Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/0260cf16-74ff-4f2f-b56c-e581eaea251c/0/3130332e36382e3231332e302f32342d3234203d3e20313530353330.roa
File: 3130332e36382e3231332e302f32342d3234203d3e20313530353330.roa (raw, json)
Hash identifier: cHp1PrRnqsW34jqmb6yO4cCFmXfZNHvvcfXkiTq83Hk=
Subject key identifier: 65:88:24:A6:55:CD:28:DA:B1:3C:33:04:F0:B0:AA:34:11:7E:BB:B3
Certificate issuer: /CN=7C8592B080A17A9CE2F782DEA4C1297A97B60CDC
Certificate serial: 629C35ABA976A951238CCF2F2D8DE4B1C5595CA7
Authority key identifier: 7C:85:92:B0:80:A1:7A:9C:E2:F7:82:DE:A4:C1:29:7A:97:B6:0C:DC
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7C8592B080A17A9CE2F782DEA4C1297A97B60CDC.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/0260cf16-74ff-4f2f-b56c-e581eaea251c/0/3130332e36382e3231332e302f32342d3234203d3e20313530353330.roa
Signing time: Thu 05 Dec 2024 16:01:39 +0000
ROA not before: Thu 05 Dec 2024 15:56:39 +0000
ROA not after: Thu 04 Dec 2025 16:01:39 +0000
asID: 150530
IP address blocks: 103.68.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/0260cf16-74ff-4f2f-b56c-e581eaea251c/0/7C8592B080A17A9CE2F782DEA4C1297A97B60CDC.crl
rsync://repo-rpki.idnic.net/repo/0260cf16-74ff-4f2f-b56c-e581eaea251c/0/7C8592B080A17A9CE2F782DEA4C1297A97B60CDC.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7C8592B080A17A9CE2F782DEA4C1297A97B60CDC.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 18:40:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:9c:35:ab:a9:76:a9:51:23:8c:cf:2f:2d:8d:e4:b1:c5:59:5c:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7C8592B080A17A9CE2F782DEA4C1297A97B60CDC
Validity
Not Before: Dec 5 15:56:39 2024 GMT
Not After : Dec 4 16:01:39 2025 GMT
Subject: CN=658824A655CD28DAB13C3304F0B0AA34117EBBB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:86:85:ee:45:4a:17:25:a5:89:9a:ff:c8:8d:
38:0c:39:39:da:5c:da:dc:79:20:e6:b4:e0:f1:db:
d1:ab:75:f8:b8:d6:bf:61:c7:bb:b6:90:c0:80:6b:
5d:1e:0f:75:82:18:be:77:31:84:21:1a:c6:dc:7d:
57:a6:6e:87:ff:8a:f5:7f:55:ac:29:6c:94:e4:15:
1c:10:31:cc:85:24:dc:31:40:b3:e8:ec:3c:2c:c3:
a8:c3:40:6d:f8:3d:d7:f5:dc:16:04:67:14:49:98:
92:3e:94:6c:e5:30:20:a9:ce:7d:dd:39:4c:65:0d:
3f:41:3c:94:d1:a9:5e:fa:0f:d6:a0:89:d3:b5:d8:
1b:b1:b0:38:1c:dd:1b:d1:62:98:87:5b:ea:b2:88:
09:50:d4:ff:5b:22:29:05:8a:fa:74:8b:cc:0f:d2:
01:11:1d:92:ca:2f:16:68:0c:2b:1e:99:30:27:24:
bd:05:ca:ed:03:4a:16:f5:8a:74:aa:f5:25:5d:5f:
d4:b2:4e:f0:f9:c9:e1:e6:b0:a0:c7:ff:90:bd:d5:
50:eb:c1:fd:f9:d2:96:3a:df:ff:ea:12:04:ba:ba:
11:e7:fd:78:4f:ae:6f:97:2d:77:42:d4:5f:78:e6:
cb:39:d0:5c:98:c9:fc:4f:f5:02:e1:9c:e7:05:bc:
48:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:88:24:A6:55:CD:28:DA:B1:3C:33:04:F0:B0:AA:34:11:7E:BB:B3
X509v3 Authority Key Identifier:
keyid:7C:85:92:B0:80:A1:7A:9C:E2:F7:82:DE:A4:C1:29:7A:97:B6:0C:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/0260cf16-74ff-4f2f-b56c-e581eaea251c/0/7C8592B080A17A9CE2F782DEA4C1297A97B60CDC.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7C8592B080A17A9CE2F782DEA4C1297A97B60CDC.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0260cf16-74ff-4f2f-b56c-e581eaea251c/0/3130332e36382e3231332e302f32342d3234203d3e20313530353330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.68.213.0/24
Signature Algorithm: sha256WithRSAEncryption
57:c4:a6:e4:b8:6a:63:19:8d:33:00:0a:42:21:50:11:6f:29:
c1:69:8e:cf:7d:aa:e2:a8:c0:70:d2:93:77:45:46:45:74:5c:
e1:70:9e:1d:d8:2d:50:be:6b:b3:22:33:23:cd:1c:6e:10:00:
1e:e3:02:e7:95:48:59:92:8c:41:38:fe:a5:d0:1f:a4:ab:4b:
03:fb:c1:76:34:2c:2f:58:70:8c:d3:b9:c7:46:28:13:e3:36:
7d:29:13:2a:d0:56:34:5b:1d:80:27:12:ff:62:9a:af:bd:a9:
7b:fe:8f:24:a6:7d:33:76:66:84:dc:82:2f:e1:ae:8a:73:0e:
e1:d7:7a:ce:ff:aa:77:f7:a9:58:c5:6c:e6:ac:90:17:32:7c:
c7:38:9c:14:c4:90:73:ae:19:46:3a:d9:53:86:c4:8a:1a:39:
96:db:fc:ed:0a:dc:ce:3a:28:88:67:b7:40:bc:89:8c:b8:df:
11:4b:18:fd:1f:8e:be:7d:c5:ac:cd:34:f3:9d:91:42:eb:68:
84:ec:82:dd:0b:2d:c8:09:a2:12:9e:da:bb:ea:e9:a1:7d:ea:
15:b1:66:c6:08:26:b9:78:25:35:4b:df:d0:c9:8c:69:9a:0c:
bb:9a:ce:6b:5b:a2:3e:71:31:17:65:5a:83:23:cb:8d:6c:67:
f0:d8:be:27
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUYpw1q6l2qVEjjM8vLY3kscVZXKcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0M4NTkyQjA4MEExN0E5Q0UyRjc4MkRFQTRDMTI5N0E5
N0I2MENEQzAeFw0yNDEyMDUxNTU2MzlaFw0yNTEyMDQxNjAxMzlaMDMxMTAvBgNV
BAMTKDY1ODgyNEE2NTVDRDI4REFCMTNDMzMwNEYwQjBBQTM0MTE3RUJCQjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2hoXuRUoXJaWJmv/IjTgMOTna
XNrceSDmtODx29Grdfi41r9hx7u2kMCAa10eD3WCGL53MYQhGsbcfVembof/ivV/
VawpbJTkFRwQMcyFJNwxQLPo7Dwsw6jDQG34Pdf13BYEZxRJmJI+lGzlMCCpzn3d
OUxlDT9BPJTRqV76D9agidO12BuxsDgc3RvRYpiHW+qyiAlQ1P9bIikFivp0i8wP
0gERHZLKLxZoDCsemTAnJL0Fyu0DShb1inSq9SVdX9SyTvD5yeHmsKDH/5C91VDr
wf350pY63//qEgS6uhHn/XhPrm+XLXdC1F945ss50FyYyfxP9QLhnOcFvEjZAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUZYgkplXNKNqxPDME8LCqNBF+u7MwHwYDVR0j
BBgwFoAUfIWSsIChepzi94LepMEpepe2DNwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
MjYwY2YxNi03NGZmLTRmMmYtYjU2Yy1lNTgxZWFlYTI1MWMvMC83Qzg1OTJCMDgw
QTE3QTlDRTJGNzgyREVBNEMxMjk3QTk3QjYwQ0RDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvN0M4NTkyQjA4MEExN0E5Q0UyRjc4MkRFQTRDMTI5N0E5N0I2
MENEQy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzAyNjBjZjE2LTc0ZmYtNGYyZi1i
NTZjLWU1ODFlYWVhMjUxYy8wLzMxMzAzMzJlMzYzODJlMzIzMTMzMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNTMwMzUzMzMwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ0TVMA0GCSqG
SIb3DQEBCwUAA4IBAQBXxKbkuGpjGY0zAApCIVARbynBaY7PfariqMBw0pN3RUZF
dFzhcJ4d2C1QvmuzIjMjzRxuEAAe4wLnlUhZkoxBOP6l0B+kq0sD+8F2NCwvWHCM
07nHRigT4zZ9KRMq0FY0Wx2AJxL/Ypqvval7/o8kpn0zdmaE3IIv4a6Kcw7h13rO
/6p396lYxWzmrJAXMnzHOJwUxJBzrhlGOtlThsSKGjmW2/ztCtzOOiiIZ7dAvImM
uN8RSxj9H46+fcWszTTznZFC62iE7ILdCy3ICaISntq76umhfeoVsWbGCCa5eCU1
S9/QyYxpmgy7ms5rW6I+cTEXZVqDI8uNbGfw2L4n
-----END CERTIFICATE-----
Generated at Tue Apr 8 20:46:05 2025 by rpki-client