Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/3a46360d-662b-4f7d-bb17-d86082152471/0/3130332e3136382e3134372e302f32342d3234203d3e20313430343433.roa
File: 3130332e3136382e3134372e302f32342d3234203d3e20313430343433.roa (raw, json)
Hash identifier: vfImiFEds0caJl5aBP0MxYhFkdq8Ac7hTgD2QgZXO/g=
Subject key identifier: B3:2F:D2:8A:C8:22:93:BF:D9:F1:D0:9F:26:D9:C6:DC:7E:5E:2B:95
Certificate issuer: /CN=4F40845626DE4E373F550B654EA4E833B6EB4D27
Certificate serial: 175B7EE6FE00149446B3D7EC5725BC8FAF8298C0
Authority key identifier: 4F:40:84:56:26:DE:4E:37:3F:55:0B:65:4E:A4:E8:33:B6:EB:4D:27
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4F40845626DE4E373F550B654EA4E833B6EB4D27.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/3a46360d-662b-4f7d-bb17-d86082152471/0/3130332e3136382e3134372e302f32342d3234203d3e20313430343433.roa
Signing time: Fri 28 Feb 2025 06:00:00 +0000
ROA not before: Fri 28 Feb 2025 05:55:00 +0000
ROA not after: Fri 27 Feb 2026 06:00:00 +0000
asID: 140443
IP address blocks: 103.168.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/3a46360d-662b-4f7d-bb17-d86082152471/0/4F40845626DE4E373F550B654EA4E833B6EB4D27.crl
rsync://repo-rpki.idnic.net/repo/3a46360d-662b-4f7d-bb17-d86082152471/0/4F40845626DE4E373F550B654EA4E833B6EB4D27.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4F40845626DE4E373F550B654EA4E833B6EB4D27.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 15:16:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:5b:7e:e6:fe:00:14:94:46:b3:d7:ec:57:25:bc:8f:af:82:98:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4F40845626DE4E373F550B654EA4E833B6EB4D27
Validity
Not Before: Feb 28 05:55:00 2025 GMT
Not After : Feb 27 06:00:00 2026 GMT
Subject: CN=B32FD28AC82293BFD9F1D09F26D9C6DC7E5E2B95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:90:e1:13:f9:69:cf:3c:d3:bb:ec:03:63:c5:
93:60:05:cf:b1:4c:1a:51:8e:9b:38:28:84:d4:62:
3c:29:17:9c:f3:75:0e:06:c9:25:66:de:49:c6:62:
bc:6d:4c:80:e2:02:24:e5:ed:07:41:b4:7b:62:8a:
66:45:f6:f7:0b:29:fe:87:b9:f4:cc:a2:c7:4c:01:
8a:e6:2b:87:21:9e:43:da:3a:c7:b8:80:ab:be:7b:
88:8d:c6:18:59:2c:69:ba:74:5c:fc:1b:fc:18:47:
7c:c2:33:d5:84:e3:09:71:6c:db:c3:e3:e5:29:3a:
91:af:de:60:56:3b:6c:4b:d5:bb:6a:fa:a6:68:5c:
b8:26:37:95:a4:9b:8b:16:99:0f:7f:1e:a3:ae:e8:
29:59:0c:1a:9e:d0:72:bb:28:2b:bc:6e:e2:d0:7b:
c6:75:42:b2:e2:c6:62:96:37:f1:c6:e9:b6:df:10:
71:1b:25:cf:24:80:fa:de:4e:e2:0b:70:40:08:37:
3e:69:b2:f0:c9:75:9b:34:5a:d6:0e:47:d1:88:0f:
7b:9c:de:34:dd:c2:0a:ca:0d:a3:e2:e5:fb:3d:dc:
92:a4:5d:cf:03:b8:09:6e:57:da:57:21:07:35:71:
b9:ca:10:54:15:31:aa:cb:c7:2e:cf:57:6a:85:70:
83:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:2F:D2:8A:C8:22:93:BF:D9:F1:D0:9F:26:D9:C6:DC:7E:5E:2B:95
X509v3 Authority Key Identifier:
keyid:4F:40:84:56:26:DE:4E:37:3F:55:0B:65:4E:A4:E8:33:B6:EB:4D:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/3a46360d-662b-4f7d-bb17-d86082152471/0/4F40845626DE4E373F550B654EA4E833B6EB4D27.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4F40845626DE4E373F550B654EA4E833B6EB4D27.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3a46360d-662b-4f7d-bb17-d86082152471/0/3130332e3136382e3134372e302f32342d3234203d3e20313430343433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.168.147.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:8b:33:b1:97:c5:ba:71:36:3d:b8:08:5c:83:eb:63:c4:09:
22:47:3f:29:7d:b1:04:1f:6d:5f:6e:ff:ff:4a:2e:1e:37:2b:
9f:81:1f:b4:1a:db:3e:e5:1a:c7:de:2d:76:94:eb:92:57:0c:
26:78:a0:c4:06:c3:9c:6a:74:b3:e0:ac:7d:a2:8a:45:24:fe:
e8:e9:9a:bc:79:2c:f6:a9:d4:23:f7:f1:17:02:78:94:9c:70:
af:f9:80:db:65:3e:9b:5b:5e:28:33:29:3b:0d:c0:6d:46:2b:
59:ec:e3:01:a1:a3:13:51:c7:21:e9:d7:91:4f:f2:b1:34:4c:
41:93:68:ab:15:ea:17:88:79:f8:ca:c0:34:b4:90:4d:2f:71:
ba:12:01:b1:1e:ba:21:dc:2e:0a:cb:e7:da:2a:c3:55:df:e0:
a3:a1:55:69:dd:68:03:0a:2c:1e:3e:44:76:d8:31:51:15:0a:
77:de:2c:92:82:57:ed:2b:88:f1:29:35:93:09:05:05:64:6c:
40:ef:88:44:e3:9a:b4:17:4b:e9:59:bc:ab:77:31:44:55:81:
8c:32:ca:3f:df:62:bd:6e:48:3a:74:fb:93:70:93:e8:53:f9:
dc:38:2a:a9:57:0e:01:f0:6a:44:84:de:e3:b6:ba:8a:22:46:
d2:98:7b:fa
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUF1t+5v4AFJRGs9fsVyW8j6+CmMAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNEY0MDg0NTYyNkRFNEUzNzNGNTUwQjY1NEVBNEU4MzNC
NkVCNEQyNzAeFw0yNTAyMjgwNTU1MDBaFw0yNjAyMjcwNjAwMDBaMDMxMTAvBgNV
BAMTKEIzMkZEMjhBQzgyMjkzQkZEOUYxRDA5RjI2RDlDNkRDN0U1RTJCOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCykOET+WnPPNO77ANjxZNgBc+x
TBpRjps4KITUYjwpF5zzdQ4GySVm3knGYrxtTIDiAiTl7QdBtHtiimZF9vcLKf6H
ufTMosdMAYrmK4chnkPaOse4gKu+e4iNxhhZLGm6dFz8G/wYR3zCM9WE4wlxbNvD
4+UpOpGv3mBWO2xL1btq+qZoXLgmN5Wkm4sWmQ9/HqOu6ClZDBqe0HK7KCu8buLQ
e8Z1QrLixmKWN/HG6bbfEHEbJc8kgPreTuILcEAINz5psvDJdZs0WtYOR9GID3uc
3jTdwgrKDaPi5fs93JKkXc8DuAluV9pXIQc1cbnKEFQVMarLxy7PV2qFcIPrAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUsy/Sisgik7/Z8dCfJtnG3H5eK5UwHwYDVR0j
BBgwFoAUT0CEVibeTjc/VQtlTqToM7brTScwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
YTQ2MzYwZC02NjJiLTRmN2QtYmIxNy1kODYwODIxNTI0NzEvMC80RjQwODQ1NjI2
REU0RTM3M0Y1NTBCNjU0RUE0RTgzM0I2RUI0RDI3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNEY0MDg0NTYyNkRFNEUzNzNGNTUwQjY1NEVBNEU4MzNCNkVC
NEQyNy5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNhNDYzNjBkLTY2MmItNGY3ZC1i
YjE3LWQ4NjA4MjE1MjQ3MS8wLzMxMzAzMzJlMzEzNjM4MmUzMTM0MzcyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM0MzAzNDM0MzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnqJMwDQYJ
KoZIhvcNAQELBQADggEBAFuLM7GXxbpxNj24CFyD62PECSJHPyl9sQQfbV9u//9K
Lh43K5+BH7Qa2z7lGsfeLXaU65JXDCZ4oMQGw5xqdLPgrH2iikUk/ujpmrx5LPap
1CP38RcCeJSccK/5gNtlPptbXigzKTsNwG1GK1ns4wGhoxNRxyHp15FP8rE0TEGT
aKsV6heIefjKwDS0kE0vcboSAbEeuiHcLgrL59oqw1Xf4KOhVWndaAMKLB4+RHbY
MVEVCnfeLJKCV+0riPEpNZMJBQVkbEDviETjmrQXS+lZvKt3MURVgYwyyj/fYr1u
SDp0+5Nwk+hT+dw4KqlXDgHwakSE3uO2uooiRtKYe/o=
-----END CERTIFICATE-----
Generated at Thu Apr 10 11:37:25 2025 by rpki-client