Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/3130332e3234372e32302e302f32342d3234203d3e203538343835.roa
File: 3130332e3234372e32302e302f32342d3234203d3e203538343835.roa (raw, json)
Hash identifier: VZwDewAsxwwfePzp0qRdTXSl6r6rgS1qxxsBlVs1abM=
Subject key identifier: D7:9D:C5:7E:E5:82:2B:2E:ED:FE:DF:1B:70:08:6C:74:6A:7C:B7:67
Certificate issuer: /CN=FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39
Certificate serial: 33F922CB3FF7F6A20BDD3449E6427C85B9975589
Authority key identifier: FA:5B:CA:98:4E:EB:AF:FD:CE:D8:41:90:C7:07:56:DB:EB:3B:FF:39
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/3130332e3234372e32302e302f32342d3234203d3e203538343835.roa
Signing time: Sun 09 Mar 2025 05:35:32 +0000
ROA not before: Sun 09 Mar 2025 05:30:32 +0000
ROA not after: Sun 08 Mar 2026 05:35:32 +0000
asID: 58485
IP address blocks: 103.247.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:f9:22:cb:3f:f7:f6:a2:0b:dd:34:49:e6:42:7c:85:b9:97:55:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39
Validity
Not Before: Mar 9 05:30:32 2025 GMT
Not After : Mar 8 05:35:32 2026 GMT
Subject: CN=D79DC57EE5822B2EEDFEDF1B70086C746A7CB767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ae:4c:58:0b:6a:ce:80:63:26:b5:45:f5:18:
e0:82:08:c1:4c:99:2b:ec:b3:01:fa:b4:a5:59:29:
42:aa:ee:c3:90:f6:52:e5:55:52:35:ba:89:3e:11:
1a:c2:4d:19:a8:a8:dd:c5:d9:9f:9a:71:27:e8:01:
85:15:e4:b2:39:a3:0b:df:28:c8:fd:f1:66:f7:fb:
0d:fe:99:f8:41:25:96:df:63:2f:89:7d:45:fc:03:
f1:d1:ce:43:00:54:ee:20:e4:f5:f6:49:a2:75:6b:
07:86:6c:d5:e3:b0:03:c4:3e:d1:0d:dd:40:f4:7b:
51:ba:39:f4:dc:a9:8b:6a:04:df:dc:16:3c:4d:3b:
f5:e7:ab:63:9b:91:1b:b3:6d:fc:d4:fc:7d:87:bf:
e8:a4:e3:83:2b:41:d0:79:9a:a5:14:13:42:df:fd:
f5:db:ae:78:cc:73:0e:76:bc:bc:16:19:bc:c1:37:
da:5c:d1:94:75:03:52:ac:f0:c4:91:ee:32:57:5b:
4d:76:d9:a2:cb:66:fa:1e:ce:d0:ed:11:63:3a:a8:
a1:2e:49:73:72:e1:f5:ef:bd:85:fe:6a:37:1a:ce:
7f:ac:9e:f8:5b:8b:5f:97:64:a1:5c:fb:c0:00:06:
cf:66:93:3c:dd:cd:e5:bb:db:73:0d:12:7b:9a:1b:
f6:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:9D:C5:7E:E5:82:2B:2E:ED:FE:DF:1B:70:08:6C:74:6A:7C:B7:67
X509v3 Authority Key Identifier:
keyid:FA:5B:CA:98:4E:EB:AF:FD:CE:D8:41:90:C7:07:56:DB:EB:3B:FF:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/3130332e3234372e32302e302f32342d3234203d3e203538343835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.247.20.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:5c:d5:71:1d:c9:af:d6:c0:30:9e:a1:5c:26:74:ea:10:da:
b0:c1:91:6c:af:0a:1e:46:45:24:f0:d2:35:fb:4c:be:3c:a7:
da:b8:18:61:12:1f:eb:b0:dc:55:c0:52:24:ce:84:04:c2:a0:
e6:92:09:83:99:99:86:6d:9a:42:96:7b:50:fc:05:2a:27:c0:
8b:aa:8d:fc:75:e8:32:a6:9b:0a:1e:a7:da:b0:02:88:a4:46:
7d:c5:6a:1b:89:2a:00:a3:46:7b:f1:b4:40:51:b2:ed:e1:ad:
9a:f9:f4:fa:fd:54:cd:11:37:35:e1:35:80:8d:3a:38:7d:7e:
80:25:aa:bb:ee:5b:b2:58:2a:14:58:68:97:57:69:53:a6:ef:
e0:9b:1b:77:88:28:ef:92:f7:8f:d3:9a:97:48:83:08:51:12:
e4:10:50:63:dc:3b:68:1d:bf:69:fe:76:b9:be:ff:89:ee:92:
ba:67:7d:42:30:99:37:76:aa:a9:97:5f:35:6a:96:19:12:30:
8f:8c:5e:84:24:12:65:6b:2e:15:d3:f2:9e:9d:7c:3f:5c:e1:
1e:be:ee:01:50:ba:ec:e4:32:fc:af:9c:4e:ff:26:73:e0:88:
92:0a:a4:0e:5b:27:b5:be:78:d4:05:4b:83:91:20:73:be:03:
e6:d5:04:6a
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUM/kiyz/39qIL3TRJ5kJ8hbmXVYkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkE1QkNBOTg0RUVCQUZGRENFRDg0MTkwQzcwNzU2REJF
QjNCRkYzOTAeFw0yNTAzMDkwNTMwMzJaFw0yNjAzMDgwNTM1MzJaMDMxMTAvBgNV
BAMTKEQ3OURDNTdFRTU4MjJCMkVFREZFREYxQjcwMDg2Qzc0NkE3Q0I3NjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkrkxYC2rOgGMmtUX1GOCCCMFM
mSvsswH6tKVZKUKq7sOQ9lLlVVI1uok+ERrCTRmoqN3F2Z+acSfoAYUV5LI5owvf
KMj98Wb3+w3+mfhBJZbfYy+JfUX8A/HRzkMAVO4g5PX2SaJ1aweGbNXjsAPEPtEN
3UD0e1G6OfTcqYtqBN/cFjxNO/Xnq2ObkRuzbfzU/H2Hv+ik44MrQdB5mqUUE0Lf
/fXbrnjMcw52vLwWGbzBN9pc0ZR1A1Ks8MSR7jJXW0122aLLZvoeztDtEWM6qKEu
SXNy4fXvvYX+ajcazn+snvhbi1+XZKFc+8AABs9mkzzdzeW723MNEnuaG/arAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU153FfuWCKy7t/t8bcAhsdGp8t2cwHwYDVR0j
BBgwFoAU+lvKmE7rr/3O2EGQxwdW2+s7/zkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZWU0N2JiZi1iYTg0LTQ0OGYtOTYyYi0yYWFmNWM3ZGQ2OGQvMC9GQTVCQ0E5ODRF
RUJBRkZEQ0VEODQxOTBDNzA3NTZEQkVCM0JGRjM5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRkE1QkNBOTg0RUVCQUZGRENFRDg0MTkwQzcwNzU2REJFQjNC
RkYzOS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJlZTQ3YmJmLWJhODQtNDQ4Zi05
NjJiLTJhYWY1YzdkZDY4ZC8wLzMxMzAzMzJlMzIzNDM3MmUzMjMwMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzUzODM0MzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGf3FDANBgkqhkiG
9w0BAQsFAAOCAQEAi1zVcR3Jr9bAMJ6hXCZ06hDasMGRbK8KHkZFJPDSNftMvjyn
2rgYYRIf67DcVcBSJM6EBMKg5pIJg5mZhm2aQpZ7UPwFKifAi6qN/HXoMqabCh6n
2rACiKRGfcVqG4kqAKNGe/G0QFGy7eGtmvn0+v1UzRE3NeE1gI06OH1+gCWqu+5b
slgqFFhol1dpU6bv4Jsbd4go75L3j9Oal0iDCFES5BBQY9w7aB2/af52ub7/ie6S
umd9QjCZN3aqqZdfNWqWGRIwj4xehCQSZWsuFdPynp18P1zhHr7uAVC67OQy/K+c
Tv8mc+CIkgqkDlsntb541AVLg5Egc74D5tUEag==
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:27:44 2025 by rpki-client