Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/130dc140-6cd4-4a59-b25c-3a141851c9ec/0/3230322e35352e3136352e302f32342d3234203d3e203137373639.roa
File: 3230322e35352e3136352e302f32342d3234203d3e203137373639.roa (raw, json)
Hash identifier: EnBylqGRkHck1P/w6gsiqwIs4ZiF2BWlNLshGkPWj1w=
Subject key identifier: FB:F2:82:DF:75:D7:B2:F3:E5:B1:BB:65:94:8E:D0:61:AD:0C:B7:B1
Certificate issuer: /CN=C451166D49539649063AF8F493F51CB1ACE0AB09
Certificate serial: 7E7656396510AD94104F9CC409CBDD8175CC7FA1
Authority key identifier: C4:51:16:6D:49:53:96:49:06:3A:F8:F4:93:F5:1C:B1:AC:E0:AB:09
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C451166D49539649063AF8F493F51CB1ACE0AB09.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/130dc140-6cd4-4a59-b25c-3a141851c9ec/0/3230322e35352e3136352e302f32342d3234203d3e203137373639.roa
Signing time: Fri 27 Sep 2024 06:01:28 +0000
ROA not before: Fri 27 Sep 2024 05:56:28 +0000
ROA not after: Fri 26 Sep 2025 06:01:28 +0000
asID: 17769
IP address blocks: 202.55.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/130dc140-6cd4-4a59-b25c-3a141851c9ec/0/C451166D49539649063AF8F493F51CB1ACE0AB09.crl
rsync://repo-rpki.idnic.net/repo/130dc140-6cd4-4a59-b25c-3a141851c9ec/0/C451166D49539649063AF8F493F51CB1ACE0AB09.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C451166D49539649063AF8F493F51CB1ACE0AB09.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 19:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:76:56:39:65:10:ad:94:10:4f:9c:c4:09:cb:dd:81:75:cc:7f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C451166D49539649063AF8F493F51CB1ACE0AB09
Validity
Not Before: Sep 27 05:56:28 2024 GMT
Not After : Sep 26 06:01:28 2025 GMT
Subject: CN=FBF282DF75D7B2F3E5B1BB65948ED061AD0CB7B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:c2:c8:5e:83:3b:9b:d5:c0:d6:e4:33:3c:40:
25:f9:bb:85:56:58:6d:5a:49:b8:01:c5:70:2c:6a:
5b:df:fa:6b:04:fb:32:c0:e4:66:29:af:45:02:73:
a5:81:c6:72:da:c0:6a:68:19:30:43:0c:c0:da:88:
22:26:f2:2b:78:bf:08:66:66:61:9f:50:9c:10:d7:
6b:d7:08:12:9d:47:85:0a:e3:1f:02:db:f2:4c:cb:
24:37:5a:ee:0f:1e:e6:1c:ec:07:49:b2:9c:56:fa:
1f:9d:85:be:00:6d:62:40:3d:89:8f:48:07:1e:67:
28:6d:17:72:38:3c:f3:ab:74:9a:45:72:a7:43:af:
68:b1:be:7d:7a:2f:0c:8b:c1:81:98:a5:7e:a1:94:
bf:9e:56:66:d0:cd:95:26:c0:21:7f:5e:b9:04:a7:
c3:d4:b9:93:13:d7:d6:02:81:15:ca:05:b2:c6:94:
ae:67:33:07:6b:f2:71:9c:58:fa:1e:68:12:85:7a:
ba:9a:7b:17:97:35:ec:67:40:46:f8:03:cd:5c:9e:
5c:23:99:bb:aa:76:83:f6:23:95:0f:e1:49:09:53:
7e:df:6c:e6:ae:5a:5a:d0:fd:40:8d:5a:21:7a:c7:
6d:c0:f3:cf:45:83:f9:f1:93:1c:ae:bf:69:b2:54:
2b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:F2:82:DF:75:D7:B2:F3:E5:B1:BB:65:94:8E:D0:61:AD:0C:B7:B1
X509v3 Authority Key Identifier:
keyid:C4:51:16:6D:49:53:96:49:06:3A:F8:F4:93:F5:1C:B1:AC:E0:AB:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/130dc140-6cd4-4a59-b25c-3a141851c9ec/0/C451166D49539649063AF8F493F51CB1ACE0AB09.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C451166D49539649063AF8F493F51CB1ACE0AB09.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/130dc140-6cd4-4a59-b25c-3a141851c9ec/0/3230322e35352e3136352e302f32342d3234203d3e203137373639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.55.165.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:c4:62:16:ad:50:fe:44:ed:07:58:63:66:f0:c0:55:59:db:
a8:a1:b6:aa:07:8e:e0:49:fb:c5:39:e6:c5:66:7b:8f:91:37:
c5:e0:72:7e:92:52:29:6f:87:c7:4e:b8:c4:57:8c:82:ad:18:
f7:dc:3a:46:7e:bb:55:78:ae:b2:89:05:71:43:54:4e:f6:15:
9f:da:6a:84:16:d2:92:55:35:ef:cd:34:27:04:10:51:06:91:
9f:05:c1:21:f6:82:05:b2:16:5a:cc:5b:9c:f1:b7:4c:84:15:
bd:a7:ed:d4:40:2f:fc:0f:28:61:01:a3:5c:56:0c:79:75:99:
21:f7:5c:fa:9c:ae:6d:65:ed:db:d5:f4:9a:14:dd:bb:52:e0:
d9:da:cd:31:e9:8e:a5:00:27:cc:2d:a1:39:5a:f6:1f:63:c5:
d9:3c:58:c2:74:ee:b2:e0:13:08:3e:d2:4b:34:c6:36:9d:53:
5a:86:eb:4b:dd:06:0d:3f:9a:48:ff:74:fb:03:60:c7:4f:4d:
7e:43:22:8a:28:ac:c3:b3:01:e8:f3:d2:5f:64:ce:b9:b3:93:
6e:68:ce:df:60:7b:68:22:cf:fa:2c:9c:32:09:30:32:99:22:
88:5d:8e:77:f4:44:08:25:d2:e3:a8:51:22:c6:2c:23:9d:4b:
31:5f:8a:48
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUfnZWOWUQrZQQT5zECcvdgXXMf6EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzQ1MTE2NkQ0OTUzOTY0OTA2M0FGOEY0OTNGNTFDQjFB
Q0UwQUIwOTAeFw0yNDA5MjcwNTU2MjhaFw0yNTA5MjYwNjAxMjhaMDMxMTAvBgNV
BAMTKEZCRjI4MkRGNzVEN0IyRjNFNUIxQkI2NTk0OEVEMDYxQUQwQ0I3QjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjwshegzub1cDW5DM8QCX5u4VW
WG1aSbgBxXAsalvf+msE+zLA5GYpr0UCc6WBxnLawGpoGTBDDMDaiCIm8it4vwhm
ZmGfUJwQ12vXCBKdR4UK4x8C2/JMyyQ3Wu4PHuYc7AdJspxW+h+dhb4AbWJAPYmP
SAceZyhtF3I4PPOrdJpFcqdDr2ixvn16LwyLwYGYpX6hlL+eVmbQzZUmwCF/XrkE
p8PUuZMT19YCgRXKBbLGlK5nMwdr8nGcWPoeaBKFerqaexeXNexnQEb4A81cnlwj
mbuqdoP2I5UP4UkJU37fbOauWlrQ/UCNWiF6x23A889Fg/nxkxyuv2myVCtXAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU+/KC33XXsvPlsbtllI7QYa0Mt7EwHwYDVR0j
BBgwFoAUxFEWbUlTlkkGOvj0k/UcsazgqwkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
MzBkYzE0MC02Y2Q0LTRhNTktYjI1Yy0zYTE0MTg1MWM5ZWMvMC9DNDUxMTY2RDQ5
NTM5NjQ5MDYzQUY4RjQ5M0Y1MUNCMUFDRTBBQjA5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQzQ1MTE2NkQ0OTUzOTY0OTA2M0FGOEY0OTNGNTFDQjFBQ0Uw
QUIwOS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzEzMGRjMTQwLTZjZDQtNGE1OS1i
MjVjLTNhMTQxODUxYzllYy8wLzMyMzAzMjJlMzUzNTJlMzEzNjM1MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNzM3MzYzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMo3pTANBgkqhkiG
9w0BAQsFAAOCAQEAXMRiFq1Q/kTtB1hjZvDAVVnbqKG2qgeO4En7xTnmxWZ7j5E3
xeByfpJSKW+Hx064xFeMgq0Y99w6Rn67VXiusokFcUNUTvYVn9pqhBbSklU17800
JwQQUQaRnwXBIfaCBbIWWsxbnPG3TIQVvaft1EAv/A8oYQGjXFYMeXWZIfdc+pyu
bWXt29X0mhTdu1Lg2drNMemOpQAnzC2hOVr2H2PF2TxYwnTusuATCD7SSzTGNp1T
WobrS90GDT+aSP90+wNgx09NfkMiiiisw7MB6PPSX2TOubOTbmjO32B7aCLP+iyc
MgkwMpkiiF2Od/RECCXS46hRIsYsI51LMV+KSA==
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:13:15 2025 by rpki-client