Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/17a2d25b-cb18-45be-9fa1-154ca1579223/0/3130332e3232382e3131362e302f32322d3232203d3e203536323432.roa
File: 3130332e3232382e3131362e302f32322d3232203d3e203536323432.roa (raw, json)
Hash identifier: LN+YrVCzUblkTbFghEN9RcfZWB+oIkio+9woygN18Nk=
Subject key identifier: DB:36:FE:E4:77:47:98:F3:F7:ED:1C:B6:8A:41:9C:B0:04:E2:DA:6F
Certificate issuer: /CN=8469874AE268E2CD4E9A137EDD5599C748530E9E
Certificate serial: 60FDE9A41B77F053493983FF01C10422EEB4CAE1
Authority key identifier: 84:69:87:4A:E2:68:E2:CD:4E:9A:13:7E:DD:55:99:C7:48:53:0E:9E
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8469874AE268E2CD4E9A137EDD5599C748530E9E.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/17a2d25b-cb18-45be-9fa1-154ca1579223/0/3130332e3232382e3131362e302f32322d3232203d3e203536323432.roa
Signing time: Sat 11 Jan 2025 09:00:00 +0000
ROA not before: Sat 11 Jan 2025 08:55:00 +0000
ROA not after: Sat 10 Jan 2026 09:00:00 +0000
asID: 56242
IP address blocks: 103.228.116.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:fd:e9:a4:1b:77:f0:53:49:39:83:ff:01:c1:04:22:ee:b4:ca:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8469874AE268E2CD4E9A137EDD5599C748530E9E
Validity
Not Before: Jan 11 08:55:00 2025 GMT
Not After : Jan 10 09:00:00 2026 GMT
Subject: CN=DB36FEE4774798F3F7ED1CB68A419CB004E2DA6F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1b:51:0f:c1:b4:ca:e3:e4:ea:d7:63:89:f2:
40:3a:d1:82:27:0c:94:e2:e9:51:e6:53:e6:a2:ca:
8f:c1:cd:8c:a6:af:52:9d:a0:c0:1c:2e:7a:76:fc:
34:3f:8c:7d:a6:e3:66:54:9b:37:65:b8:be:80:2a:
79:b9:29:15:50:ec:f1:71:e7:bf:98:f7:0a:71:a1:
17:e0:97:36:f0:b3:13:80:d9:9f:7a:0c:4e:a8:12:
c5:39:b8:2a:52:45:14:a2:0c:01:4a:96:69:00:eb:
ca:68:1a:fa:e9:2b:32:46:67:e4:36:7e:9c:a2:17:
f8:e9:32:d8:ef:a8:65:44:a8:7e:be:8c:1a:51:d7:
07:2c:92:0f:df:69:f7:a9:31:fe:70:be:7c:b8:76:
11:44:b9:5f:7f:d3:91:5d:20:27:df:3e:08:44:0f:
27:37:2b:3b:5c:36:10:f8:54:0a:3b:8e:10:b1:4a:
83:38:1a:eb:b7:5a:be:2d:28:8d:db:3a:8d:10:89:
8f:6d:1f:a3:01:29:bd:3a:56:8d:18:89:6c:b3:88:
81:17:d9:ab:5b:bd:1b:17:c2:5f:45:da:2d:f4:33:
ac:9a:10:41:b2:16:09:43:f4:2a:01:e6:15:50:ee:
d3:23:54:ea:9e:79:f0:6e:13:a2:c7:4a:6f:49:6d:
9e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:36:FE:E4:77:47:98:F3:F7:ED:1C:B6:8A:41:9C:B0:04:E2:DA:6F
X509v3 Authority Key Identifier:
keyid:84:69:87:4A:E2:68:E2:CD:4E:9A:13:7E:DD:55:99:C7:48:53:0E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/17a2d25b-cb18-45be-9fa1-154ca1579223/0/8469874AE268E2CD4E9A137EDD5599C748530E9E.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8469874AE268E2CD4E9A137EDD5599C748530E9E.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/17a2d25b-cb18-45be-9fa1-154ca1579223/0/3130332e3232382e3131362e302f32322d3232203d3e203536323432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.228.116.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:06:45:cd:67:f0:19:2a:2d:4a:99:4e:cd:67:f2:e8:81:73:
22:39:4f:73:6e:26:ae:c6:c7:de:fd:41:cb:ee:8f:2e:00:57:
9e:18:19:30:c0:c7:76:25:78:19:3a:f6:db:38:77:31:11:47:
be:17:fe:c1:b3:04:9a:21:34:d5:3b:d9:75:74:40:93:ae:56:
45:ca:2d:65:68:4e:a5:4a:fa:1c:9d:e5:e0:5f:e4:d4:38:2b:
bb:f5:0a:ad:82:3f:10:53:cb:0f:fb:18:6d:e4:da:bf:e6:d8:
4b:1f:03:7f:64:80:dd:34:44:f6:f6:7c:67:c0:4f:d0:ba:ed:
cf:a9:64:9f:99:53:96:23:81:66:16:e8:04:fb:b2:4a:5f:ce:
3e:cf:18:78:97:50:94:57:8a:61:17:cd:32:ba:11:7a:a8:c9:
b7:ab:c8:e9:f4:40:18:1d:c0:45:f5:8e:c7:ee:56:35:4a:14:
66:0f:f5:9d:9a:70:fc:f5:31:6b:ef:25:65:22:22:be:a3:e2:
87:fb:73:b2:91:22:8d:59:c8:e0:57:db:59:bc:1b:23:d9:66:
87:67:b1:31:0a:4a:a4:4c:8b:4b:36:05:01:a7:64:67:c0:11:
84:06:6b:66:3a:26:5f:33:ca:50:d4:b6:01:05:8e:71:34:62:
bc:5e:13:e5
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUYP3ppBt38FNJOYP/AcEEIu60yuEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ2OTg3NEFFMjY4RTJDRDRFOUExMzdFREQ1NTk5Qzc0
ODUzMEU5RTAeFw0yNTAxMTEwODU1MDBaFw0yNjAxMTAwOTAwMDBaMDMxMTAvBgNV
BAMTKERCMzZGRUU0Nzc0Nzk4RjNGN0VEMUNCNjhBNDE5Q0IwMDRFMkRBNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7G1EPwbTK4+Tq12OJ8kA60YIn
DJTi6VHmU+aiyo/BzYymr1KdoMAcLnp2/DQ/jH2m42ZUmzdluL6AKnm5KRVQ7PFx
57+Y9wpxoRfglzbwsxOA2Z96DE6oEsU5uCpSRRSiDAFKlmkA68poGvrpKzJGZ+Q2
fpyiF/jpMtjvqGVEqH6+jBpR1wcskg/fafepMf5wvny4dhFEuV9/05FdICffPghE
Dyc3KztcNhD4VAo7jhCxSoM4Guu3Wr4tKI3bOo0QiY9tH6MBKb06Vo0YiWyziIEX
2atbvRsXwl9F2i30M6yaEEGyFglD9CoB5hVQ7tMjVOqeefBuE6LHSm9JbZ5zAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU2zb+5HdHmPP37Ry2ikGcsATi2m8wHwYDVR0j
BBgwFoAUhGmHSuJo4s1OmhN+3VWZx0hTDp4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
N2EyZDI1Yi1jYjE4LTQ1YmUtOWZhMS0xNTRjYTE1NzkyMjMvMC84NDY5ODc0QUUy
NjhFMkNENEU5QTEzN0VERDU1OTlDNzQ4NTMwRTlFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvODQ2OTg3NEFFMjY4RTJDRDRFOUExMzdFREQ1NTk5Qzc0ODUz
MEU5RS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE3YTJkMjViLWNiMTgtNDViZS05
ZmExLTE1NGNhMTU3OTIyMy8wLzMxMzAzMzJlMzIzMjM4MmUzMTMxMzYyZTMwMmYz
MjMyMmQzMjMyMjAzZDNlMjAzNTM2MzIzNDMyLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ+R0MA0GCSqG
SIb3DQEBCwUAA4IBAQBbBkXNZ/AZKi1KmU7NZ/LogXMiOU9zbiauxsfe/UHL7o8u
AFeeGBkwwMd2JXgZOvbbOHcxEUe+F/7BswSaITTVO9l1dECTrlZFyi1laE6lSvoc
neXgX+TUOCu79Qqtgj8QU8sP+xht5Nq/5thLHwN/ZIDdNET29nxnwE/Quu3PqWSf
mVOWI4FmFugE+7JKX84+zxh4l1CUV4phF80yuhF6qMm3q8jp9EAYHcBF9Y7H7lY1
ShRmD/WdmnD89TFr7yVlIiK+o+KH+3OykSKNWcjgV9tZvBsj2WaHZ7ExCkqkTItL
NgUBp2RnwBGEBmtmOiZfM8pQ1LYBBY5xNGK8XhPl
-----END CERTIFICATE-----
Generated at Thu Apr 10 10:06:31 2025 by rpki-client