Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/d44dfb5a-6e24-4a4d-8969-eb3cbe34e47e/0/3130332e3135382e3132362e302f32332d3234203d3e203338333230.roa
File: 3130332e3135382e3132362e302f32332d3234203d3e203338333230.roa (raw, json)
Hash identifier: sAEVe363BvIs2dOx1hxbCSZZoE73/9sHIDXoFlichKA=
Subject key identifier: 99:74:4D:BF:9A:52:C6:B3:F1:02:EF:92:3B:EC:84:20:CE:C2:25:37
Certificate issuer: /CN=8F52E72816B856335390C4F4AFBAF207C21522F6
Certificate serial: 7A62F26774835B12FC77437EDFCD17544F6EEEF9
Authority key identifier: 8F:52:E7:28:16:B8:56:33:53:90:C4:F4:AF:BA:F2:07:C2:15:22:F6
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8F52E72816B856335390C4F4AFBAF207C21522F6.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/d44dfb5a-6e24-4a4d-8969-eb3cbe34e47e/0/3130332e3135382e3132362e302f32332d3234203d3e203338333230.roa
Signing time: Fri 21 Mar 2025 03:00:00 +0000
ROA not before: Fri 21 Mar 2025 02:55:00 +0000
ROA not after: Fri 20 Mar 2026 03:00:00 +0000
asID: 38320
IP address blocks: 103.158.126.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:62:f2:67:74:83:5b:12:fc:77:43:7e:df:cd:17:54:4f:6e:ee:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8F52E72816B856335390C4F4AFBAF207C21522F6
Validity
Not Before: Mar 21 02:55:00 2025 GMT
Not After : Mar 20 03:00:00 2026 GMT
Subject: CN=99744DBF9A52C6B3F102EF923BEC8420CEC22537
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:dc:43:55:31:59:0b:a8:73:aa:7c:b9:39:f4:
c4:ca:9c:b6:b3:25:10:91:5b:1b:97:9c:47:3f:5b:
76:e1:c3:d6:04:a6:e3:19:81:0e:02:aa:59:02:da:
bf:cd:36:d5:9e:6e:c5:65:50:e1:22:0a:1d:c4:8e:
a5:1a:ce:78:1b:ff:3a:26:0f:a0:66:ed:79:48:17:
90:ee:3f:e0:8d:8e:5f:48:67:2a:64:f4:79:09:5e:
07:20:a4:ab:90:75:ab:32:ef:dc:70:df:d1:b1:fb:
a6:09:16:0c:7c:92:d1:9e:8d:62:26:f5:79:b0:64:
8c:3d:53:49:e7:b4:ef:1c:b0:52:9a:98:ca:51:8d:
74:7a:cd:b3:3f:32:bf:bc:c6:03:42:7d:6b:cf:c7:
f6:07:25:0d:2b:23:b1:91:19:10:59:88:94:4a:8d:
b6:ff:7b:4e:e9:a9:41:ed:fa:04:c9:6e:1f:f5:91:
f7:ec:89:4e:a2:01:b9:d5:53:4a:48:4e:df:08:aa:
02:14:5f:b1:22:c2:ee:a7:1b:ba:ed:12:29:d5:90:
b8:f7:36:54:34:e3:05:38:62:7e:bf:ca:16:b2:2b:
6c:ba:c2:06:d1:4b:13:13:43:80:44:c9:0d:2a:04:
92:7e:cb:a6:8d:bf:f6:5c:33:12:2e:42:9a:ad:97:
32:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:74:4D:BF:9A:52:C6:B3:F1:02:EF:92:3B:EC:84:20:CE:C2:25:37
X509v3 Authority Key Identifier:
keyid:8F:52:E7:28:16:B8:56:33:53:90:C4:F4:AF:BA:F2:07:C2:15:22:F6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/d44dfb5a-6e24-4a4d-8969-eb3cbe34e47e/0/8F52E72816B856335390C4F4AFBAF207C21522F6.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8F52E72816B856335390C4F4AFBAF207C21522F6.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d44dfb5a-6e24-4a4d-8969-eb3cbe34e47e/0/3130332e3135382e3132362e302f32332d3234203d3e203338333230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.158.126.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:5b:83:28:da:98:c6:a2:d9:37:8c:7a:d2:5f:ac:6d:59:c6:
33:1d:f6:cc:07:5d:89:a1:e6:1e:88:9f:5b:1a:58:80:26:58:
19:b2:62:e5:e8:09:bd:e9:e8:1e:2e:02:a3:b2:4d:a6:62:21:
06:12:18:9a:8b:db:c0:fe:bc:c9:3e:ae:70:10:b5:72:b1:18:
2e:17:9a:15:27:cd:82:1b:0b:33:17:38:f4:22:64:a6:9d:35:
9e:94:ba:6a:9e:5a:9d:fd:13:8c:2c:43:f5:f8:9d:7c:51:52:
d7:68:e8:0c:c6:e3:58:f4:6e:ea:80:4a:ff:f4:66:c9:e3:6b:
b3:43:d5:98:a9:37:0a:8b:f0:2a:66:6a:8a:36:9e:40:65:4d:
a2:23:f5:40:cc:2f:da:6f:45:09:c1:31:48:4d:70:de:8b:9c:
44:05:e4:56:9a:e9:b8:62:dd:62:41:53:81:d0:a0:b1:6c:4e:
18:40:2b:82:a0:bc:39:5a:58:77:56:57:47:dd:4c:38:65:ee:
8a:bc:31:31:6b:93:e5:1a:ec:5f:86:66:d4:fa:43:53:8b:f8:
2f:d1:12:6e:e2:6d:b7:ae:a0:96:9e:a7:ac:39:b3:4d:0e:77:
65:8f:3e:da:6b:c7:fb:55:8d:5f:21:90:be:b5:48:5b:10:dc:
c8:db:c6:06
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUemLyZ3SDWxL8d0N+380XVE9u7vkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEY1MkU3MjgxNkI4NTYzMzUzOTBDNEY0QUZCQUYyMDdD
MjE1MjJGNjAeFw0yNTAzMjEwMjU1MDBaFw0yNjAzMjAwMzAwMDBaMDMxMTAvBgNV
BAMTKDk5NzQ0REJGOUE1MkM2QjNGMTAyRUY5MjNCRUM4NDIwQ0VDMjI1MzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC43ENVMVkLqHOqfLk59MTKnLaz
JRCRWxuXnEc/W3bhw9YEpuMZgQ4CqlkC2r/NNtWebsVlUOEiCh3EjqUazngb/zom
D6Bm7XlIF5DuP+CNjl9IZypk9HkJXgcgpKuQdasy79xw39Gx+6YJFgx8ktGejWIm
9XmwZIw9U0nntO8csFKamMpRjXR6zbM/Mr+8xgNCfWvPx/YHJQ0rI7GRGRBZiJRK
jbb/e07pqUHt+gTJbh/1kffsiU6iAbnVU0pITt8IqgIUX7Eiwu6nG7rtEinVkLj3
NlQ04wU4Yn6/yhayK2y6wgbRSxMTQ4BEyQ0qBJJ+y6aNv/ZcMxIuQpqtlzJlAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUmXRNv5pSxrPxAu+SO+yEIM7CJTcwHwYDVR0j
BBgwFoAUj1LnKBa4VjNTkMT0r7ryB8IVIvYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
NDRkZmI1YS02ZTI0LTRhNGQtODk2OS1lYjNjYmUzNGU0N2UvMC84RjUyRTcyODE2
Qjg1NjMzNTM5MEM0RjRBRkJBRjIwN0MyMTUyMkY2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOEY1MkU3MjgxNkI4NTYzMzUzOTBDNEY0QUZCQUYyMDdDMjE1
MjJGNi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2Q0NGRmYjVhLTZlMjQtNGE0ZC04
OTY5LWViM2NiZTM0ZTQ3ZS8wLzMxMzAzMzJlMzEzNTM4MmUzMTMyMzYyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMzM4MzMzMjMwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ55+MA0GCSqG
SIb3DQEBCwUAA4IBAQAfW4Mo2pjGotk3jHrSX6xtWcYzHfbMB12JoeYeiJ9bGliA
JlgZsmLl6Am96egeLgKjsk2mYiEGEhiai9vA/rzJPq5wELVysRguF5oVJ82CGwsz
Fzj0ImSmnTWelLpqnlqd/ROMLEP1+J18UVLXaOgMxuNY9G7qgEr/9GbJ42uzQ9WY
qTcKi/AqZmqKNp5AZU2iI/VAzC/ab0UJwTFITXDei5xEBeRWmum4Yt1iQVOB0KCx
bE4YQCuCoLw5Wlh3VldH3Uw4Ze6KvDExa5PlGuxfhmbU+kNTi/gv0RJu4m23rqCW
nqesObNNDndljz7aa8f7VY1fIZC+tUhbENzI28YG
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:45:22 2025 by rpki-client