Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/338d2755-380d-477e-bf25-0af29026bd70/0/3136332e35332e3139322e302f32342d3234203d3e203538333831.roa
File: 3136332e35332e3139322e302f32342d3234203d3e203538333831.roa (raw, json)
Hash identifier: yZc1iS4QoDixBleI5zCzNqJxlWUKStGiBLindHs1iEI=
Subject key identifier: 23:37:42:92:B8:D4:E9:BF:A6:4E:5B:B6:BF:02:CB:71:0C:88:E8:F5
Certificate issuer: /CN=E5A907C4EC6DA6D9342613280CCAF26E98DBEB98
Certificate serial: 04CA442A481D21BA5CE836D01E784F78B3684335
Authority key identifier: E5:A9:07:C4:EC:6D:A6:D9:34:26:13:28:0C:CA:F2:6E:98:DB:EB:98
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E5A907C4EC6DA6D9342613280CCAF26E98DBEB98.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/338d2755-380d-477e-bf25-0af29026bd70/0/3136332e35332e3139322e302f32342d3234203d3e203538333831.roa
Signing time: Wed 02 Apr 2025 16:00:06 +0000
ROA not before: Wed 02 Apr 2025 15:55:06 +0000
ROA not after: Wed 01 Apr 2026 16:00:06 +0000
asID: 58381
IP address blocks: 163.53.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/338d2755-380d-477e-bf25-0af29026bd70/0/E5A907C4EC6DA6D9342613280CCAF26E98DBEB98.crl
rsync://repo-rpki.idnic.net/repo/338d2755-380d-477e-bf25-0af29026bd70/0/E5A907C4EC6DA6D9342613280CCAF26E98DBEB98.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E5A907C4EC6DA6D9342613280CCAF26E98DBEB98.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 13 Apr 2025 00:36:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:ca:44:2a:48:1d:21:ba:5c:e8:36:d0:1e:78:4f:78:b3:68:43:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E5A907C4EC6DA6D9342613280CCAF26E98DBEB98
Validity
Not Before: Apr 2 15:55:06 2025 GMT
Not After : Apr 1 16:00:06 2026 GMT
Subject: CN=23374292B8D4E9BFA64E5BB6BF02CB710C88E8F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:46:ad:50:07:9d:53:9c:15:04:91:c1:57:a6:
ff:30:b3:52:7a:a3:eb:f7:d9:64:60:c2:c4:75:1d:
2e:23:33:8a:ba:54:23:cd:bf:a2:06:fe:20:00:94:
4f:35:a9:57:29:d1:4c:a2:6d:a4:4f:de:8e:c6:b9:
6c:53:11:83:3c:9d:62:6a:01:7c:c7:39:04:04:03:
05:70:c3:23:f5:25:cf:fe:17:24:b3:d1:84:d8:34:
39:52:e5:77:1a:07:5e:8f:b8:86:f4:d0:36:a7:c0:
1c:73:c9:d1:38:58:6b:f9:2f:29:71:f1:bb:1e:dd:
26:f0:b0:37:bd:0c:f9:d8:4f:e1:04:be:b6:f2:1a:
59:05:18:a7:a5:37:ab:97:d9:b3:f0:36:ce:f0:a4:
39:86:9e:8c:19:19:6c:94:23:07:4d:51:2a:8c:e1:
f4:a7:cb:3b:f0:c6:a8:f2:56:1a:1e:5d:0a:27:5a:
ac:2e:ed:37:33:c5:d0:2f:02:73:bf:2c:34:fa:6b:
c1:2c:b6:7a:dc:aa:ef:ec:5e:24:87:1b:aa:f4:43:
65:1d:97:69:3c:1c:50:8f:aa:d3:99:91:5c:e9:79:
af:ff:92:8d:24:4c:7c:d6:1d:50:a0:b3:b5:cb:10:
33:6b:63:02:f5:76:cd:2b:ab:da:05:5c:90:35:c2:
35:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:37:42:92:B8:D4:E9:BF:A6:4E:5B:B6:BF:02:CB:71:0C:88:E8:F5
X509v3 Authority Key Identifier:
keyid:E5:A9:07:C4:EC:6D:A6:D9:34:26:13:28:0C:CA:F2:6E:98:DB:EB:98
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/338d2755-380d-477e-bf25-0af29026bd70/0/E5A907C4EC6DA6D9342613280CCAF26E98DBEB98.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E5A907C4EC6DA6D9342613280CCAF26E98DBEB98.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/338d2755-380d-477e-bf25-0af29026bd70/0/3136332e35332e3139322e302f32342d3234203d3e203538333831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.53.192.0/24
Signature Algorithm: sha256WithRSAEncryption
09:65:5a:83:70:57:76:fd:58:aa:36:7a:7d:15:f0:b3:4e:cb:
fe:81:a8:ba:29:2f:4d:0e:bf:65:ac:b2:0a:22:5a:78:22:12:
22:69:09:51:fc:bd:3f:6f:b5:30:9d:bc:a5:c4:4e:97:2c:56:
2c:bf:db:15:a0:44:9f:b3:31:1d:2e:83:0d:c9:df:48:e3:cb:
b8:fc:05:46:46:d7:5f:41:6e:d2:9e:97:f3:9b:8d:d1:ec:df:
e9:a2:aa:3c:25:b9:37:31:d1:1b:a0:d2:7f:ec:55:34:3d:ed:
db:f0:16:8b:bb:cb:44:16:a9:c8:f7:d2:08:1d:7a:53:46:2c:
6e:d4:1b:81:f2:da:51:9b:15:e9:0c:d7:ee:67:3d:ee:e9:71:
b7:45:b1:a3:80:a7:c9:d9:bd:7d:7e:77:f3:af:10:13:ae:b9:
d9:a9:c1:c6:d0:14:27:a7:7f:c8:5d:4c:88:a6:75:36:d7:b3:
d4:bb:c3:96:4b:0d:8f:20:e2:fc:28:be:8f:6d:65:d1:87:ca:
c5:4c:5e:16:3d:71:93:de:5c:82:00:73:27:6f:7f:bf:62:8c:
c4:f3:77:56:a3:63:3f:11:5f:ae:56:43:8f:b1:03:6b:7e:db:
f4:bf:bb:4f:40:9d:5a:0d:89:44:25:ff:81:15:27:74:99:ed:
6f:6d:1d:7e
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUBMpEKkgdIbpc6DbQHnhPeLNoQzUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTVBOTA3QzRFQzZEQTZEOTM0MjYxMzI4MENDQUYyNkU5
OERCRUI5ODAeFw0yNTA0MDIxNTU1MDZaFw0yNjA0MDExNjAwMDZaMDMxMTAvBgNV
BAMTKDIzMzc0MjkyQjhENEU5QkZBNjRFNUJCNkJGMDJDQjcxMEM4OEU4RjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtRq1QB51TnBUEkcFXpv8ws1J6
o+v32WRgwsR1HS4jM4q6VCPNv6IG/iAAlE81qVcp0UyibaRP3o7GuWxTEYM8nWJq
AXzHOQQEAwVwwyP1Jc/+FySz0YTYNDlS5XcaB16PuIb00DanwBxzydE4WGv5Lylx
8bse3SbwsDe9DPnYT+EEvrbyGlkFGKelN6uX2bPwNs7wpDmGnowZGWyUIwdNUSqM
4fSnyzvwxqjyVhoeXQonWqwu7TczxdAvAnO/LDT6a8Estnrcqu/sXiSHG6r0Q2Ud
l2k8HFCPqtOZkVzpea//ko0kTHzWHVCgs7XLEDNrYwL1ds0rq9oFXJA1wjUpAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUIzdCkrjU6b+mTlu2vwLLcQyI6PUwHwYDVR0j
BBgwFoAU5akHxOxtptk0JhMoDMrybpjb65gwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MzhkMjc1NS0zODBkLTQ3N2UtYmYyNS0wYWYyOTAyNmJkNzAvMC9FNUE5MDdDNEVD
NkRBNkQ5MzQyNjEzMjgwQ0NBRjI2RTk4REJFQjk4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRTVBOTA3QzRFQzZEQTZEOTM0MjYxMzI4MENDQUYyNkU5OERC
RUI5OC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzMzOGQyNzU1LTM4MGQtNDc3ZS1i
ZjI1LTBhZjI5MDI2YmQ3MC8wLzMxMzYzMzJlMzUzMzJlMzEzOTMyMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzUzODMzMzgzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKM1wDANBgkqhkiG
9w0BAQsFAAOCAQEACWVag3BXdv1YqjZ6fRXws07L/oGouikvTQ6/ZayyCiJaeCIS
ImkJUfy9P2+1MJ28pcROlyxWLL/bFaBEn7MxHS6DDcnfSOPLuPwFRkbXX0Fu0p6X
85uN0ezf6aKqPCW5NzHRG6DSf+xVND3t2/AWi7vLRBapyPfSCB16U0YsbtQbgfLa
UZsV6QzX7mc97ulxt0Wxo4Cnydm9fX53868QE6652anBxtAUJ6d/yF1MiKZ1Ntez
1LvDlksNjyDi/Ci+j21l0YfKxUxeFj1xk95cggBzJ29/v2KMxPN3VqNjPxFfrlZD
j7EDa37b9L+7T0CdWg2JRCX/gRUndJntb20dfg==
-----END CERTIFICATE-----
Generated at Thu Apr 10 02:14:21 2025 by rpki-client