Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/3230322e36352e3132302e302f32332d3234203d3e203233393531.roa
File: 3230322e36352e3132302e302f32332d3234203d3e203233393531.roa (raw, json)
Hash identifier: +7ThYpBxJ7cY58NoufQvfB+mtjUp0Rdkq8BnlAc4bZ4=
Subject key identifier: 1D:80:2B:CF:DE:59:B8:A8:8F:50:61:32:35:17:86:1B:C2:14:74:B8
Certificate issuer: /CN=CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F
Certificate serial: 193312E19A9FDA06F1A845064F66C51ACB96CB5D
Authority key identifier: CA:35:BA:C7:A4:05:DF:1E:D9:ED:62:F0:9D:2F:4F:2E:14:3C:8E:8F
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/3230322e36352e3132302e302f32332d3234203d3e203233393531.roa
Signing time: Tue 20 Aug 2024 05:00:01 +0000
ROA not before: Tue 20 Aug 2024 04:55:01 +0000
ROA not after: Tue 19 Aug 2025 05:00:01 +0000
asID: 23951
IP address blocks: 202.65.120.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.crl
rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 13 Apr 2025 12:42:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:33:12:e1:9a:9f:da:06:f1:a8:45:06:4f:66:c5:1a:cb:96:cb:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F
Validity
Not Before: Aug 20 04:55:01 2024 GMT
Not After : Aug 19 05:00:01 2025 GMT
Subject: CN=1D802BCFDE59B8A88F5061323517861BC21474B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cc:b8:79:a9:01:e7:2a:52:5f:4a:c3:5b:36:
a6:25:65:46:26:2e:bc:b5:e5:49:e0:f8:92:ba:59:
b7:6c:3d:02:32:7a:bd:b4:f1:a4:d7:9d:be:64:d2:
a7:c6:1f:bc:91:48:3d:64:d1:9e:b3:f6:a3:1b:f0:
c1:80:29:ab:78:a3:37:88:87:f0:85:c8:27:2c:bb:
1c:64:39:5a:9b:b9:ec:d4:ce:fe:35:62:af:31:c7:
11:fa:a0:02:d7:a6:61:c3:39:fe:87:26:c4:88:7c:
e5:99:5c:1e:68:1d:3e:e0:5c:8e:df:60:87:b1:99:
70:93:bd:af:aa:d5:10:be:2c:22:c9:9a:13:b7:3d:
3a:a3:b5:e0:d2:67:a7:22:49:05:b2:5e:21:7c:be:
4a:56:a2:c3:ab:b3:3c:7b:22:09:16:f8:43:f4:2d:
f1:8b:04:ae:72:25:ef:79:35:36:eb:74:f0:2a:fa:
cb:4e:48:62:d0:43:e8:5f:ba:4e:8a:ec:34:ea:87:
78:50:e2:6c:c3:9f:55:5c:f8:81:42:3b:bc:a2:0a:
b2:01:2a:e7:1c:19:75:df:62:e2:2e:80:1c:b1:c5:
8a:ad:8e:81:33:94:1b:64:a7:9e:58:f0:c5:e5:c4:
c0:5c:7c:6c:03:4d:3e:7e:78:c6:2f:87:3c:5e:f5:
74:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:80:2B:CF:DE:59:B8:A8:8F:50:61:32:35:17:86:1B:C2:14:74:B8
X509v3 Authority Key Identifier:
keyid:CA:35:BA:C7:A4:05:DF:1E:D9:ED:62:F0:9D:2F:4F:2E:14:3C:8E:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/3230322e36352e3132302e302f32332d3234203d3e203233393531.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.65.120.0/23
Signature Algorithm: sha256WithRSAEncryption
16:9a:1f:3f:c1:0d:0f:1f:1e:b1:7d:e9:93:40:c8:33:c1:39:
5f:6f:d8:72:5e:15:c9:d3:36:60:96:33:d8:de:05:eb:94:37:
1f:b1:c9:bf:44:92:39:26:ae:fc:24:2b:cb:65:ff:6e:fd:98:
60:86:b7:87:5a:6f:88:dc:bf:6b:12:02:1d:d3:26:3d:e3:3c:
c9:df:12:13:fe:18:1b:55:2e:41:c0:c0:df:d9:20:ae:a4:41:
61:6d:02:34:65:8d:a9:ea:a6:b8:33:49:32:d4:0a:ff:03:d3:
bb:0b:48:c0:28:c2:e4:78:13:b4:27:3c:13:33:d1:b0:1e:b8:
9e:b7:61:f5:6f:ad:ef:e8:41:e9:aa:bc:1f:c9:0e:3e:f0:17:
a7:8d:62:ea:f9:a3:d4:39:96:34:4f:b9:f1:f5:52:92:1a:45:
4a:91:8d:90:83:07:95:22:7c:ef:c0:b5:6a:d7:1a:18:a3:6c:
cc:d0:7e:9f:93:2a:5e:71:c7:6b:8e:57:b1:e7:38:e9:e5:fc:
09:46:dc:ef:9a:4b:44:7b:2d:11:3c:af:fa:79:fd:c3:a6:f7:
28:54:f3:65:dd:70:14:a4:cb:fc:72:6a:4b:92:a5:46:44:35:
33:29:06:46:63:fc:69:48:24:9f:19:89:73:d7:26:24:c6:04:
32:34:69:db
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUGTMS4Zqf2gbxqEUGT2bFGsuWy10wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0EzNUJBQzdBNDA1REYxRUQ5RUQ2MkYwOUQyRjRGMkUx
NDNDOEU4RjAeFw0yNDA4MjAwNDU1MDFaFw0yNTA4MTkwNTAwMDFaMDMxMTAvBgNV
BAMTKDFEODAyQkNGREU1OUI4QTg4RjUwNjEzMjM1MTc4NjFCQzIxNDc0QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyzLh5qQHnKlJfSsNbNqYlZUYm
Lry15Ung+JK6WbdsPQIyer208aTXnb5k0qfGH7yRSD1k0Z6z9qMb8MGAKat4ozeI
h/CFyCcsuxxkOVqbuezUzv41Yq8xxxH6oALXpmHDOf6HJsSIfOWZXB5oHT7gXI7f
YIexmXCTva+q1RC+LCLJmhO3PTqjteDSZ6ciSQWyXiF8vkpWosOrszx7IgkW+EP0
LfGLBK5yJe95NTbrdPAq+stOSGLQQ+hfuk6K7DTqh3hQ4mzDn1Vc+IFCO7yiCrIB
KuccGXXfYuIugByxxYqtjoEzlBtkp55Y8MXlxMBcfGwDTT5+eMYvhzxe9XTHAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUHYArz95ZuKiPUGEyNReGG8IUdLgwHwYDVR0j
BBgwFoAUyjW6x6QF3x7Z7WLwnS9PLhQ8jo8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
ZTZhN2U0Ni1iNmFkLTRhN2QtYjkzMC0xYWIwYmYwMmRkNWQvMC9DQTM1QkFDN0E0
MDVERjFFRDlFRDYyRjA5RDJGNEYyRTE0M0M4RThGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQ0EzNUJBQzdBNDA1REYxRUQ5RUQ2MkYwOUQyRjRGMkUxNDND
OEU4Ri5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFlNmE3ZTQ2LWI2YWQtNGE3ZC1i
OTMwLTFhYjBiZjAyZGQ1ZC8wLzMyMzAzMjJlMzYzNTJlMzEzMjMwMmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzIzMzM5MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcpBeDANBgkqhkiG
9w0BAQsFAAOCAQEAFpofP8ENDx8esX3pk0DIM8E5X2/Ycl4VydM2YJYz2N4F65Q3
H7HJv0SSOSau/CQry2X/bv2YYIa3h1pviNy/axICHdMmPeM8yd8SE/4YG1UuQcDA
39kgrqRBYW0CNGWNqeqmuDNJMtQK/wPTuwtIwCjC5HgTtCc8EzPRsB64nrdh9W+t
7+hB6aq8H8kOPvAXp41i6vmj1DmWNE+58fVSkhpFSpGNkIMHlSJ878C1atcaGKNs
zNB+n5MqXnHHa45Xsec46eX8CUbc75pLRHstETyv+nn9w6b3KFTzZd1wFKTL/HJq
S5KlRkQ1MykGRmP8aUgknxmJc9cmJMYEMjRp2w==
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:28:44 2025 by rpki-client