Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/3130332e32302e38352e302f32342d3234203d3e20313530323337.roa
File: 3130332e32302e38352e302f32342d3234203d3e20313530323337.roa (raw, json)
Hash identifier: xoLxa0LoHLD0+7I86yIRegh8/X09LbX3E+d8Q3rf5aA=
Subject key identifier: D7:E4:BF:58:11:51:6E:09:A1:A6:DE:14:3F:08:33:5B:5B:08:FA:A1
Certificate issuer: /CN=BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0
Certificate serial: 3865740DA1A429CC917C28DA5FC178EDB9430F96
Authority key identifier: BD:0C:A7:BB:7E:E1:45:97:A1:71:F1:B1:E3:E3:12:7A:79:DF:FF:D0
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/3130332e32302e38352e302f32342d3234203d3e20313530323337.roa
Signing time: Thu 28 Nov 2024 18:00:00 +0000
ROA not before: Thu 28 Nov 2024 17:55:00 +0000
ROA not after: Thu 27 Nov 2025 18:00:00 +0000
asID: 150237
IP address blocks: 103.20.85.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:65:74:0d:a1:a4:29:cc:91:7c:28:da:5f:c1:78:ed:b9:43:0f:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0
Validity
Not Before: Nov 28 17:55:00 2024 GMT
Not After : Nov 27 18:00:00 2025 GMT
Subject: CN=D7E4BF5811516E09A1A6DE143F08335B5B08FAA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ad:e9:e2:c0:f6:4a:eb:48:6d:05:7b:6d:57:
3e:7b:95:fe:fc:9d:39:85:03:63:ad:06:06:7a:fa:
a9:89:94:e4:82:19:76:6d:0d:13:eb:b1:31:53:eb:
30:42:52:70:5b:94:66:70:01:f1:a2:25:f8:99:d6:
57:80:66:bf:65:08:45:b5:c0:44:c7:b8:b9:9c:99:
1c:40:b7:dd:1b:c0:52:a4:a7:bb:f1:3f:de:47:d0:
ef:8c:4a:3c:10:6a:70:0e:f7:c3:10:ff:38:79:81:
0d:73:32:8b:5c:1a:a2:b6:1c:3c:68:9b:fa:e5:4d:
1f:5d:64:14:2d:7c:77:44:bc:27:63:d0:f5:c1:56:
b8:a0:36:55:5d:5f:28:3a:5c:6d:a9:cd:e1:c4:0a:
84:3b:d7:de:27:df:5e:51:c9:ee:5b:fe:63:b3:b4:
a0:75:76:da:fe:8e:37:4e:13:e7:1c:5a:cf:a3:22:
03:f3:f9:b9:bc:c3:c7:e7:ae:15:8c:bd:e5:e1:1d:
eb:76:3a:85:63:f1:69:42:2d:56:48:81:ab:1f:03:
36:f2:78:9d:2b:41:bc:e7:e2:6e:54:e9:57:6d:82:
6d:77:bf:b0:d1:be:4f:44:3e:81:0c:63:d8:d1:18:
25:1e:f8:ad:b6:2e:6f:ad:06:a1:16:9f:cd:0f:96:
f4:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E4:BF:58:11:51:6E:09:A1:A6:DE:14:3F:08:33:5B:5B:08:FA:A1
X509v3 Authority Key Identifier:
keyid:BD:0C:A7:BB:7E:E1:45:97:A1:71:F1:B1:E3:E3:12:7A:79:DF:FF:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/3130332e32302e38352e302f32342d3234203d3e20313530323337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.20.85.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:07:9e:4b:83:11:0e:69:5a:33:ee:4d:2b:a2:ac:d0:94:72:
ca:49:68:fd:dc:41:a4:11:4a:34:07:ee:33:9b:c6:a1:b9:87:
c0:c0:4b:21:79:94:5d:da:06:13:31:0f:30:0c:e7:1c:e9:4b:
71:31:da:cf:76:ad:e5:25:49:6d:d2:a9:97:08:98:e7:8a:db:
8c:be:cf:67:9f:13:cb:f0:ca:d1:df:1d:d7:43:40:72:36:22:
0d:db:07:b4:3c:17:9c:2a:76:38:06:06:cd:ff:a8:73:4e:86:
8c:a6:6c:7f:77:73:9d:78:72:0f:b5:21:18:f8:4c:bc:37:bf:
28:2f:d2:03:88:15:12:9b:59:42:5e:3e:d0:cc:30:ec:c5:12:
90:bd:df:d4:b3:d6:b1:2b:5b:91:bc:46:22:b3:ac:e2:09:92:
72:36:55:44:10:00:45:58:44:02:27:2d:b9:18:5f:3c:c1:42:
77:60:fb:23:95:fe:4b:c4:ac:97:b0:8b:2b:03:f6:8c:4a:6c:
6e:e8:5c:8c:97:ef:03:0c:4e:df:84:e8:e2:68:4b:65:d0:51:
fe:ea:65:64:8d:72:db:92:a5:47:cd:e7:ae:2f:2b:ca:4b:27:
64:a7:d7:ff:9f:42:d1:4a:db:f7:a6:27:31:85:e8:6d:9f:dc:
3f:c3:1a:14
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUOGV0DaGkKcyRfCjaX8F47blDD5YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkQwQ0E3QkI3RUUxNDU5N0ExNzFGMUIxRTNFMzEyN0E3
OURGRkZEMDAeFw0yNDExMjgxNzU1MDBaFw0yNTExMjcxODAwMDBaMDMxMTAvBgNV
BAMTKEQ3RTRCRjU4MTE1MTZFMDlBMUE2REUxNDNGMDgzMzVCNUIwOEZBQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnreniwPZK60htBXttVz57lf78
nTmFA2OtBgZ6+qmJlOSCGXZtDRPrsTFT6zBCUnBblGZwAfGiJfiZ1leAZr9lCEW1
wETHuLmcmRxAt90bwFKkp7vxP95H0O+MSjwQanAO98MQ/zh5gQ1zMotcGqK2HDxo
m/rlTR9dZBQtfHdEvCdj0PXBVrigNlVdXyg6XG2pzeHECoQ7194n315Rye5b/mOz
tKB1dtr+jjdOE+ccWs+jIgPz+bm8w8fnrhWMveXhHet2OoVj8WlCLVZIgasfAzby
eJ0rQbzn4m5U6Vdtgm13v7DRvk9EPoEMY9jRGCUe+K22Lm+tBqEWn80PlvSlAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU1+S/WBFRbgmhpt4UPwgzW1sI+qEwHwYDVR0j
BBgwFoAUvQynu37hRZehcfGx4+MSennf/9AwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
ZDdhNzFiYy1mOTEwLTRiOGMtOWNmZi0wODU3ZDVmMmQzN2YvMC9CRDBDQTdCQjdF
RTE0NTk3QTE3MUYxQjFFM0UzMTI3QTc5REZGRkQwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkQwQ0E3QkI3RUUxNDU5N0ExNzFGMUIxRTNFMzEyN0E3OURG
RkZEMC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNkN2E3MWJjLWY5MTAtNGI4Yy05
Y2ZmLTA4NTdkNWYyZDM3Zi8wLzMxMzAzMzJlMzIzMDJlMzgzNTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzUzMDMyMzMzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGcUVTANBgkqhkiG
9w0BAQsFAAOCAQEAOweeS4MRDmlaM+5NK6Ks0JRyyklo/dxBpBFKNAfuM5vGobmH
wMBLIXmUXdoGEzEPMAznHOlLcTHaz3at5SVJbdKplwiY54rbjL7PZ58Ty/DK0d8d
10NAcjYiDdsHtDwXnCp2OAYGzf+oc06GjKZsf3dznXhyD7UhGPhMvDe/KC/SA4gV
EptZQl4+0Mww7MUSkL3f1LPWsStbkbxGIrOs4gmScjZVRBAARVhEAictuRhfPMFC
d2D7I5X+S8Ssl7CLKwP2jEpsbuhcjJfvAwxO34To4mhLZdBR/uplZI1y25KlR83n
ri8ryksnZKfX/59C0Urb96YnMYXobZ/cP8MaFA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:46:51 2025 by rpki-client