Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/3130332e3234372e32302e302f32322d3234203d3e203538343835.roa
File: 3130332e3234372e32302e302f32322d3234203d3e203538343835.roa (raw, json)
Hash identifier: E4EHACTapkYEoooIF7AJmGsIY6TAbPPbIP0MMOQR2nY=
Subject key identifier: 61:FC:A3:11:C2:AB:42:24:3C:9F:0C:1C:8B:46:C9:FF:FB:0E:AB:7C
Certificate issuer: /CN=FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39
Certificate serial: 3E95C850529E573E4A6B9259EF82929F2D41D0F2
Authority key identifier: FA:5B:CA:98:4E:EB:AF:FD:CE:D8:41:90:C7:07:56:DB:EB:3B:FF:39
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/3130332e3234372e32302e302f32322d3234203d3e203538343835.roa
Signing time: Sat 30 Nov 2024 11:00:00 +0000
ROA not before: Sat 30 Nov 2024 10:55:00 +0000
ROA not after: Sat 29 Nov 2025 11:00:00 +0000
asID: 58485
IP address blocks: 103.247.20.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:95:c8:50:52:9e:57:3e:4a:6b:92:59:ef:82:92:9f:2d:41:d0:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39
Validity
Not Before: Nov 30 10:55:00 2024 GMT
Not After : Nov 29 11:00:00 2025 GMT
Subject: CN=61FCA311C2AB42243C9F0C1C8B46C9FFFB0EAB7C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:23:07:60:9c:f4:02:b0:e7:c8:ae:77:e8:5f:
e0:14:ab:01:9b:a2:92:87:24:4a:ce:24:7d:8e:b9:
cc:ca:a7:a6:4f:5c:a6:4d:bf:e7:e2:07:ce:0a:bf:
ab:51:df:7f:ac:68:ed:71:f3:58:23:58:18:b0:f9:
ad:81:81:2b:6e:09:5e:18:44:f5:b0:06:86:13:64:
51:c1:15:95:43:70:1a:fd:24:92:31:75:44:80:92:
c9:dd:7f:a3:02:13:2a:2d:73:b8:87:f6:88:31:8f:
90:67:e8:a3:77:80:be:f2:c9:38:62:60:b4:5a:03:
7d:5d:9d:49:dd:10:82:bc:28:64:ac:c6:13:fd:0c:
5a:c3:6b:e9:23:b8:01:7c:46:ec:b5:28:9d:8e:c0:
f1:27:05:cc:73:e1:56:6a:ba:ec:6a:7d:67:ff:98:
fd:8d:8e:05:57:25:1f:a1:d0:91:22:30:96:1e:51:
03:8c:1c:1b:07:25:72:d7:76:7b:d9:a2:ab:0f:6b:
89:e1:21:75:75:76:20:88:a2:3a:b8:90:6d:22:1d:
10:22:73:6a:71:d2:46:13:41:74:66:03:35:8a:28:
ce:ae:55:a3:f9:f9:ca:99:5c:c1:e3:e8:a8:05:50:
ae:4a:07:f1:cf:a4:1b:a7:d5:94:c0:01:98:8b:a2:
55:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:FC:A3:11:C2:AB:42:24:3C:9F:0C:1C:8B:46:C9:FF:FB:0E:AB:7C
X509v3 Authority Key Identifier:
keyid:FA:5B:CA:98:4E:EB:AF:FD:CE:D8:41:90:C7:07:56:DB:EB:3B:FF:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/3130332e3234372e32302e302f32322d3234203d3e203538343835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.247.20.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:72:23:89:50:1b:b6:75:4c:5f:28:e3:c8:05:85:2c:3b:dd:
30:66:63:74:c8:58:07:ed:c8:bf:22:d8:cb:c0:4b:81:d2:75:
4a:1a:75:e6:c3:6b:35:66:84:67:7c:05:5c:2f:66:aa:50:f1:
21:f9:46:8c:f2:6c:93:97:1e:3c:83:0b:e1:09:99:ef:73:e4:
4d:87:ec:17:fe:3a:11:85:e3:7b:0f:19:16:c8:71:11:61:ae:
ed:5f:de:ba:ce:7f:f1:95:18:56:71:c2:69:55:47:95:c1:f6:
dc:2e:d0:52:f2:38:01:fe:b9:b8:e1:6e:bb:e9:17:79:d1:47:
97:00:ea:5e:c6:ef:e2:33:83:fd:a0:d9:13:6c:ad:51:db:2c:
dc:3a:d4:c1:7c:d5:d1:c4:00:7b:6c:b8:c9:4d:6e:eb:b6:68:
08:35:85:0e:22:ee:a7:9e:e3:d4:92:d2:50:40:eb:60:3a:9d:
bf:5d:27:e8:23:87:bf:38:32:fb:05:cc:3f:45:57:27:39:ec:
35:32:31:7a:98:f3:73:db:56:37:66:cd:50:c9:f8:f8:1b:19:
1f:67:9a:4f:17:2c:04:11:1a:41:45:ce:23:c1:29:f4:6c:78:
4b:60:23:4a:c8:90:10:60:7d:f0:ce:1f:a3:01:a5:2a:a3:86:
5d:d3:5d:7f
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUPpXIUFKeVz5Ka5JZ74KSny1B0PIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkE1QkNBOTg0RUVCQUZGRENFRDg0MTkwQzcwNzU2REJF
QjNCRkYzOTAeFw0yNDExMzAxMDU1MDBaFw0yNTExMjkxMTAwMDBaMDMxMTAvBgNV
BAMTKDYxRkNBMzExQzJBQjQyMjQzQzlGMEMxQzhCNDZDOUZGRkIwRUFCN0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdIwdgnPQCsOfIrnfoX+AUqwGb
opKHJErOJH2OuczKp6ZPXKZNv+fiB84Kv6tR33+saO1x81gjWBiw+a2BgStuCV4Y
RPWwBoYTZFHBFZVDcBr9JJIxdUSAksndf6MCEyotc7iH9ogxj5Bn6KN3gL7yyThi
YLRaA31dnUndEIK8KGSsxhP9DFrDa+kjuAF8Ruy1KJ2OwPEnBcxz4VZquuxqfWf/
mP2NjgVXJR+h0JEiMJYeUQOMHBsHJXLXdnvZoqsPa4nhIXV1diCIojq4kG0iHRAi
c2px0kYTQXRmAzWKKM6uVaP5+cqZXMHj6KgFUK5KB/HPpBun1ZTAAZiLolW/AgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUYfyjEcKrQiQ8nwwci0bJ//sOq3wwHwYDVR0j
BBgwFoAU+lvKmE7rr/3O2EGQxwdW2+s7/zkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZWU0N2JiZi1iYTg0LTQ0OGYtOTYyYi0yYWFmNWM3ZGQ2OGQvMC9GQTVCQ0E5ODRF
RUJBRkZEQ0VEODQxOTBDNzA3NTZEQkVCM0JGRjM5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRkE1QkNBOTg0RUVCQUZGRENFRDg0MTkwQzcwNzU2REJFQjNC
RkYzOS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJlZTQ3YmJmLWJhODQtNDQ4Zi05
NjJiLTJhYWY1YzdkZDY4ZC8wLzMxMzAzMzJlMzIzNDM3MmUzMjMwMmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzUzODM0MzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmf3FDANBgkqhkiG
9w0BAQsFAAOCAQEAvHIjiVAbtnVMXyjjyAWFLDvdMGZjdMhYB+3IvyLYy8BLgdJ1
Shp15sNrNWaEZ3wFXC9mqlDxIflGjPJsk5cePIML4QmZ73PkTYfsF/46EYXjew8Z
FshxEWGu7V/eus5/8ZUYVnHCaVVHlcH23C7QUvI4Af65uOFuu+kXedFHlwDqXsbv
4jOD/aDZE2ytUdss3DrUwXzV0cQAe2y4yU1u67ZoCDWFDiLup57j1JLSUEDrYDqd
v10n6COHvzgy+wXMP0VXJznsNTIxepjzc9tWN2bNUMn4+BsZH2eaTxcsBBEaQUXO
I8Ep9Gx4S2AjSsiQEGB98M4fowGlKqOGXdNdfw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:30:47 2025 by rpki-client