVGhC20HvFgjGCMsbd0LSeHaVAt
MVik+vceFBCXnSY+79jbJCvkSvvzSZpfXd4=
-----END CERTIFICATE-----
Generated at Wed May 7 13:15:17 2025 by rpki-client