Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/33ad3757-93a0-4b33-9128-24aa61304eff/0/3130332e3231312e342e302f32332d3234203d3e2034383030.roa
File: 3130332e3231312e342e302f32332d3234203d3e2034383030.roa (raw, json)
Hash identifier: XruL81aH+YN1ovypVRcmkN6zvYT5ojMoMI2ZZS2pPEk=
Subject key identifier: 96:D0:53:A0:57:86:F4:B4:31:A1:56:BF:5E:B4:A9:B3:57:FA:1D:45
Certificate issuer: /CN=D043C2A2B395E6A7BC8A32F1AE6C1934B0235FA7
Certificate serial: 4B562C9261D36E9D01380A604E29D3620158CEDF
Authority key identifier: D0:43:C2:A2:B3:95:E6:A7:BC:8A:32:F1:AE:6C:19:34:B0:23:5F:A7
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D043C2A2B395E6A7BC8A32F1AE6C1934B0235FA7.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/33ad3757-93a0-4b33-9128-24aa61304eff/0/3130332e3231312e342e302f32332d3234203d3e2034383030.roa
Signing time: Mon 29 Jul 2024 04:01:16 +0000
ROA not before: Mon 29 Jul 2024 03:56:16 +0000
ROA not after: Mon 28 Jul 2025 04:01:16 +0000
asID: 4800
IP address blocks: 103.211.4.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:56:2c:92:61:d3:6e:9d:01:38:0a:60:4e:29:d3:62:01:58:ce:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D043C2A2B395E6A7BC8A32F1AE6C1934B0235FA7
Validity
Not Before: Jul 29 03:56:16 2024 GMT
Not After : Jul 28 04:01:16 2025 GMT
Subject: CN=96D053A05786F4B431A156BF5EB4A9B357FA1D45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c7:88:dc:af:ea:14:cd:63:56:0a:0f:b3:80:
b0:a8:45:db:75:fa:2e:00:34:2e:19:5d:78:19:a4:
a3:9f:f5:5b:00:c9:bf:92:9f:2f:b4:c3:1e:c9:a7:
e5:9f:fb:a3:6e:e5:78:1a:59:14:a1:ea:62:d8:dd:
86:6e:d6:d7:7f:19:86:41:02:07:fe:60:68:f5:2c:
8b:e0:61:90:84:8b:b0:d0:6b:aa:d7:af:e9:33:94:
08:39:41:d3:ae:7b:09:33:7a:ba:dc:e5:6b:a7:57:
48:67:ce:50:72:39:32:1b:50:cb:b2:c7:db:60:60:
b7:ab:e5:b3:64:e8:13:11:34:c0:de:ca:3a:56:7b:
8d:5d:75:9a:aa:6d:b2:f0:3d:8a:4b:89:69:f4:99:
f0:11:ea:4a:73:fe:eb:33:f0:e8:e8:55:73:0c:a0:
19:86:e3:3b:42:7b:8c:91:91:8f:0c:39:33:65:c1:
6d:04:a5:02:64:5e:b1:93:cd:0f:2a:30:1b:52:f4:
eb:53:1e:6d:b4:4c:e1:4c:d3:dd:dd:47:13:71:02:
aa:3b:a6:35:aa:c3:71:14:5e:84:dc:9b:e7:04:e5:
a5:80:5a:e0:32:32:08:83:4b:86:85:bb:bc:27:0e:
5b:f1:d9:60:c7:ca:ea:73:05:46:1b:ec:36:da:b5:
35:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:D0:53:A0:57:86:F4:B4:31:A1:56:BF:5E:B4:A9:B3:57:FA:1D:45
X509v3 Authority Key Identifier:
keyid:D0:43:C2:A2:B3:95:E6:A7:BC:8A:32:F1:AE:6C:19:34:B0:23:5F:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/33ad3757-93a0-4b33-9128-24aa61304eff/0/D043C2A2B395E6A7BC8A32F1AE6C1934B0235FA7.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D043C2A2B395E6A7BC8A32F1AE6C1934B0235FA7.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/33ad3757-93a0-4b33-9128-24aa61304eff/0/3130332e3231312e342e302f32332d3234203d3e2034383030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.211.4.0/23
Signature Algorithm: sha256WithRSAEncryption
b0:d4:6e:43:8f:e9:3c:ad:fb:4b:4c:cf:b9:aa:60:5f:5c:67:
09:7a:41:cb:d8:58:1d:dd:bf:ff:a5:6e:28:cd:35:8a:1e:d6:
3d:4b:12:4b:e0:7e:29:ab:31:df:7e:b5:76:f1:29:cc:3d:2f:
5b:e0:3f:c9:37:a1:23:ab:d7:d5:e1:fa:e3:44:44:42:54:87:
5f:6b:6d:ae:0a:d3:55:7a:fc:1f:44:99:43:08:3b:fa:33:23:
31:f5:04:60:81:48:83:9e:33:b3:6f:db:1c:af:23:9e:bd:f7:
ec:23:5c:50:77:bf:47:ce:0d:88:8f:01:36:65:e6:70:3e:a2:
9a:32:9f:49:82:3b:39:95:74:12:fa:75:73:e0:ec:41:37:e3:
53:9c:21:ac:c9:d7:a3:66:3b:98:cf:cb:e0:7c:94:b1:08:08:
82:2f:0f:38:7d:3d:00:4e:14:91:8e:cb:89:29:b9:db:58:d5:
21:83:a0:b7:7a:f4:01:25:e8:b7:4b:f5:95:49:c0:14:77:7b:
96:f0:5c:30:67:c1:be:b1:b5:80:50:3a:ad:19:c8:4a:c1:38:
d1:9f:35:f6:da:e1:d3:b9:92:3b:5e:a2:25:19:cf:98:3e:fa:
a0:ec:09:53:99:e6:39:0d:db:06:dd:31:56:00:90:49:86:a2:
fe:d4:6d:1e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUS1YskmHTbp0BOApgTinTYgFYzt8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDA0M0MyQTJCMzk1RTZBN0JDOEEzMkYxQUU2QzE5MzRC
MDIzNUZBNzAeFw0yNDA3MjkwMzU2MTZaFw0yNTA3MjgwNDAxMTZaMDMxMTAvBgNV
BAMTKDk2RDA1M0EwNTc4NkY0QjQzMUExNTZCRjVFQjRBOUIzNTdGQTFENDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7x4jcr+oUzWNWCg+zgLCoRdt1
+i4ANC4ZXXgZpKOf9VsAyb+Sny+0wx7Jp+Wf+6Nu5XgaWRSh6mLY3YZu1td/GYZB
Agf+YGj1LIvgYZCEi7DQa6rXr+kzlAg5QdOuewkzerrc5WunV0hnzlByOTIbUMuy
x9tgYLer5bNk6BMRNMDeyjpWe41ddZqqbbLwPYpLiWn0mfAR6kpz/usz8OjoVXMM
oBmG4ztCe4yRkY8MOTNlwW0EpQJkXrGTzQ8qMBtS9OtTHm20TOFM093dRxNxAqo7
pjWqw3EUXoTcm+cE5aWAWuAyMgiDS4aFu7wnDlvx2WDHyupzBUYb7DbatTVZAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUltBToFeG9LQxoVa/XrSps1f6HUUwHwYDVR0j
BBgwFoAU0EPCorOV5qe8ijLxrmwZNLAjX6cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
M2FkMzc1Ny05M2EwLTRiMzMtOTEyOC0yNGFhNjEzMDRlZmYvMC9EMDQzQzJBMkIz
OTVFNkE3QkM4QTMyRjFBRTZDMTkzNEIwMjM1RkE3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDA0M0MyQTJCMzk1RTZBN0JDOEEzMkYxQUU2QzE5MzRCMDIz
NUZBNy5jZXIwgZ0GCCsGAQUFBwELBIGQMIGNMIGKBggrBgEFBQcwC4Z+cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzNhZDM3NTctOTNhMC00YjMzLTkx
MjgtMjRhYTYxMzA0ZWZmLzAvMzEzMDMzMmUzMjMxMzEyZTM0MmUzMDJmMzIzMzJk
MzIzNDIwM2QzZTIwMzQzODMwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFn0wQwDQYJKoZIhvcNAQEL
BQADggEBALDUbkOP6Tyt+0tMz7mqYF9cZwl6QcvYWB3dv/+lbijNNYoe1j1LEkvg
fimrMd9+tXbxKcw9L1vgP8k3oSOr19Xh+uNEREJUh19rba4K01V6/B9EmUMIO/oz
IzH1BGCBSIOeM7Nv2xyvI5699+wjXFB3v0fODYiPATZl5nA+opoyn0mCOzmVdBL6
dXPg7EE341OcIazJ16NmO5jPy+B8lLEICIIvDzh9PQBOFJGOy4kpudtY1SGDoLd6
9AEl6LdL9ZVJwBR3e5bwXDBnwb6xtYBQOq0ZyErBONGfNfba4dO5kjteoiUZz5g+
+qDsCVOZ5jkN2wbdMVYAkEmGov7UbR4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:46:34 2025 by rpki-client