Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/04f28235-0ba8-4e14-8b85-29c3a4a76eab/0/3130332e3138362e3231322e302f32332d3234203d3e20313439373134.roa
File: 3130332e3138362e3231322e302f32332d3234203d3e20313439373134.roa (raw, json)
Hash identifier: qTxbUW36PI+ML7M9h6pieAAtdA4D+wz75UuUpAqL/GM=
Subject key identifier: 25:9C:EF:69:C3:DC:EE:8C:1F:09:54:93:61:90:EF:CB:CE:F9:0F:96
Certificate issuer: /CN=DB03D7B542C60D3D72565734C86589420DF070A0
Certificate serial: 1F3ADCD7860FA5C528A943B5FC663033827CD957
Authority key identifier: DB:03:D7:B5:42:C6:0D:3D:72:56:57:34:C8:65:89:42:0D:F0:70:A0
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DB03D7B542C60D3D72565734C86589420DF070A0.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/04f28235-0ba8-4e14-8b85-29c3a4a76eab/0/3130332e3138362e3231322e302f32332d3234203d3e20313439373134.roa
Signing time: Sat 15 Feb 2025 03:00:02 +0000
ROA not before: Sat 15 Feb 2025 02:55:02 +0000
ROA not after: Sat 14 Feb 2026 03:00:02 +0000
asID: 149714
IP address blocks: 103.186.212.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:3a:dc:d7:86:0f:a5:c5:28:a9:43:b5:fc:66:30:33:82:7c:d9:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DB03D7B542C60D3D72565734C86589420DF070A0
Validity
Not Before: Feb 15 02:55:02 2025 GMT
Not After : Feb 14 03:00:02 2026 GMT
Subject: CN=259CEF69C3DCEE8C1F0954936190EFCBCEF90F96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e1:1c:69:fa:33:f6:9d:eb:2e:f2:da:1e:be:
39:3f:19:0e:5e:8f:2d:b5:fb:0b:db:e2:18:18:65:
40:f7:6f:7e:1c:85:d1:93:93:c5:44:e3:ac:9b:60:
20:af:b5:ae:9d:a3:a9:b4:81:31:49:e7:74:c1:44:
db:80:d0:b2:16:4f:79:db:51:45:00:c5:db:6b:aa:
1f:12:3d:2d:2f:21:f7:33:6f:bd:65:ed:59:74:c5:
f9:ef:86:10:a0:32:b1:50:24:87:d4:c8:2f:fb:01:
ce:9c:41:5f:5d:3c:e3:b4:03:b3:83:58:8c:70:4d:
c6:5e:c0:00:32:f2:6d:53:ad:41:92:f9:38:23:cd:
f9:5d:eb:e7:6e:a7:b4:7d:bd:e6:17:48:0e:63:ed:
d4:29:77:15:ae:9f:19:95:1f:1a:fa:f3:5c:d4:4e:
0a:e0:5f:51:fa:d8:61:4c:ee:a6:ce:af:66:2c:44:
64:9e:2e:da:96:2b:16:25:02:57:a7:fd:da:eb:49:
c1:95:2a:46:57:20:c8:31:7d:bf:9c:5d:0a:b1:b4:
95:be:fe:4b:78:bc:9e:0f:c1:3d:31:36:b4:4a:1c:
b5:fe:91:0a:0a:ae:83:41:3b:39:87:5a:dc:37:68:
38:1d:84:59:4e:07:c6:0b:0a:51:7e:32:2a:67:4f:
db:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:9C:EF:69:C3:DC:EE:8C:1F:09:54:93:61:90:EF:CB:CE:F9:0F:96
X509v3 Authority Key Identifier:
keyid:DB:03:D7:B5:42:C6:0D:3D:72:56:57:34:C8:65:89:42:0D:F0:70:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/04f28235-0ba8-4e14-8b85-29c3a4a76eab/0/DB03D7B542C60D3D72565734C86589420DF070A0.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DB03D7B542C60D3D72565734C86589420DF070A0.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/04f28235-0ba8-4e14-8b85-29c3a4a76eab/0/3130332e3138362e3231322e302f32332d3234203d3e20313439373134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.186.212.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:ae:70:82:78:44:a2:da:eb:9f:92:3e:3e:73:58:d8:34:29:
1f:70:ba:d1:b2:18:c3:eb:50:36:3d:02:48:cf:10:39:b8:f6:
5d:6d:92:b8:4a:60:0d:32:8d:0a:45:e7:bc:10:d5:a7:d2:d3:
84:2c:8e:a8:04:e1:4d:56:05:8d:0e:a1:89:2c:47:01:e3:a9:
e3:31:df:5d:3c:62:a3:e3:25:08:fb:35:5a:34:18:3e:74:78:
5c:40:6d:54:2a:1e:91:8f:51:33:e6:0b:a7:44:1b:29:4d:c8:
95:f2:e9:24:8d:44:84:3b:2e:05:fe:46:63:f4:0b:50:29:2f:
2d:29:c9:d1:5e:4b:da:7e:1e:21:a3:f3:56:d0:4e:ff:df:d7:
cd:53:b3:0d:34:65:81:a7:8f:02:3e:8c:df:c5:5e:4c:91:db:
10:9c:0f:fe:b9:d3:7f:45:7c:9f:37:ac:47:5d:6c:95:a8:21:
49:35:8c:76:03:77:a2:92:50:64:54:3d:a7:ee:29:84:16:9e:
94:87:97:04:fd:2a:88:2e:6b:b3:c5:cd:1a:98:3a:fc:4b:03:
74:2c:f4:14:42:85:1e:54:6a:0f:a7:1d:4c:df:67:74:43:72:
5e:53:b1:6c:97:aa:8e:0c:a4:0a:67:a6:b1:d8:ea:11:1c:17:
47:1d:d8:48
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUHzrc14YPpcUoqUO1/GYwM4J82VcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREIwM0Q3QjU0MkM2MEQzRDcyNTY1NzM0Qzg2NTg5NDIw
REYwNzBBMDAeFw0yNTAyMTUwMjU1MDJaFw0yNjAyMTQwMzAwMDJaMDMxMTAvBgNV
BAMTKDI1OUNFRjY5QzNEQ0VFOEMxRjA5NTQ5MzYxOTBFRkNCQ0VGOTBGOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx4Rxp+jP2nesu8toevjk/GQ5e
jy21+wvb4hgYZUD3b34chdGTk8VE46ybYCCvta6do6m0gTFJ53TBRNuA0LIWT3nb
UUUAxdtrqh8SPS0vIfczb71l7Vl0xfnvhhCgMrFQJIfUyC/7Ac6cQV9dPOO0A7OD
WIxwTcZewAAy8m1TrUGS+Tgjzfld6+dup7R9veYXSA5j7dQpdxWunxmVHxr681zU
TgrgX1H62GFM7qbOr2YsRGSeLtqWKxYlAlen/drrScGVKkZXIMgxfb+cXQqxtJW+
/kt4vJ4PwT0xNrRKHLX+kQoKroNBOzmHWtw3aDgdhFlOB8YLClF+MipnT9v/AgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUJZzvacPc7owfCVSTYZDvy875D5YwHwYDVR0j
BBgwFoAU2wPXtULGDT1yVlc0yGWJQg3wcKAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
NGYyODIzNS0wYmE4LTRlMTQtOGI4NS0yOWMzYTRhNzZlYWIvMC9EQjAzRDdCNTQy
QzYwRDNENzI1NjU3MzRDODY1ODk0MjBERjA3MEEwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvREIwM0Q3QjU0MkM2MEQzRDcyNTY1NzM0Qzg2NTg5NDIwREYw
NzBBMC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA0ZjI4MjM1LTBiYTgtNGUxNC04
Yjg1LTI5YzNhNGE3NmVhYi8wLzMxMzAzMzJlMzEzODM2MmUzMjMxMzIyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMTM0MzkzNzMxMzQucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnutQwDQYJ
KoZIhvcNAQELBQADggEBAA2ucIJ4RKLa65+SPj5zWNg0KR9wutGyGMPrUDY9AkjP
EDm49l1tkrhKYA0yjQpF57wQ1afS04QsjqgE4U1WBY0OoYksRwHjqeMx3108YqPj
JQj7NVo0GD50eFxAbVQqHpGPUTPmC6dEGylNyJXy6SSNRIQ7LgX+RmP0C1ApLy0p
ydFeS9p+HiGj81bQTv/f181Tsw00ZYGnjwI+jN/FXkyR2xCcD/65039FfJ83rEdd
bJWoIUk1jHYDd6KSUGRUPafuKYQWnpSHlwT9Kogua7PFzRqYOvxLA3Qs9BRChR5U
ag+nHUzfZ3RDcl5TsWyXqo4MpApnprHY6hEcF0cd2Eg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:04:20 2025 by rpki-client