Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/3a406cdb-1791-478d-9d28-9e37a6f809cc/0/3130332e37332e3135382e302f32342d3234203d3e203234343239.roa
File: 3130332e37332e3135382e302f32342d3234203d3e203234343239.roa (raw, json)
Hash identifier: ujITe6uXtdvP5WOayQADk+Rg7asyYqwio86khyT1Nho=
Subject key identifier: 09:AC:37:BF:89:C6:9E:D2:73:CC:A5:DF:22:3E:02:FC:B4:AF:A6:98
Certificate issuer: /CN=2D0745D26E59440CB71FAFE996834493DA753248
Certificate serial: 23C54F2E81BDDB5A98F76059D9F0AF1C0B403E1F
Authority key identifier: 2D:07:45:D2:6E:59:44:0C:B7:1F:AF:E9:96:83:44:93:DA:75:32:48
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D0745D26E59440CB71FAFE996834493DA753248.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/3a406cdb-1791-478d-9d28-9e37a6f809cc/0/3130332e37332e3135382e302f32342d3234203d3e203234343239.roa
Signing time: Tue 28 Jan 2025 17:01:50 +0000
ROA not before: Tue 28 Jan 2025 16:56:50 +0000
ROA not after: Tue 27 Jan 2026 17:01:50 +0000
asID: 24429
IP address blocks: 103.73.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/3a406cdb-1791-478d-9d28-9e37a6f809cc/0/2D0745D26E59440CB71FAFE996834493DA753248.crl
rsync://repo-rpki.idnic.net/repo/3a406cdb-1791-478d-9d28-9e37a6f809cc/0/2D0745D26E59440CB71FAFE996834493DA753248.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D0745D26E59440CB71FAFE996834493DA753248.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 11:22:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:c5:4f:2e:81:bd:db:5a:98:f7:60:59:d9:f0:af:1c:0b:40:3e:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D0745D26E59440CB71FAFE996834493DA753248
Validity
Not Before: Jan 28 16:56:50 2025 GMT
Not After : Jan 27 17:01:50 2026 GMT
Subject: CN=09AC37BF89C69ED273CCA5DF223E02FCB4AFA698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6e:dd:9c:58:d7:b0:5c:f7:32:ee:e8:2e:51:
e2:a7:5e:40:bb:c1:c5:1c:be:c7:c7:4e:95:b7:2d:
37:8f:b6:0b:f2:ce:23:1a:a2:b3:8f:73:5f:45:e6:
28:a6:af:5b:53:8b:83:72:f4:fc:34:46:eb:1f:2f:
55:27:45:8a:4b:b9:9f:77:22:06:31:1f:6d:10:98:
a7:cb:75:8f:cb:2f:1b:8d:ef:62:2d:f1:7e:69:c7:
80:1d:a8:ee:df:05:b4:90:c3:1f:9f:a6:63:c0:91:
d4:49:c0:81:bc:08:e1:e7:54:6a:16:f7:54:e3:d0:
47:05:e3:90:44:e4:8f:42:fd:5f:5b:b3:09:ee:40:
97:d5:10:c6:a7:19:75:6b:18:12:7d:02:5c:63:9b:
db:9e:a3:50:30:1c:c4:68:09:f3:ce:02:09:b0:0a:
4a:6a:f1:ec:46:8d:25:ba:9e:30:15:a7:dd:1b:d1:
5f:a9:4f:fe:4f:d9:01:bc:19:a2:75:49:84:e3:1e:
66:97:ce:53:cf:26:a6:7f:78:b9:3c:61:9f:d6:58:
7b:e3:67:6c:82:eb:91:3e:59:1d:8f:59:ee:0b:50:
34:ba:ec:8c:bb:ff:75:71:f5:7e:ac:4b:a0:b8:ae:
3a:97:60:43:9b:8b:1a:b4:3d:f6:56:f5:5a:86:76:
6a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:AC:37:BF:89:C6:9E:D2:73:CC:A5:DF:22:3E:02:FC:B4:AF:A6:98
X509v3 Authority Key Identifier:
keyid:2D:07:45:D2:6E:59:44:0C:B7:1F:AF:E9:96:83:44:93:DA:75:32:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/3a406cdb-1791-478d-9d28-9e37a6f809cc/0/2D0745D26E59440CB71FAFE996834493DA753248.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D0745D26E59440CB71FAFE996834493DA753248.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3a406cdb-1791-478d-9d28-9e37a6f809cc/0/3130332e37332e3135382e302f32342d3234203d3e203234343239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.73.158.0/24
Signature Algorithm: sha256WithRSAEncryption
40:94:4e:f7:18:cb:30:f3:2f:75:0e:c3:da:d4:38:70:1e:ea:
65:61:0d:fe:e9:83:87:cf:c0:bb:c5:46:7d:25:98:ee:fe:36:
51:79:57:d9:4b:af:97:bf:e1:94:5c:a0:2e:01:04:1a:7c:7b:
b4:df:6b:42:f6:64:2c:99:43:6a:ee:90:0f:b1:72:3b:77:1b:
7e:86:0b:cc:a4:d8:cc:41:00:24:f8:58:9d:91:03:77:25:3e:
f9:72:85:7b:f4:6e:35:fc:e4:71:6e:45:f3:87:0f:fb:e5:5b:
16:a1:73:e6:dd:a0:44:62:96:b2:81:fc:9f:91:c3:c7:9e:fe:
1a:c5:56:26:b2:cd:a8:f8:9f:08:4f:11:af:ec:18:58:41:2c:
94:b5:84:ad:8b:15:86:04:9c:e6:d2:44:b7:b3:06:20:16:51:
5b:88:72:60:87:1c:75:54:da:7c:ca:5e:42:1e:d3:bc:6e:80:
bd:63:96:c4:c0:6c:12:33:ed:8b:ee:4a:58:08:21:81:d4:de:
78:ee:28:bb:a3:cf:f1:03:3a:00:63:7a:89:14:af:74:fa:c7:
ac:bb:c6:a5:39:63:01:91:5f:05:05:29:8f:28:0f:bd:2c:15:
02:5f:46:b8:32:f4:71:6a:75:04:8f:5c:41:65:d3:7e:f6:af:
9e:7f:7a:b3
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUI8VPLoG921qY92BZ2fCvHAtAPh8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkQwNzQ1RDI2RTU5NDQwQ0I3MUZBRkU5OTY4MzQ0OTNE
QTc1MzI0ODAeFw0yNTAxMjgxNjU2NTBaFw0yNjAxMjcxNzAxNTBaMDMxMTAvBgNV
BAMTKDA5QUMzN0JGODlDNjlFRDI3M0NDQTVERjIyM0UwMkZDQjRBRkE2OTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9bt2cWNewXPcy7uguUeKnXkC7
wcUcvsfHTpW3LTePtgvyziMaorOPc19F5iimr1tTi4Ny9Pw0RusfL1UnRYpLuZ93
IgYxH20QmKfLdY/LLxuN72It8X5px4AdqO7fBbSQwx+fpmPAkdRJwIG8COHnVGoW
91Tj0EcF45BE5I9C/V9bswnuQJfVEManGXVrGBJ9Alxjm9ueo1AwHMRoCfPOAgmw
Ckpq8exGjSW6njAVp90b0V+pT/5P2QG8GaJ1SYTjHmaXzlPPJqZ/eLk8YZ/WWHvj
Z2yC65E+WR2PWe4LUDS67Iy7/3Vx9X6sS6C4rjqXYEObixq0PfZW9VqGdmrvAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUCaw3v4nGntJzzKXfIj4C/LSvppgwHwYDVR0j
BBgwFoAULQdF0m5ZRAy3H6/ploNEk9p1MkgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
YTQwNmNkYi0xNzkxLTQ3OGQtOWQyOC05ZTM3YTZmODA5Y2MvMC8yRDA3NDVEMjZF
NTk0NDBDQjcxRkFGRTk5NjgzNDQ5M0RBNzUzMjQ4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMkQwNzQ1RDI2RTU5NDQwQ0I3MUZBRkU5OTY4MzQ0OTNEQTc1
MzI0OC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNhNDA2Y2RiLTE3OTEtNDc4ZC05
ZDI4LTllMzdhNmY4MDljYy8wLzMxMzAzMzJlMzczMzJlMzEzNTM4MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzIzNDM0MzIzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGdJnjANBgkqhkiG
9w0BAQsFAAOCAQEAQJRO9xjLMPMvdQ7D2tQ4cB7qZWEN/umDh8/Au8VGfSWY7v42
UXlX2Uuvl7/hlFygLgEEGnx7tN9rQvZkLJlDau6QD7FyO3cbfoYLzKTYzEEAJPhY
nZEDdyU++XKFe/RuNfzkcW5F84cP++VbFqFz5t2gRGKWsoH8n5HDx57+GsVWJrLN
qPifCE8Rr+wYWEEslLWErYsVhgSc5tJEt7MGIBZRW4hyYIccdVTafMpeQh7TvG6A
vWOWxMBsEjPti+5KWAghgdTeeO4ou6PP8QM6AGN6iRSvdPrHrLvGpTljAZFfBQUp
jygPvSwVAl9GuDL0cWp1BI9cQWXTfvavnn96sw==
-----END CERTIFICATE-----
Generated at Thu Apr 10 13:33:05 2025 by rpki-client