Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/41db3730-f499-449f-b6f2-7a5deb532b0c/0/3130332e32382e38302e302f32322d3232203d3e203435373233.roa
File: 3130332e32382e38302e302f32322d3232203d3e203435373233.roa (raw, json)
Hash identifier: zGHZkU5k291Inw51iFTMWdBZFLAUaohzkgU1ZQwxFDU=
Subject key identifier: 4C:FB:62:E3:DF:42:25:2A:8F:DE:D4:09:67:59:11:6B:A6:70:7C:0A
Certificate issuer: /CN=3F6E9BC5F16F1C3AB5FD636E7DE06FDD64892C25
Certificate serial: 5D98E504662522083D69AB18E33A0E77BCFECCF6
Authority key identifier: 3F:6E:9B:C5:F1:6F:1C:3A:B5:FD:63:6E:7D:E0:6F:DD:64:89:2C:25
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3F6E9BC5F16F1C3AB5FD636E7DE06FDD64892C25.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/41db3730-f499-449f-b6f2-7a5deb532b0c/0/3130332e32382e38302e302f32322d3232203d3e203435373233.roa
Signing time: Tue 28 Jan 2025 04:00:00 +0000
ROA not before: Tue 28 Jan 2025 03:55:00 +0000
ROA not after: Tue 27 Jan 2026 04:00:00 +0000
asID: 45723
IP address blocks: 103.28.80.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:98:e5:04:66:25:22:08:3d:69:ab:18:e3:3a:0e:77:bc:fe:cc:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3F6E9BC5F16F1C3AB5FD636E7DE06FDD64892C25
Validity
Not Before: Jan 28 03:55:00 2025 GMT
Not After : Jan 27 04:00:00 2026 GMT
Subject: CN=4CFB62E3DF42252A8FDED4096759116BA6707C0A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e4:3a:7a:b6:68:7b:26:70:52:3b:de:e1:e2:
2e:88:4a:2c:ba:7c:96:d5:eb:21:97:c1:7a:46:cc:
89:c5:dd:fb:48:db:3d:35:5f:fb:bf:f6:d0:12:7b:
2a:65:75:a3:7c:6d:bf:d8:d2:cf:89:1b:fa:e0:f6:
48:bf:b0:e5:ab:50:c5:0a:63:f1:4e:cb:36:53:ff:
37:9a:79:34:bf:c5:33:5d:ea:98:ef:80:07:f4:5d:
f2:46:31:f2:70:00:84:d3:a0:48:2f:d5:82:6f:ac:
ec:27:1b:49:fd:9e:18:ec:6b:1b:56:03:3b:51:83:
c4:b0:13:fb:75:4c:b7:08:f2:e5:23:59:8e:a7:10:
a0:89:e4:c4:28:6e:e3:0e:d6:64:c5:fd:6a:9b:8e:
ae:c0:20:ba:82:ac:5a:27:d3:01:23:21:1c:cb:d6:
e3:6b:eb:5c:c5:56:41:44:c3:33:73:8d:51:69:86:
37:9d:5d:00:7d:50:a1:7a:25:52:c2:72:07:a9:91:
9d:72:94:7d:05:34:8a:92:b2:72:5d:70:6c:9e:18:
85:80:18:8f:10:90:91:7a:66:d1:cd:53:e6:ac:9a:
a9:11:fa:60:a1:9b:fa:a9:94:12:b4:ff:01:25:a5:
39:46:62:7b:b9:bc:bd:b3:b2:6f:fe:c5:03:1e:c9:
63:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:FB:62:E3:DF:42:25:2A:8F:DE:D4:09:67:59:11:6B:A6:70:7C:0A
X509v3 Authority Key Identifier:
keyid:3F:6E:9B:C5:F1:6F:1C:3A:B5:FD:63:6E:7D:E0:6F:DD:64:89:2C:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/41db3730-f499-449f-b6f2-7a5deb532b0c/0/3F6E9BC5F16F1C3AB5FD636E7DE06FDD64892C25.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3F6E9BC5F16F1C3AB5FD636E7DE06FDD64892C25.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/41db3730-f499-449f-b6f2-7a5deb532b0c/0/3130332e32382e38302e302f32322d3232203d3e203435373233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.28.80.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:9e:62:3d:a6:d8:0f:d7:0d:b3:3a:d3:2d:9d:51:3f:c3:d1:
63:f8:f7:ea:3c:eb:fe:fa:f4:42:ff:22:c0:9e:ff:fe:b7:7d:
ab:34:94:9d:a4:56:49:4e:71:3e:62:4c:8c:d8:51:5f:42:33:
53:60:f8:1b:92:a3:e0:16:c0:0f:ca:dc:65:78:57:26:38:2e:
9f:e4:8d:2f:52:71:c7:35:06:ea:ef:ef:11:6f:aa:37:df:c9:
87:c6:68:30:71:ad:89:64:7d:77:5a:29:bd:f1:11:04:82:10:
6e:92:ef:fd:b7:dc:d3:a2:8c:46:0b:e0:93:51:04:e3:83:c3:
1e:f6:03:5d:c8:50:a6:6d:d7:7f:a9:ec:69:db:0f:6b:5e:1c:
4e:73:15:ab:cd:48:87:b1:b6:5f:6e:ed:b0:a6:25:f0:71:96:
6e:ee:b9:46:c0:41:0f:59:0e:2b:28:47:c9:b5:e2:28:e5:ef:
fd:e4:61:b3:2f:87:79:75:17:82:26:76:9e:d6:1c:40:0a:9d:
82:cb:ad:02:71:87:ae:ff:5b:33:4b:45:57:3b:f5:f4:e2:2f:
b9:55:40:89:ac:e7:a0:0c:b0:d3:e8:55:48:b6:58:86:b6:9e:
78:de:74:88:26:a6:48:cf:fb:27:0c:fc:08:a4:68:47:a0:6a:
1a:cd:54:13
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUXZjlBGYlIgg9aasY4zoOd7z+zPYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0Y2RTlCQzVGMTZGMUMzQUI1RkQ2MzZFN0RFMDZGREQ2
NDg5MkMyNTAeFw0yNTAxMjgwMzU1MDBaFw0yNjAxMjcwNDAwMDBaMDMxMTAvBgNV
BAMTKDRDRkI2MkUzREY0MjI1MkE4RkRFRDQwOTY3NTkxMTZCQTY3MDdDMEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI5Dp6tmh7JnBSO97h4i6ISiy6
fJbV6yGXwXpGzInF3ftI2z01X/u/9tASeypldaN8bb/Y0s+JG/rg9ki/sOWrUMUK
Y/FOyzZT/zeaeTS/xTNd6pjvgAf0XfJGMfJwAITToEgv1YJvrOwnG0n9nhjsaxtW
AztRg8SwE/t1TLcI8uUjWY6nEKCJ5MQobuMO1mTF/Wqbjq7AILqCrFon0wEjIRzL
1uNr61zFVkFEwzNzjVFphjedXQB9UKF6JVLCcgepkZ1ylH0FNIqSsnJdcGyeGIWA
GI8QkJF6ZtHNU+asmqkR+mChm/qplBK0/wElpTlGYnu5vL2zsm/+xQMeyWOLAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUTPti499CJSqP3tQJZ1kRa6ZwfAowHwYDVR0j
BBgwFoAUP26bxfFvHDq1/WNufeBv3WSJLCUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
MWRiMzczMC1mNDk5LTQ0OWYtYjZmMi03YTVkZWI1MzJiMGMvMC8zRjZFOUJDNUYx
NkYxQzNBQjVGRDYzNkU3REUwNkZERDY0ODkyQzI1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvM0Y2RTlCQzVGMTZGMUMzQUI1RkQ2MzZFN0RFMDZGREQ2NDg5
MkMyNS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQxZGIzNzMwLWY0OTktNDQ5Zi1i
NmYyLTdhNWRlYjUzMmIwYy8wLzMxMzAzMzJlMzIzODJlMzgzMDJlMzAyZjMyMzIy
ZDMyMzIyMDNkM2UyMDM0MzUzNzMyMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJnHFAwDQYJKoZIhvcN
AQELBQADggEBAKOeYj2m2A/XDbM60y2dUT/D0WP49+o86/769EL/IsCe//63fas0
lJ2kVklOcT5iTIzYUV9CM1Ng+BuSo+AWwA/K3GV4VyY4Lp/kjS9Sccc1Burv7xFv
qjffyYfGaDBxrYlkfXdaKb3xEQSCEG6S7/233NOijEYL4JNRBOODwx72A13IUKZt
13+p7GnbD2teHE5zFavNSIextl9u7bCmJfBxlm7uuUbAQQ9ZDisoR8m14ijl7/3k
YbMvh3l1F4Imdp7WHEAKnYLLrQJxh67/WzNLRVc79fTiL7lVQIms56AMsNPoVUi2
WIa2nnjedIgmpkjP+ycM/AikaEegahrNVBM=
-----END CERTIFICATE-----
Generated at Mon Apr 7 06:59:16 2025 by rpki-client