Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/3130332e3234372e32332e302f32342d3234203d3e203538343835.roa
File: 3130332e3234372e32332e302f32342d3234203d3e203538343835.roa (raw, json)
Hash identifier: lzNm0/0IA9d3peGzozwFKwjutuLSs05RevbSqRZ75Wc=
Subject key identifier: 9C:A3:87:79:29:84:E1:46:DB:E7:68:B7:B0:CF:29:56:74:02:70:F1
Certificate issuer: /CN=FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39
Certificate serial: 2CF24C2B1B6B37F25000C2B2A35DCF3458F684C4
Authority key identifier: FA:5B:CA:98:4E:EB:AF:FD:CE:D8:41:90:C7:07:56:DB:EB:3B:FF:39
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/3130332e3234372e32332e302f32342d3234203d3e203538343835.roa
Signing time: Sun 09 Mar 2025 05:36:07 +0000
ROA not before: Sun 09 Mar 2025 05:31:07 +0000
ROA not after: Sun 08 Mar 2026 05:36:07 +0000
asID: 58485
IP address blocks: 103.247.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:f2:4c:2b:1b:6b:37:f2:50:00:c2:b2:a3:5d:cf:34:58:f6:84:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39
Validity
Not Before: Mar 9 05:31:07 2025 GMT
Not After : Mar 8 05:36:07 2026 GMT
Subject: CN=9CA387792984E146DBE768B7B0CF2956740270F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c9:f3:e0:ba:b2:0e:7e:1c:bb:5c:51:28:bf:
9f:55:f7:a4:f3:7c:a0:60:7f:fb:04:20:f7:f8:ec:
22:4f:81:63:cc:f4:94:85:91:87:27:ed:7f:13:3a:
aa:9e:b7:04:8a:91:b1:71:a1:02:34:01:7c:3e:7d:
26:6a:4b:ef:34:66:06:a5:27:2f:d6:d4:45:39:e5:
2a:27:1e:2f:cd:6f:00:3d:f8:37:82:ec:35:ab:07:
d5:01:9d:6c:3b:47:49:1c:45:5e:89:44:44:bc:9e:
a6:93:48:1d:6e:0b:de:ee:b4:41:6b:98:25:95:b0:
fb:1e:c5:9c:44:e8:ff:86:61:4e:4d:9d:2b:f8:0a:
d1:35:71:18:ae:b5:f8:cc:dc:46:dc:2d:39:bb:fb:
82:1c:f6:91:07:b5:3c:cb:96:64:67:a1:65:ac:9d:
21:23:34:7b:b8:13:9d:4a:bf:82:d8:c9:1b:e6:96:
fb:c3:a7:47:6b:ad:db:28:20:82:c1:0b:ca:e9:ca:
ff:30:3a:07:18:a6:c6:eb:dd:7e:0f:68:0a:8f:4b:
37:74:db:1e:99:95:20:b0:6a:74:70:bf:12:59:5a:
8e:0c:5e:47:81:72:cd:5c:18:63:7a:7a:dd:19:a9:
9a:3c:cd:bd:cb:d3:86:6b:8a:d2:d8:38:79:6f:74:
cf:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A3:87:79:29:84:E1:46:DB:E7:68:B7:B0:CF:29:56:74:02:70:F1
X509v3 Authority Key Identifier:
keyid:FA:5B:CA:98:4E:EB:AF:FD:CE:D8:41:90:C7:07:56:DB:EB:3B:FF:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/3130332e3234372e32332e302f32342d3234203d3e203538343835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.247.23.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:12:67:f4:71:f4:a4:cc:1d:f3:75:34:06:c3:87:7a:ef:c9:
37:43:0e:df:cc:57:ec:46:27:09:a0:5c:20:76:27:1b:09:87:
f5:f3:4f:81:72:e4:dc:bf:2a:08:e1:ad:af:36:7e:f6:c0:2b:
7a:5e:a7:94:d4:72:04:61:86:ae:8b:0a:95:bd:72:4e:fb:f4:
37:a2:3f:11:f4:af:01:ed:0b:bb:ed:4e:3e:d9:60:86:66:e2:
10:7d:bd:85:d2:a0:21:05:e6:39:92:2c:8a:ce:ad:26:53:10:
5e:b5:b9:e7:85:1e:50:ed:f0:8a:a1:b7:2e:2c:c4:7f:9a:5c:
a6:66:7a:b9:51:f6:0a:5f:d4:d7:d4:92:94:64:e1:e5:90:ce:
6a:d6:d5:c2:ac:54:13:3c:df:54:bf:da:c8:74:91:f6:0a:1c:
df:9c:a5:7b:38:ca:c7:cc:ce:43:a5:e5:a7:04:68:a1:78:65:
2f:b6:3c:9a:2d:e3:b5:0a:2a:fa:d7:d8:29:4f:eb:0f:51:13:
78:f4:97:0d:3e:21:0b:17:8d:f7:c5:90:4d:70:68:dc:a9:45:
81:cc:3d:2e:e2:43:8f:6d:20:47:8e:bb:47:a5:8f:44:46:32:
03:d4:bd:64:a9:df:a1:3e:74:2b:51:eb:e7:b0:3f:96:fd:6c:
05:bf:0c:1e
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIULPJMKxtrN/JQAMKyo13PNFj2hMQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkE1QkNBOTg0RUVCQUZGRENFRDg0MTkwQzcwNzU2REJF
QjNCRkYzOTAeFw0yNTAzMDkwNTMxMDdaFw0yNjAzMDgwNTM2MDdaMDMxMTAvBgNV
BAMTKDlDQTM4Nzc5Mjk4NEUxNDZEQkU3NjhCN0IwQ0YyOTU2NzQwMjcwRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdyfPgurIOfhy7XFEov59V96Tz
fKBgf/sEIPf47CJPgWPM9JSFkYcn7X8TOqqetwSKkbFxoQI0AXw+fSZqS+80Zgal
Jy/W1EU55SonHi/NbwA9+DeC7DWrB9UBnWw7R0kcRV6JRES8nqaTSB1uC97utEFr
mCWVsPsexZxE6P+GYU5NnSv4CtE1cRiutfjM3EbcLTm7+4Ic9pEHtTzLlmRnoWWs
nSEjNHu4E51Kv4LYyRvmlvvDp0drrdsoIILBC8rpyv8wOgcYpsbr3X4PaAqPSzd0
2x6ZlSCwanRwvxJZWo4MXkeBcs1cGGN6et0ZqZo8zb3L04ZritLYOHlvdM+zAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUnKOHeSmE4Ubb52i3sM8pVnQCcPEwHwYDVR0j
BBgwFoAU+lvKmE7rr/3O2EGQxwdW2+s7/zkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZWU0N2JiZi1iYTg0LTQ0OGYtOTYyYi0yYWFmNWM3ZGQ2OGQvMC9GQTVCQ0E5ODRF
RUJBRkZEQ0VEODQxOTBDNzA3NTZEQkVCM0JGRjM5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRkE1QkNBOTg0RUVCQUZGRENFRDg0MTkwQzcwNzU2REJFQjNC
RkYzOS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJlZTQ3YmJmLWJhODQtNDQ4Zi05
NjJiLTJhYWY1YzdkZDY4ZC8wLzMxMzAzMzJlMzIzNDM3MmUzMjMzMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzUzODM0MzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGf3FzANBgkqhkiG
9w0BAQsFAAOCAQEAKhJn9HH0pMwd83U0BsOHeu/JN0MO38xX7EYnCaBcIHYnGwmH
9fNPgXLk3L8qCOGtrzZ+9sArel6nlNRyBGGGrosKlb1yTvv0N6I/EfSvAe0Lu+1O
PtlghmbiEH29hdKgIQXmOZIsis6tJlMQXrW554UeUO3wiqG3LizEf5pcpmZ6uVH2
Cl/U19SSlGTh5ZDOatbVwqxUEzzfVL/ayHSR9goc35ylezjKx8zOQ6XlpwRooXhl
L7Y8mi3jtQoq+tfYKU/rD1ETePSXDT4hCxeN98WQTXBo3KlFgcw9LuJDj20gR467
R6WPREYyA9S9ZKnfoT50K1Hr57A/lv1sBb8MHg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:28:13 2025 by rpki-client