Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4e98b3bd-284d-4a7d-9f27-cb587e9dd841/0/3130332e38332e3131372e302f32342d3234203d3e20313336303634.roa
File: 3130332e38332e3131372e302f32342d3234203d3e20313336303634.roa (raw, json)
Hash identifier: NpakJrPB/wc7qdqjNhAbEhaZgiQnrQQiG5gQ5GEaMnQ=
Subject key identifier: 6C:F4:C2:A4:CA:81:B6:87:46:74:EE:36:A9:9A:7C:A8:FC:28:AE:63
Certificate issuer: /CN=38F85F0AA81AE33827BDF573D6A712452180A036
Certificate serial: 70D46B5C92E11CCC8C0625EA3AFC3C197EB3931E
Authority key identifier: 38:F8:5F:0A:A8:1A:E3:38:27:BD:F5:73:D6:A7:12:45:21:80:A0:36
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/38F85F0AA81AE33827BDF573D6A712452180A036.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4e98b3bd-284d-4a7d-9f27-cb587e9dd841/0/3130332e38332e3131372e302f32342d3234203d3e20313336303634.roa
Signing time: Wed 27 Nov 2024 12:00:01 +0000
ROA not before: Wed 27 Nov 2024 11:55:01 +0000
ROA not after: Wed 26 Nov 2025 12:00:01 +0000
asID: 136064
IP address blocks: 103.83.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/4e98b3bd-284d-4a7d-9f27-cb587e9dd841/0/38F85F0AA81AE33827BDF573D6A712452180A036.crl
rsync://repo-rpki.idnic.net/repo/4e98b3bd-284d-4a7d-9f27-cb587e9dd841/0/38F85F0AA81AE33827BDF573D6A712452180A036.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/38F85F0AA81AE33827BDF573D6A712452180A036.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 07:35:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:d4:6b:5c:92:e1:1c:cc:8c:06:25:ea:3a:fc:3c:19:7e:b3:93:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38F85F0AA81AE33827BDF573D6A712452180A036
Validity
Not Before: Nov 27 11:55:01 2024 GMT
Not After : Nov 26 12:00:01 2025 GMT
Subject: CN=6CF4C2A4CA81B6874674EE36A99A7CA8FC28AE63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:64:96:e5:35:6e:e3:55:52:a0:56:06:58:9b:
6e:86:e4:dc:1f:f6:10:bc:34:55:0d:01:f9:51:b9:
e3:23:00:28:01:78:42:52:be:fe:6f:28:7f:19:5f:
56:9b:43:b2:62:ad:57:c2:2c:66:a7:a4:d9:9e:01:
59:51:60:ad:ac:e6:45:37:00:e5:ec:25:ad:df:d0:
28:32:48:ec:14:18:42:8a:f5:36:ce:f8:5e:f1:eb:
38:44:f7:8f:20:2c:6a:fe:db:34:c2:e6:6e:d5:47:
a3:74:f9:9c:ce:56:42:85:fc:9e:40:f6:66:e1:c8:
0e:30:34:61:8f:90:f8:36:b4:3b:fe:4f:9f:7b:6e:
0e:db:22:4a:67:e0:f9:aa:ad:48:cd:3d:87:66:98:
a3:31:87:ec:b3:bd:ac:ec:d1:62:ae:d8:68:f9:bf:
8b:4b:2f:cb:4c:2f:14:db:2a:79:17:3f:25:72:bd:
21:55:04:68:bd:e8:f2:da:43:6f:c3:fb:03:88:41:
de:ba:3b:4a:e5:30:12:0c:5f:1e:bd:01:cb:82:af:
0a:e9:63:cd:31:8f:db:e8:02:8d:a4:d8:5a:4b:c8:
e0:77:0b:36:d2:3c:d5:cb:da:de:1b:e8:30:b9:22:
cb:33:15:75:b3:51:2a:72:59:b2:8e:15:49:cc:8b:
68:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F4:C2:A4:CA:81:B6:87:46:74:EE:36:A9:9A:7C:A8:FC:28:AE:63
X509v3 Authority Key Identifier:
keyid:38:F8:5F:0A:A8:1A:E3:38:27:BD:F5:73:D6:A7:12:45:21:80:A0:36
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4e98b3bd-284d-4a7d-9f27-cb587e9dd841/0/38F85F0AA81AE33827BDF573D6A712452180A036.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/38F85F0AA81AE33827BDF573D6A712452180A036.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4e98b3bd-284d-4a7d-9f27-cb587e9dd841/0/3130332e38332e3131372e302f32342d3234203d3e20313336303634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.83.117.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:95:0e:b2:fa:0e:9f:f6:5f:3b:c0:79:56:95:e3:1d:1f:7c:
25:81:df:42:57:96:6c:96:d8:5f:86:fd:c9:e8:13:10:4b:a9:
31:bb:29:ed:dd:1e:8a:50:96:4b:12:a4:21:59:1c:a2:be:88:
a2:79:50:98:8d:6e:9a:73:57:2d:65:52:19:df:45:de:50:b4:
f4:aa:8e:5e:3f:57:86:e6:7c:86:66:8d:bf:59:51:d5:aa:98:
ee:08:6f:e8:09:54:0e:68:5e:0c:a8:09:7e:c1:ee:96:2e:43:
58:76:e7:06:6c:1a:5a:98:b6:8c:cf:ab:9a:e9:70:b3:1c:84:
a9:28:34:ff:fd:08:72:8e:91:f3:62:a3:57:28:d7:bd:a2:9f:
4f:8b:b8:f8:88:51:e4:f9:c5:0e:01:9e:03:45:0f:b4:7f:47:
3e:28:2e:88:61:7c:2d:a7:df:f7:80:60:73:85:0b:ad:bf:00:
a9:0d:96:2a:05:44:46:a1:dd:36:30:6d:21:60:7c:40:a8:af:
86:f2:de:89:a4:26:f6:7b:20:e8:36:9d:f5:ed:f6:71:81:54:
07:7c:bd:af:95:e7:3a:ee:d5:07:a3:28:36:b3:b4:66:07:e8:
32:e6:bc:09:18:a2:c2:95:83:59:73:e1:94:a4:70:e5:47:19:
69:18:35:e1
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUcNRrXJLhHMyMBiXqOvw8GX6zkx4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzhGODVGMEFBODFBRTMzODI3QkRGNTczRDZBNzEyNDUy
MTgwQTAzNjAeFw0yNDExMjcxMTU1MDFaFw0yNTExMjYxMjAwMDFaMDMxMTAvBgNV
BAMTKDZDRjRDMkE0Q0E4MUI2ODc0Njc0RUUzNkE5OUE3Q0E4RkMyOEFFNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXZJblNW7jVVKgVgZYm26G5Nwf
9hC8NFUNAflRueMjACgBeEJSvv5vKH8ZX1abQ7JirVfCLGanpNmeAVlRYK2s5kU3
AOXsJa3f0CgySOwUGEKK9TbO+F7x6zhE948gLGr+2zTC5m7VR6N0+ZzOVkKF/J5A
9mbhyA4wNGGPkPg2tDv+T597bg7bIkpn4PmqrUjNPYdmmKMxh+yzvazs0WKu2Gj5
v4tLL8tMLxTbKnkXPyVyvSFVBGi96PLaQ2/D+wOIQd66O0rlMBIMXx69AcuCrwrp
Y80xj9voAo2k2FpLyOB3CzbSPNXL2t4b6DC5IsszFXWzUSpyWbKOFUnMi2ibAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUbPTCpMqBtodGdO42qZp8qPwormMwHwYDVR0j
BBgwFoAUOPhfCqga4zgnvfVz1qcSRSGAoDYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
ZTk4YjNiZC0yODRkLTRhN2QtOWYyNy1jYjU4N2U5ZGQ4NDEvMC8zOEY4NUYwQUE4
MUFFMzM4MjdCREY1NzNENkE3MTI0NTIxODBBMDM2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMzhGODVGMEFBODFBRTMzODI3QkRGNTczRDZBNzEyNDUyMTgw
QTAzNi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRlOThiM2JkLTI4NGQtNGE3ZC05
ZjI3LWNiNTg3ZTlkZDg0MS8wLzMxMzAzMzJlMzgzMzJlMzEzMTM3MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzM2MzAzNjM0LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ1N1MA0GCSqG
SIb3DQEBCwUAA4IBAQAqlQ6y+g6f9l87wHlWleMdH3wlgd9CV5Zslthfhv3J6BMQ
S6kxuynt3R6KUJZLEqQhWRyivoiieVCYjW6ac1ctZVIZ30XeULT0qo5eP1eG5nyG
Zo2/WVHVqpjuCG/oCVQOaF4MqAl+we6WLkNYducGbBpamLaMz6ua6XCzHISpKDT/
/QhyjpHzYqNXKNe9op9Pi7j4iFHk+cUOAZ4DRQ+0f0c+KC6IYXwtp9/3gGBzhQut
vwCpDZYqBURGod02MG0hYHxAqK+G8t6JpCb2eyDoNp317fZxgVQHfL2vlec67tUH
oyg2s7RmB+gy5rwJGKLClYNZc+GUpHDlRxlpGDXh
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:31:41 2025 by rpki-client