Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/042344be-f9fb-4634-92d6-894dd538cadf/0/3131392e31302e3137362e302f32312d3234203d3e203234353330.roa
File: 3131392e31302e3137362e302f32312d3234203d3e203234353330.roa (raw, json)
Hash identifier: IsH3U/BHRUb2Qe5b502VK1K1N8x5p/BPRkAJxJWs0XM=
Subject key identifier: 86:16:4E:02:7F:CE:15:AC:9F:D2:DB:E4:9A:2D:BA:1E:EC:45:62:F4
Certificate issuer: /CN=6F6A3530198A9B7657A636FECCFB39F3BF71FB40
Certificate serial: 69DC90548F8E14CC70D3027B56F423A2F7C690F7
Authority key identifier: 6F:6A:35:30:19:8A:9B:76:57:A6:36:FE:CC:FB:39:F3:BF:71:FB:40
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6F6A3530198A9B7657A636FECCFB39F3BF71FB40.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/042344be-f9fb-4634-92d6-894dd538cadf/0/3131392e31302e3137362e302f32312d3234203d3e203234353330.roa
Signing time: Tue 11 Feb 2025 05:00:00 +0000
ROA not before: Tue 11 Feb 2025 04:55:00 +0000
ROA not after: Tue 10 Feb 2026 05:00:00 +0000
asID: 24530
IP address blocks: 119.10.176.0/21 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/042344be-f9fb-4634-92d6-894dd538cadf/0/6F6A3530198A9B7657A636FECCFB39F3BF71FB40.crl
rsync://repo-rpki.idnic.net/repo/042344be-f9fb-4634-92d6-894dd538cadf/0/6F6A3530198A9B7657A636FECCFB39F3BF71FB40.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6F6A3530198A9B7657A636FECCFB39F3BF71FB40.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 05:20:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:dc:90:54:8f:8e:14:cc:70:d3:02:7b:56:f4:23:a2:f7:c6:90:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6F6A3530198A9B7657A636FECCFB39F3BF71FB40
Validity
Not Before: Feb 11 04:55:00 2025 GMT
Not After : Feb 10 05:00:00 2026 GMT
Subject: CN=86164E027FCE15AC9FD2DBE49A2DBA1EEC4562F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:2c:2d:4f:a9:8a:02:b1:71:94:78:0d:fb:5e:
e7:04:e4:23:b5:6c:09:e0:59:3f:c5:c7:fa:32:44:
58:ae:80:0d:9e:b8:06:8a:f2:d2:7c:b5:a7:e5:40:
c5:18:81:aa:67:06:6e:ab:c7:0f:bf:7f:06:17:20:
cf:a5:91:80:76:f0:22:11:66:37:9d:aa:3c:df:73:
da:4c:05:16:c2:38:2d:07:0b:69:6e:c0:bb:e0:6d:
9c:13:34:f8:7a:a9:51:e6:80:cc:94:62:16:a8:18:
5c:92:83:e5:50:d1:d4:dd:21:3f:47:1c:58:f5:e2:
61:39:9a:76:dd:19:e7:c1:40:b2:7a:c6:ba:4c:fe:
9b:ff:a1:ad:f5:32:64:b6:a2:16:2e:23:46:e8:0c:
32:49:b2:87:19:20:9a:f5:e2:81:64:8c:88:29:f0:
ec:fe:d8:ac:22:21:f1:46:73:33:45:1b:2d:16:7f:
bb:4c:43:85:05:b2:58:4a:68:1d:f0:dd:6f:cb:04:
44:95:0e:62:1d:7c:71:2a:93:14:6b:97:ac:17:8b:
3a:87:0e:90:fd:69:26:41:5d:0b:2e:8e:fb:da:1b:
43:94:8b:7b:1d:e3:02:16:9a:41:b3:25:2d:99:da:
29:06:f7:5a:53:c9:fd:d0:16:d3:61:cb:f3:46:20:
58:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:16:4E:02:7F:CE:15:AC:9F:D2:DB:E4:9A:2D:BA:1E:EC:45:62:F4
X509v3 Authority Key Identifier:
keyid:6F:6A:35:30:19:8A:9B:76:57:A6:36:FE:CC:FB:39:F3:BF:71:FB:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/042344be-f9fb-4634-92d6-894dd538cadf/0/6F6A3530198A9B7657A636FECCFB39F3BF71FB40.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6F6A3530198A9B7657A636FECCFB39F3BF71FB40.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/042344be-f9fb-4634-92d6-894dd538cadf/0/3131392e31302e3137362e302f32312d3234203d3e203234353330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
119.10.176.0/21
Signature Algorithm: sha256WithRSAEncryption
8e:1d:9c:0d:92:ef:a0:f8:e7:7c:e0:15:c7:03:cd:3a:22:4d:
90:76:4c:69:ea:5d:8b:f0:5d:21:fe:97:5b:b8:2b:3e:e7:c7:
e3:cd:f7:51:fa:b0:fc:51:07:48:df:42:15:5a:a3:82:e6:e5:
b9:2a:b9:c7:b7:a6:1c:0b:35:34:18:7a:1b:e3:a4:29:50:a2:
c5:b6:9f:d3:9b:e5:a7:bc:ba:95:5a:56:21:01:68:c0:1e:77:
71:a7:ec:a7:18:1f:eb:25:bc:1b:89:fc:9b:0b:2f:ef:58:fe:
b5:ce:70:cb:7d:14:d2:bd:75:2e:8c:ac:ac:c0:49:e4:db:a3:
ba:f4:de:a2:13:1d:d6:bd:1b:a8:65:da:be:51:99:b0:e4:a5:
04:e3:b9:36:5f:6d:67:4b:a7:2a:38:ee:5c:82:eb:8a:dd:a5:
27:2f:58:57:53:7b:c6:e2:5e:3f:01:64:56:e4:eb:ce:b1:de:
32:99:77:4c:94:a7:c4:08:cb:7f:ff:5c:d0:53:89:95:b2:5c:
1b:bc:a4:2b:f2:2e:4d:ff:a9:f9:7e:12:ba:0d:b9:59:6d:ac:
16:ee:30:e9:b4:b1:70:a0:d4:42:b4:a8:87:95:98:da:57:9c:
f8:6e:8e:74:44:ef:d8:3a:2b:8d:de:33:e2:62:d8:0a:b9:e2:
b3:21:cd:e1
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUadyQVI+OFMxw0wJ7VvQjovfGkPcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkY2QTM1MzAxOThBOUI3NjU3QTYzNkZFQ0NGQjM5RjNC
RjcxRkI0MDAeFw0yNTAyMTEwNDU1MDBaFw0yNjAyMTAwNTAwMDBaMDMxMTAvBgNV
BAMTKDg2MTY0RTAyN0ZDRTE1QUM5RkQyREJFNDlBMkRCQTFFRUM0NTYyRjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD1LC1PqYoCsXGUeA37XucE5CO1
bAngWT/Fx/oyRFiugA2euAaK8tJ8taflQMUYgapnBm6rxw+/fwYXIM+lkYB28CIR
Zjedqjzfc9pMBRbCOC0HC2luwLvgbZwTNPh6qVHmgMyUYhaoGFySg+VQ0dTdIT9H
HFj14mE5mnbdGefBQLJ6xrpM/pv/oa31MmS2ohYuI0boDDJJsocZIJr14oFkjIgp
8Oz+2KwiIfFGczNFGy0Wf7tMQ4UFslhKaB3w3W/LBESVDmIdfHEqkxRrl6wXizqH
DpD9aSZBXQsujvvaG0OUi3sd4wIWmkGzJS2Z2ikG91pTyf3QFtNhy/NGIFgxAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUhhZOAn/OFayf0tvkmi26HuxFYvQwHwYDVR0j
BBgwFoAUb2o1MBmKm3ZXpjb+zPs5879x+0AwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
NDIzNDRiZS1mOWZiLTQ2MzQtOTJkNi04OTRkZDUzOGNhZGYvMC82RjZBMzUzMDE5
OEE5Qjc2NTdBNjM2RkVDQ0ZCMzlGM0JGNzFGQjQwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNkY2QTM1MzAxOThBOUI3NjU3QTYzNkZFQ0NGQjM5RjNCRjcx
RkI0MC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA0MjM0NGJlLWY5ZmItNDYzNC05
MmQ2LTg5NGRkNTM4Y2FkZi8wLzMxMzEzOTJlMzEzMDJlMzEzNzM2MmUzMDJmMzIz
MTJkMzIzNDIwM2QzZTIwMzIzNDM1MzMzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3cKsDANBgkqhkiG
9w0BAQsFAAOCAQEAjh2cDZLvoPjnfOAVxwPNOiJNkHZMaepdi/BdIf6XW7grPufH
4833Ufqw/FEHSN9CFVqjgubluSq5x7emHAs1NBh6G+OkKVCixbaf05vlp7y6lVpW
IQFowB53cafspxgf6yW8G4n8mwsv71j+tc5wy30U0r11LoysrMBJ5NujuvTeohMd
1r0bqGXavlGZsOSlBOO5Nl9tZ0unKjjuXILrit2lJy9YV1N7xuJePwFkVuTrzrHe
Mpl3TJSnxAjLf/9c0FOJlbJcG7ykK/IuTf+p+X4Sug25WW2sFu4w6bSxcKDUQrSo
h5WY2lec+G6OdETv2Dorjd4z4mLYCrnisyHN4Q==
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:42:33 2025 by rpki-client