Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/41db3730-f499-449f-b6f2-7a5deb532b0c/0/3130332e32382e38332e302f32342d3234203d3e203435373233.roa
File: 3130332e32382e38332e302f32342d3234203d3e203435373233.roa (raw, json)
Hash identifier: vkTrRrCDHhU76EnONL3nxnhmmXwfDkffjUohD8cWjx8=
Subject key identifier: A8:CE:35:78:74:BF:E8:0C:32:BF:2E:E3:ED:85:53:AC:EE:48:E2:9B
Certificate issuer: /CN=3F6E9BC5F16F1C3AB5FD636E7DE06FDD64892C25
Certificate serial: 3FAF4F0F0109176C436F0DD601B9ADCE78783CB8
Authority key identifier: 3F:6E:9B:C5:F1:6F:1C:3A:B5:FD:63:6E:7D:E0:6F:DD:64:89:2C:25
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3F6E9BC5F16F1C3AB5FD636E7DE06FDD64892C25.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/41db3730-f499-449f-b6f2-7a5deb532b0c/0/3130332e32382e38332e302f32342d3234203d3e203435373233.roa
Signing time: Tue 28 Jan 2025 04:00:00 +0000
ROA not before: Tue 28 Jan 2025 03:55:00 +0000
ROA not after: Tue 27 Jan 2026 04:00:00 +0000
asID: 45723
IP address blocks: 103.28.83.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:af:4f:0f:01:09:17:6c:43:6f:0d:d6:01:b9:ad:ce:78:78:3c:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3F6E9BC5F16F1C3AB5FD636E7DE06FDD64892C25
Validity
Not Before: Jan 28 03:55:00 2025 GMT
Not After : Jan 27 04:00:00 2026 GMT
Subject: CN=A8CE357874BFE80C32BF2EE3ED8553ACEE48E29B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a6:fd:79:0b:d6:cb:94:13:57:97:f7:46:d6:
10:d6:9c:98:61:a1:ef:3d:6b:38:3d:47:8d:65:a8:
38:85:c1:8d:75:b5:14:72:c8:fd:14:c5:38:ee:7e:
d5:cd:fa:7b:0c:0a:f4:66:62:e4:a3:71:2a:20:f5:
63:43:79:07:ef:22:7b:ba:fe:67:90:8e:33:eb:66:
fa:3c:ed:c6:57:74:51:28:28:89:d2:99:bb:3d:ee:
67:44:95:fd:3f:ca:8a:06:12:ae:f5:a4:b7:b8:93:
99:55:c1:8b:4c:52:d3:e1:96:db:04:ce:45:a2:cb:
78:3d:4f:c8:98:b0:79:91:68:7b:d9:9b:3a:26:e8:
30:88:d9:cc:40:ba:ed:46:01:08:32:6e:bd:9b:b5:
f6:d7:de:c0:c7:ab:ed:f7:94:60:cd:c8:19:6d:84:
a7:4e:19:bf:76:32:c5:a3:ab:75:de:86:2b:4a:31:
08:f5:e6:da:ad:b1:98:c7:17:d1:36:67:b0:8c:e1:
5c:78:0e:8d:57:e6:b1:1f:81:43:e9:00:10:b8:24:
7c:e4:73:6d:2d:b8:ad:af:94:4f:07:42:16:91:b4:
8c:53:27:7b:4b:b0:de:d9:fe:12:72:b5:f0:4a:e0:
38:a8:07:d7:e8:8d:76:9b:28:3a:b4:eb:d1:c8:fc:
24:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:CE:35:78:74:BF:E8:0C:32:BF:2E:E3:ED:85:53:AC:EE:48:E2:9B
X509v3 Authority Key Identifier:
keyid:3F:6E:9B:C5:F1:6F:1C:3A:B5:FD:63:6E:7D:E0:6F:DD:64:89:2C:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/41db3730-f499-449f-b6f2-7a5deb532b0c/0/3F6E9BC5F16F1C3AB5FD636E7DE06FDD64892C25.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3F6E9BC5F16F1C3AB5FD636E7DE06FDD64892C25.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/41db3730-f499-449f-b6f2-7a5deb532b0c/0/3130332e32382e38332e302f32342d3234203d3e203435373233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.28.83.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:64:0b:e2:e4:ad:01:60:72:d8:27:6d:5d:dc:3a:05:76:f2:
00:82:4a:84:5e:e8:be:7b:72:ac:6a:51:03:b7:0d:5e:7f:f5:
6b:a4:e7:00:82:10:fb:ab:a9:fd:e5:cf:1f:2e:82:25:f1:e2:
56:df:46:c9:22:2c:bd:09:e2:cc:e5:5e:4a:3a:84:63:2a:9f:
13:a7:e4:83:a2:16:db:90:e4:8e:bf:75:fe:d8:a9:24:c0:1d:
56:38:f6:72:a7:06:d8:76:1e:42:10:0f:c1:91:e5:52:69:f7:
62:c7:00:da:1d:8d:38:8d:d6:85:e0:f2:93:6b:8a:d8:f3:78:
a6:ec:a3:6d:f3:92:69:b0:d5:60:0d:1d:9a:32:68:64:43:ad:
7c:06:f2:87:af:2e:86:67:71:c1:c7:9f:96:88:3b:7f:da:0a:
00:e0:b5:f6:f4:e5:a1:9a:bf:ed:93:77:4e:72:0f:63:4e:a9:
42:32:f9:96:f1:7b:0c:ce:96:60:6c:23:9d:1e:d7:5a:7e:90:
87:e7:bb:58:7d:5b:f1:7f:da:31:c2:bc:5e:83:33:78:bb:a8:
b1:d5:39:5b:20:c3:17:4c:c8:26:73:b4:9a:75:f0:f6:0d:f1:
1e:30:60:9d:da:41:ad:47:f5:0f:18:5b:87:39:cf:dd:2a:7a:
67:f6:32:dc
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUP69PDwEJF2xDbw3WAbmtznh4PLgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0Y2RTlCQzVGMTZGMUMzQUI1RkQ2MzZFN0RFMDZGREQ2
NDg5MkMyNTAeFw0yNTAxMjgwMzU1MDBaFw0yNjAxMjcwNDAwMDBaMDMxMTAvBgNV
BAMTKEE4Q0UzNTc4NzRCRkU4MEMzMkJGMkVFM0VEODU1M0FDRUU0OEUyOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSpv15C9bLlBNXl/dG1hDWnJhh
oe89azg9R41lqDiFwY11tRRyyP0UxTjuftXN+nsMCvRmYuSjcSog9WNDeQfvInu6
/meQjjPrZvo87cZXdFEoKInSmbs97mdElf0/yooGEq71pLe4k5lVwYtMUtPhltsE
zkWiy3g9T8iYsHmRaHvZmzom6DCI2cxAuu1GAQgybr2btfbX3sDHq+33lGDNyBlt
hKdOGb92MsWjq3XehitKMQj15tqtsZjHF9E2Z7CM4Vx4Do1X5rEfgUPpABC4JHzk
c20tuK2vlE8HQhaRtIxTJ3tLsN7Z/hJytfBK4DioB9fojXabKDq069HI/CTTAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUqM41eHS/6Awyvy7j7YVTrO5I4pswHwYDVR0j
BBgwFoAUP26bxfFvHDq1/WNufeBv3WSJLCUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
MWRiMzczMC1mNDk5LTQ0OWYtYjZmMi03YTVkZWI1MzJiMGMvMC8zRjZFOUJDNUYx
NkYxQzNBQjVGRDYzNkU3REUwNkZERDY0ODkyQzI1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvM0Y2RTlCQzVGMTZGMUMzQUI1RkQ2MzZFN0RFMDZGREQ2NDg5
MkMyNS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQxZGIzNzMwLWY0OTktNDQ5Zi1i
NmYyLTdhNWRlYjUzMmIwYy8wLzMxMzAzMzJlMzIzODJlMzgzMzJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDM0MzUzNzMyMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnHFMwDQYJKoZIhvcN
AQELBQADggEBALNkC+LkrQFgctgnbV3cOgV28gCCSoRe6L57cqxqUQO3DV5/9Wuk
5wCCEPurqf3lzx8ugiXx4lbfRskiLL0J4szlXko6hGMqnxOn5IOiFtuQ5I6/df7Y
qSTAHVY49nKnBth2HkIQD8GR5VJp92LHANodjTiN1oXg8pNritjzeKbso23zkmmw
1WANHZoyaGRDrXwG8oevLoZnccHHn5aIO3/aCgDgtfb05aGav+2Td05yD2NOqUIy
+ZbxewzOlmBsI50e11p+kIfnu1h9W/F/2jHCvF6DM3i7qLHVOVsgwxdMyCZztJp1
8PYN8R4wYJ3aQa1H9Q8YW4c5z90qemf2Mtw=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:25:40 2025 by rpki-client