Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/643db7d2-b3fd-4214-b6a4-d0162f95e72e/0/3130332e32302e31362e302f32342d3234203d3e20313439393633.roa
File: 3130332e32302e31362e302f32342d3234203d3e20313439393633.roa (raw, json)
Hash identifier: mHUDn4w86nl9XlW/sfdTOKaakTYi+pvtUXLDnC1VKlw=
Subject key identifier: F5:4B:35:19:3F:3D:00:40:66:E7:10:49:68:A1:DA:D7:80:A8:1C:D5
Certificate issuer: /CN=8714172B5D3FC9C36A83EBA27AB946FC69A4F821
Certificate serial: 05DABCA953E79280D5620CC49F6ACBBA6F4F1C12
Authority key identifier: 87:14:17:2B:5D:3F:C9:C3:6A:83:EB:A2:7A:B9:46:FC:69:A4:F8:21
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8714172B5D3FC9C36A83EBA27AB946FC69A4F821.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/643db7d2-b3fd-4214-b6a4-d0162f95e72e/0/3130332e32302e31362e302f32342d3234203d3e20313439393633.roa
Signing time: Tue 28 Apr 2026 05:00:01 +0000
ROA not before: Tue 28 Apr 2026 04:55:01 +0000
ROA not after: Tue 27 Apr 2027 05:00:01 +0000
asID: 149963
IP address blocks: 103.20.16.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:da:bc:a9:53:e7:92:80:d5:62:0c:c4:9f:6a:cb:ba:6f:4f:1c:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8714172B5D3FC9C36A83EBA27AB946FC69A4F821
Validity
Not Before: Apr 28 04:55:01 2026 GMT
Not After : Apr 27 05:00:01 2027 GMT
Subject: CN=F54B35193F3D004066E7104968A1DAD780A81CD5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:19:b4:e2:7c:74:dd:25:54:6e:c4:8b:db:f8:
c0:e5:58:f5:a4:61:19:26:7c:eb:d6:79:57:8c:ec:
a7:56:ff:9e:47:92:94:30:7f:fd:7e:78:f3:9e:42:
c4:92:93:ba:74:c6:8b:e1:b9:bd:23:5b:44:c4:33:
c6:dc:90:f3:61:05:a3:2e:38:43:33:a3:3f:c7:f7:
03:dd:03:d2:fe:62:0d:15:6d:e2:fe:91:07:17:fb:
ec:1e:d3:e5:8a:57:e8:d3:8e:d0:4c:e5:44:f7:8a:
11:0b:30:a2:f5:42:97:46:9e:08:46:8a:a6:67:44:
76:e3:91:72:04:ec:d6:1a:a9:6c:fe:e1:e8:af:f5:
7d:e4:0f:f6:21:ee:18:6b:db:fa:77:83:3c:94:f6:
e2:06:ad:2c:5f:b3:d4:d9:f5:53:59:18:23:11:f3:
4f:37:e8:c3:87:f8:c2:ba:11:54:71:67:6c:02:69:
06:45:c9:43:ed:6d:e6:d1:1c:b3:1a:e1:5b:e7:ef:
59:05:ba:ae:0b:b4:59:5a:77:8c:77:b3:a6:4d:e8:
c8:03:a3:ad:86:ce:65:62:95:62:4c:68:ef:2e:cc:
9f:2b:79:ef:e0:16:15:22:eb:97:13:34:9a:da:a3:
6a:1c:b6:1c:e3:c6:90:d8:55:07:75:e1:73:c9:04:
33:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:4B:35:19:3F:3D:00:40:66:E7:10:49:68:A1:DA:D7:80:A8:1C:D5
X509v3 Authority Key Identifier:
keyid:87:14:17:2B:5D:3F:C9:C3:6A:83:EB:A2:7A:B9:46:FC:69:A4:F8:21
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/643db7d2-b3fd-4214-b6a4-d0162f95e72e/0/8714172B5D3FC9C36A83EBA27AB946FC69A4F821.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8714172B5D3FC9C36A83EBA27AB946FC69A4F821.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/643db7d2-b3fd-4214-b6a4-d0162f95e72e/0/3130332e32302e31362e302f32342d3234203d3e20313439393633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.20.16.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:9d:2a:4d:2b:e2:4a:80:2f:7b:ed:61:b0:7b:44:dd:c1:27:
1b:f5:ac:e2:32:39:0f:0e:38:aa:9e:5f:c6:79:06:4f:e3:ae:
d9:30:20:5b:a7:fc:36:a6:09:29:62:ac:c3:eb:c3:a6:c9:e4:
e1:c5:9a:f4:54:fd:66:c7:bb:2a:86:d6:85:72:03:59:24:23:
b7:4a:76:9e:19:3c:99:ce:28:5a:f4:48:e3:1e:ab:ce:2b:cc:
c3:2e:54:cd:26:5a:bf:d9:5e:8d:2a:19:d2:e4:72:c2:7d:27:
f3:d3:f4:47:ac:16:89:35:cf:d4:6b:af:fc:67:e1:a1:2f:68:
62:46:7a:f7:83:8e:0e:0e:8f:60:b6:c1:ae:68:b9:46:82:24:
3a:82:d2:b8:89:7a:e3:85:d9:2d:9d:6e:ba:ce:11:9c:a7:d0:
70:48:7e:83:6c:b3:54:a7:22:26:d7:b0:72:a6:5d:ba:f5:26:
a4:a6:7f:b6:bb:2e:16:46:8a:46:69:aa:54:af:0f:ba:94:b3:
ca:aa:a0:23:45:8c:2f:66:8f:08:de:d3:fe:de:71:f2:a6:09:
f1:dc:7a:8f:64:6d:2a:32:f2:a3:28:77:18:9d:57:61:e7:7c:
fb:34:64:f8:7d:24:74:67:d1:93:6a:35:16:bf:87:4e:9d:df:
49:fd:65:59
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUBdq8qVPnkoDVYgzEn2rLum9PHBIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODcxNDE3MkI1RDNGQzlDMzZBODNFQkEyN0FCOTQ2RkM2
OUE0RjgyMTAeFw0yNjA0MjgwNDU1MDFaFw0yNzA0MjcwNTAwMDFaMDMxMTAvBgNV
BAMTKEY1NEIzNTE5M0YzRDAwNDA2NkU3MTA0OTY4QTFEQUQ3ODBBODFDRDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyGbTifHTdJVRuxIvb+MDlWPWk
YRkmfOvWeVeM7KdW/55HkpQwf/1+ePOeQsSSk7p0xovhub0jW0TEM8bckPNhBaMu
OEMzoz/H9wPdA9L+Yg0VbeL+kQcX++we0+WKV+jTjtBM5UT3ihELMKL1QpdGnghG
iqZnRHbjkXIE7NYaqWz+4eiv9X3kD/Yh7hhr2/p3gzyU9uIGrSxfs9TZ9VNZGCMR
80836MOH+MK6EVRxZ2wCaQZFyUPtbebRHLMa4Vvn71kFuq4LtFlad4x3s6ZN6MgD
o62GzmVilWJMaO8uzJ8ree/gFhUi65cTNJrao2octhzjxpDYVQd14XPJBDNZAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU9Us1GT89AEBm5xBJaKHa14CoHNUwHwYDVR0j
BBgwFoAUhxQXK10/ycNqg+uierlG/Gmk+CEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
NDNkYjdkMi1iM2ZkLTQyMTQtYjZhNC1kMDE2MmY5NWU3MmUvMC84NzE0MTcyQjVE
M0ZDOUMzNkE4M0VCQTI3QUI5NDZGQzY5QTRGODIxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvODcxNDE3MkI1RDNGQzlDMzZBODNFQkEyN0FCOTQ2RkM2OUE0
RjgyMS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzY0M2RiN2QyLWIzZmQtNDIxNC1i
NmE0LWQwMTYyZjk1ZTcyZS8wLzMxMzAzMzJlMzIzMDJlMzEzNjJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzQzOTM5MzYzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGcUEDANBgkqhkiG
9w0BAQsFAAOCAQEAKp0qTSviSoAve+1hsHtE3cEnG/Ws4jI5Dw44qp5fxnkGT+Ou
2TAgW6f8NqYJKWKsw+vDpsnk4cWa9FT9Zse7KobWhXIDWSQjt0p2nhk8mc4oWvRI
4x6rzivMwy5UzSZav9lejSoZ0uRywn0n89P0R6wWiTXP1Guv/GfhoS9oYkZ694OO
Dg6PYLbBrmi5RoIkOoLSuIl644XZLZ1uus4RnKfQcEh+g2yzVKciJtewcqZduvUm
pKZ/trsuFkaKRmmqVK8PupSzyqqgI0WML2aPCN7T/t5x8qYJ8dx6j2RtKjLyoyh3
GJ1XYed8+zRk+H0kdGfRk2o1Fr+HTp3fSf1lWQ==
-----END CERTIFICATE-----
Generated at Wed Jun 3 03:25:33 2026 by rpki-client