Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/3230322e3136322e3230332e302f32342d3234203d3e20313338383431.roa
File: 3230322e3136322e3230332e302f32342d3234203d3e20313338383431.roa (raw, json)
Hash identifier: QmiH+N/dFb7ISDg13EK3Q6QYBGWjurbhPvGBGyFsiKo=
Subject key identifier: CA:52:3A:C8:8E:E0:D8:48:13:EB:88:E3:CE:1A:0B:A0:26:FB:83:AB
Certificate issuer: /CN=552B31A26E92A9DD6A585B92375B7FCA4FA66984
Certificate serial: 2A911247A33D78858EC8DECCFC479084019714A3
Authority key identifier: 55:2B:31:A2:6E:92:A9:DD:6A:58:5B:92:37:5B:7F:CA:4F:A6:69:84
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/3230322e3136322e3230332e302f32342d3234203d3e20313338383431.roa
Signing time: Fri 23 Aug 2024 06:00:04 +0000
ROA not before: Fri 23 Aug 2024 05:55:04 +0000
ROA not after: Fri 22 Aug 2025 06:00:04 +0000
asID: 138841
IP address blocks: 202.162.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.crl
rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 21:05:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:91:12:47:a3:3d:78:85:8e:c8:de:cc:fc:47:90:84:01:97:14:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=552B31A26E92A9DD6A585B92375B7FCA4FA66984
Validity
Not Before: Aug 23 05:55:04 2024 GMT
Not After : Aug 22 06:00:04 2025 GMT
Subject: CN=CA523AC88EE0D84813EB88E3CE1A0BA026FB83AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:24:fe:b3:82:23:f5:49:05:ab:66:5b:86:45:
3e:94:1f:61:61:9c:2b:f5:02:0c:82:36:13:08:4e:
c4:53:99:e4:bd:93:e9:92:95:70:cc:e8:2a:cf:7e:
40:57:72:f1:c8:ea:c9:23:ed:39:32:a7:fb:6e:03:
33:71:3f:cb:c4:8e:d7:52:36:18:ae:9f:c2:ab:1a:
ba:6b:db:30:83:4c:68:2d:00:ba:18:6b:ff:51:74:
a4:16:0e:9c:78:b4:ee:3d:bf:16:fc:e9:43:ad:c3:
25:d5:58:29:f6:72:6c:c5:e8:29:b4:4d:bb:3a:06:
f2:b2:57:2e:dd:48:05:71:b5:ce:fa:10:79:c4:57:
5a:8c:8e:e2:c5:e0:56:18:30:3e:6f:38:4b:19:b3:
4c:4a:db:c1:7b:72:46:8c:e3:12:08:d3:f1:8a:8b:
c0:90:85:d4:fb:5a:11:e6:bb:fb:6f:d6:13:ac:da:
2d:d9:a9:6d:11:37:79:f6:06:da:aa:97:07:7e:9d:
07:79:8c:e8:49:7e:e1:01:69:7f:0c:3c:d9:78:b2:
13:18:be:82:0f:70:39:dc:b3:65:06:12:19:bb:cd:
28:dc:14:b1:bf:02:65:54:f5:af:2f:da:4c:8f:1f:
8a:25:80:0f:a0:e1:61:70:de:f7:c8:18:80:b4:f3:
19:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:52:3A:C8:8E:E0:D8:48:13:EB:88:E3:CE:1A:0B:A0:26:FB:83:AB
X509v3 Authority Key Identifier:
keyid:55:2B:31:A2:6E:92:A9:DD:6A:58:5B:92:37:5B:7F:CA:4F:A6:69:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/3230322e3136322e3230332e302f32342d3234203d3e20313338383431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.162.203.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:fc:4b:c3:9c:ee:1f:18:2b:a0:a5:82:a2:9c:61:68:71:db:
b1:29:33:3e:6b:f9:d5:77:b4:41:18:b0:2f:29:9b:da:41:7f:
ac:99:61:c0:9a:cd:ff:5a:95:07:78:de:08:70:a3:57:6b:d3:
69:a1:af:f0:be:23:e4:cb:8f:82:c7:dd:22:48:67:68:98:c2:
54:db:cd:df:de:be:42:fc:fe:06:44:a0:a8:da:a0:56:8a:f7:
84:23:51:b9:b1:87:03:55:0a:ac:e6:6a:87:6c:d2:f5:fa:11:
31:fd:5b:6c:bf:e1:f3:d5:b1:0c:2e:19:64:85:2c:dd:7f:2f:
8b:6f:f5:76:d7:bf:bf:06:c6:02:1b:39:ca:42:4b:6c:0d:f8:
84:06:cc:8c:27:ca:94:09:e9:25:00:80:7e:58:c2:25:11:3e:
55:b7:99:14:81:40:35:7a:c6:67:5b:52:46:a6:8b:84:86:10:
15:1e:36:1f:21:78:7c:b7:c9:f8:b0:6d:c3:84:41:1c:44:01:
c9:e7:72:dd:96:9a:9b:ae:d0:01:98:14:a8:04:51:88:9c:34:
cb:4e:63:44:90:30:a6:d7:57:07:63:64:ce:29:3c:3c:b7:16:
e0:db:bc:17:c6:22:0e:51:65:03:00:97:ba:37:ee:8f:95:1b:
e4:ec:fe:93
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUKpESR6M9eIWOyN7M/EeQhAGXFKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTUyQjMxQTI2RTkyQTlERDZBNTg1QjkyMzc1QjdGQ0E0
RkE2Njk4NDAeFw0yNDA4MjMwNTU1MDRaFw0yNTA4MjIwNjAwMDRaMDMxMTAvBgNV
BAMTKENBNTIzQUM4OEVFMEQ4NDgxM0VCODhFM0NFMUEwQkEwMjZGQjgzQUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD1JP6zgiP1SQWrZluGRT6UH2Fh
nCv1AgyCNhMITsRTmeS9k+mSlXDM6CrPfkBXcvHI6skj7Tkyp/tuAzNxP8vEjtdS
Nhiun8KrGrpr2zCDTGgtALoYa/9RdKQWDpx4tO49vxb86UOtwyXVWCn2cmzF6Cm0
Tbs6BvKyVy7dSAVxtc76EHnEV1qMjuLF4FYYMD5vOEsZs0xK28F7ckaM4xII0/GK
i8CQhdT7WhHmu/tv1hOs2i3ZqW0RN3n2Btqqlwd+nQd5jOhJfuEBaX8MPNl4shMY
voIPcDncs2UGEhm7zSjcFLG/AmVU9a8v2kyPH4olgA+g4WFw3vfIGIC08xmdAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUylI6yI7g2EgT64jjzhoLoCb7g6swHwYDVR0j
BBgwFoAUVSsxom6Sqd1qWFuSN1t/yk+maYQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
MDE0MzJjYy0zYmM5LTQ4NTgtYjUwNi0yMThhYWIwYjA4OWMvMC81NTJCMzFBMjZF
OTJBOURENkE1ODVCOTIzNzVCN0ZDQTRGQTY2OTg0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNTUyQjMxQTI2RTkyQTlERDZBNTg1QjkyMzc1QjdGQ0E0RkE2
Njk4NC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIwMTQzMmNjLTNiYzktNDg1OC1i
NTA2LTIxOGFhYjBiMDg5Yy8wLzMyMzAzMjJlMzEzNjMyMmUzMjMwMzMyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzgzODM0MzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKosswDQYJ
KoZIhvcNAQELBQADggEBAF/8S8Oc7h8YK6ClgqKcYWhx27EpMz5r+dV3tEEYsC8p
m9pBf6yZYcCazf9alQd43ghwo1dr02mhr/C+I+TLj4LH3SJIZ2iYwlTbzd/evkL8
/gZEoKjaoFaK94QjUbmxhwNVCqzmaods0vX6ETH9W2y/4fPVsQwuGWSFLN1/L4tv
9XbXv78GxgIbOcpCS2wN+IQGzIwnypQJ6SUAgH5YwiURPlW3mRSBQDV6xmdbUkam
i4SGEBUeNh8heHy3yfiwbcOEQRxEAcnnct2Wmpuu0AGYFKgEUYicNMtOY0SQMKbX
VwdjZM4pPDy3FuDbvBfGIg5RZQMAl7o37o+VG+Ts/pM=
-----END CERTIFICATE-----
Generated at Fri Apr 11 00:17:52 2025 by rpki-client