Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4732f191-e380-4013-bce5-4215a493a71d/0/3130332e3130302e38352e302f32342d3234203d3e20313336383336.roa
File: 3130332e3130302e38352e302f32342d3234203d3e20313336383336.roa (raw, json)
Hash identifier: jeEsDMd/+EovuK4uL5Q5qgB89wPIiu04eYRInb+Xh5s=
Subject key identifier: BD:EA:C7:7A:71:B6:DF:53:DB:1A:C7:0A:3C:66:7C:A5:47:B3:88:67
Certificate issuer: /CN=585D79944E315672D413B937BFC042F7C0AAB990
Certificate serial: 59CC37A2EB21A67B6B6A90A1070A48B35987BFD3
Authority key identifier: 58:5D:79:94:4E:31:56:72:D4:13:B9:37:BF:C0:42:F7:C0:AA:B9:90
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/585D79944E315672D413B937BFC042F7C0AAB990.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4732f191-e380-4013-bce5-4215a493a71d/0/3130332e3130302e38352e302f32342d3234203d3e20313336383336.roa
Signing time: Tue 07 Jan 2025 05:04:02 +0000
ROA not before: Tue 07 Jan 2025 04:59:02 +0000
ROA not after: Tue 06 Jan 2026 05:04:02 +0000
asID: 136836
IP address blocks: 103.100.85.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:cc:37:a2:eb:21:a6:7b:6b:6a:90:a1:07:0a:48:b3:59:87:bf:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=585D79944E315672D413B937BFC042F7C0AAB990
Validity
Not Before: Jan 7 04:59:02 2025 GMT
Not After : Jan 6 05:04:02 2026 GMT
Subject: CN=BDEAC77A71B6DF53DB1AC70A3C667CA547B38867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3f:ff:81:80:1a:c6:73:c8:79:1f:48:24:2c:
c9:e4:8c:9b:21:5b:49:51:f4:b6:9d:3d:e8:2e:37:
f6:3b:0e:2d:6d:92:72:eb:9a:00:9a:2d:3b:dc:eb:
a6:c4:96:8a:71:56:bb:e0:b9:bc:85:0e:83:35:a0:
5c:da:bd:2b:ab:4f:88:d8:42:a1:93:3e:54:87:c4:
fd:c9:66:52:3b:e4:c7:e1:e0:6b:ea:c9:71:d2:96:
29:cf:06:ad:cd:6b:c4:a6:37:11:ea:f5:fc:1d:8d:
7c:37:08:a0:9e:1c:af:f6:ba:2e:e7:e7:c6:3d:fe:
16:72:ae:6d:f0:6e:cd:24:f0:df:2f:b3:d5:2b:ef:
2f:e6:dc:ef:03:c8:9e:7a:fa:05:2b:fe:0d:c4:4f:
32:53:37:b1:8f:eb:b7:84:ba:73:22:36:92:8f:87:
a2:27:e1:d5:b2:67:8f:03:5d:8f:05:d7:b6:29:20:
b9:41:d4:21:9c:bb:6f:3d:17:22:23:a4:53:8c:00:
28:ab:91:f9:af:c4:78:d5:a7:5e:2a:52:b1:cf:01:
d9:79:c6:c8:e2:1e:a8:48:ed:04:e9:43:37:f4:0c:
b2:e9:ce:dc:5b:38:75:bf:f2:1b:9b:eb:9d:70:99:
0b:ce:1b:62:b5:40:ad:06:0a:a8:59:6c:a3:4e:30:
82:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:EA:C7:7A:71:B6:DF:53:DB:1A:C7:0A:3C:66:7C:A5:47:B3:88:67
X509v3 Authority Key Identifier:
keyid:58:5D:79:94:4E:31:56:72:D4:13:B9:37:BF:C0:42:F7:C0:AA:B9:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4732f191-e380-4013-bce5-4215a493a71d/0/585D79944E315672D413B937BFC042F7C0AAB990.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/585D79944E315672D413B937BFC042F7C0AAB990.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4732f191-e380-4013-bce5-4215a493a71d/0/3130332e3130302e38352e302f32342d3234203d3e20313336383336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.100.85.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:22:c7:5d:77:ca:7c:5e:bf:cd:35:f4:db:da:0e:55:b2:75:
af:5b:e5:48:33:20:68:21:92:0e:d6:da:c2:1a:a1:17:5f:38:
8a:73:da:13:fa:00:bb:31:7f:e3:43:82:76:0f:61:7d:61:3d:
6f:7c:a4:d6:c8:57:78:59:71:d1:5c:9e:02:eb:8b:78:6f:96:
f5:9a:85:14:91:22:de:c1:4c:9c:38:5a:06:51:e2:34:8d:ac:
18:59:d1:2f:13:9a:21:fc:67:81:54:9e:f8:46:b2:79:80:50:
e6:dc:6c:7d:90:20:73:2e:b1:97:1e:27:5e:62:45:0a:62:13:
9b:39:48:86:a0:a2:e9:ba:fc:6a:1b:44:13:ae:81:ef:68:0e:
6e:ac:a9:20:0a:e2:8b:b2:f8:b0:5f:11:57:1a:90:ca:23:b8:
a3:78:c0:2a:04:15:4b:49:d6:5e:de:58:11:f9:f7:e8:e6:a7:
b5:25:e3:6a:7a:e6:9f:40:a6:d1:6b:0d:1e:94:46:31:34:d7:
a4:85:23:94:d0:37:8e:08:71:8e:c9:0e:ac:e0:58:98:4e:d7:
fa:26:10:52:bf:11:b2:1e:aa:62:7e:a7:25:c1:2e:2d:5b:2c:
96:f8:4b:4f:0c:07:8f:ff:a9:c0:a4:84:e4:3b:6f:5f:4b:1b:
72:e5:18:bf
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUWcw3oushpntrapChBwpIs1mHv9MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTg1RDc5OTQ0RTMxNTY3MkQ0MTNCOTM3QkZDMDQyRjdD
MEFBQjk5MDAeFw0yNTAxMDcwNDU5MDJaFw0yNjAxMDYwNTA0MDJaMDMxMTAvBgNV
BAMTKEJERUFDNzdBNzFCNkRGNTNEQjFBQzcwQTNDNjY3Q0E1NDdCMzg4NjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNP/+BgBrGc8h5H0gkLMnkjJsh
W0lR9LadPeguN/Y7Di1tknLrmgCaLTvc66bElopxVrvgubyFDoM1oFzavSurT4jY
QqGTPlSHxP3JZlI75Mfh4GvqyXHSlinPBq3Na8SmNxHq9fwdjXw3CKCeHK/2ui7n
58Y9/hZyrm3wbs0k8N8vs9Ur7y/m3O8DyJ56+gUr/g3ETzJTN7GP67eEunMiNpKP
h6In4dWyZ48DXY8F17YpILlB1CGcu289FyIjpFOMACirkfmvxHjVp14qUrHPAdl5
xsjiHqhI7QTpQzf0DLLpztxbOHW/8hub651wmQvOG2K1QK0GCqhZbKNOMIJXAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUverHenG231PbGscKPGZ8pUeziGcwHwYDVR0j
BBgwFoAUWF15lE4xVnLUE7k3v8BC98CquZAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
NzMyZjE5MS1lMzgwLTQwMTMtYmNlNS00MjE1YTQ5M2E3MWQvMC81ODVENzk5NDRF
MzE1NjcyRDQxM0I5MzdCRkMwNDJGN0MwQUFCOTkwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNTg1RDc5OTQ0RTMxNTY3MkQ0MTNCOTM3QkZDMDQyRjdDMEFB
Qjk5MC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ3MzJmMTkxLWUzODAtNDAxMy1i
Y2U1LTQyMTVhNDkzYTcxZC8wLzMxMzAzMzJlMzEzMDMwMmUzODM1MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzM2MzgzMzM2LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ2RVMA0GCSqG
SIb3DQEBCwUAA4IBAQCMIsddd8p8Xr/NNfTb2g5VsnWvW+VIMyBoIZIO1trCGqEX
XziKc9oT+gC7MX/jQ4J2D2F9YT1vfKTWyFd4WXHRXJ4C64t4b5b1moUUkSLewUyc
OFoGUeI0jawYWdEvE5oh/GeBVJ74RrJ5gFDm3Gx9kCBzLrGXHideYkUKYhObOUiG
oKLpuvxqG0QTroHvaA5urKkgCuKLsviwXxFXGpDKI7ijeMAqBBVLSdZe3lgR+ffo
5qe1JeNqeuafQKbRaw0elEYxNNekhSOU0DeOCHGOyQ6s4FiYTtf6JhBSvxGyHqpi
fqclwS4tWyyW+EtPDAeP/6nApITkO29fSxty5Ri/
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:18:17 2025 by rpki-client