Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/54f1372c-43a6-4fda-b50e-d01eb42c689f/0/3130332e3137332e3134322e302f32332d3233203d3e20313437303930.roa
File: 3130332e3137332e3134322e302f32332d3233203d3e20313437303930.roa (raw, json)
Hash identifier: Tu/lmXG1SR10FA6Mlg+q8BJ0wAM8BZdiNc8TMtD2S9s=
Subject key identifier: 4E:B8:C3:6C:75:AE:E8:75:5E:93:71:66:AF:B0:61:D8:F8:4E:3C:EF
Certificate issuer: /CN=4515472806DD01B59715410103D51C05E4F28B96
Certificate serial: 0C147A6BDCCEA4587711B16F9745B7C9DE164285
Authority key identifier: 45:15:47:28:06:DD:01:B5:97:15:41:01:03:D5:1C:05:E4:F2:8B:96
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4515472806DD01B59715410103D51C05E4F28B96.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/54f1372c-43a6-4fda-b50e-d01eb42c689f/0/3130332e3137332e3134322e302f32332d3233203d3e20313437303930.roa
Signing time: Thu 23 Jan 2025 02:00:00 +0000
ROA not before: Thu 23 Jan 2025 01:55:00 +0000
ROA not after: Thu 22 Jan 2026 02:00:00 +0000
asID: 147090
IP address blocks: 103.173.142.0/23 maxlen: 23
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/54f1372c-43a6-4fda-b50e-d01eb42c689f/0/4515472806DD01B59715410103D51C05E4F28B96.crl
rsync://repo-rpki.idnic.net/repo/54f1372c-43a6-4fda-b50e-d01eb42c689f/0/4515472806DD01B59715410103D51C05E4F28B96.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4515472806DD01B59715410103D51C05E4F28B96.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 10 Apr 2025 18:25:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:14:7a:6b:dc:ce:a4:58:77:11:b1:6f:97:45:b7:c9:de:16:42:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4515472806DD01B59715410103D51C05E4F28B96
Validity
Not Before: Jan 23 01:55:00 2025 GMT
Not After : Jan 22 02:00:00 2026 GMT
Subject: CN=4EB8C36C75AEE8755E937166AFB061D8F84E3CEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:85:d3:72:1a:c7:ff:4f:17:5d:09:17:6c:48:
53:ed:58:23:66:ab:a9:a5:33:78:31:16:02:eb:81:
dd:d3:e8:b5:25:67:2d:2f:c2:8a:91:9c:01:b3:2d:
f6:e4:7f:8b:e3:24:94:64:f7:06:50:11:e8:84:41:
33:7f:a5:8f:8a:75:c3:be:2a:98:0d:2a:b0:4c:06:
15:84:7c:e8:83:52:30:36:74:5b:8c:ae:5d:0c:39:
6b:8a:52:e2:bd:4f:60:75:bd:79:58:9f:63:f3:bb:
d4:3a:e3:71:1c:ed:a6:1b:d1:aa:f3:ea:c0:65:86:
32:29:1f:ec:e2:c4:50:53:d4:c0:cb:9a:04:1e:00:
8b:73:05:aa:39:91:3c:dd:14:f2:f2:e0:33:b6:ab:
0e:e8:b9:13:89:af:97:c1:e0:87:3c:58:6e:c1:56:
09:8e:33:b8:26:7e:b6:8f:77:b2:a6:be:cc:98:6e:
cf:38:4e:c6:dd:f7:e4:49:bf:72:bb:5b:51:fd:d0:
6f:27:d0:82:a2:27:1e:0b:52:21:0c:d2:e5:05:24:
48:6a:d0:29:35:0a:2a:57:3e:4e:e6:f6:91:a0:b7:
2a:f4:6a:0a:6a:9a:5c:6a:ec:cc:05:1a:1e:e8:4c:
43:4e:92:a6:c3:16:ff:d0:4d:45:9d:7d:a6:8d:27:
c6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:B8:C3:6C:75:AE:E8:75:5E:93:71:66:AF:B0:61:D8:F8:4E:3C:EF
X509v3 Authority Key Identifier:
keyid:45:15:47:28:06:DD:01:B5:97:15:41:01:03:D5:1C:05:E4:F2:8B:96
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/54f1372c-43a6-4fda-b50e-d01eb42c689f/0/4515472806DD01B59715410103D51C05E4F28B96.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4515472806DD01B59715410103D51C05E4F28B96.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/54f1372c-43a6-4fda-b50e-d01eb42c689f/0/3130332e3137332e3134322e302f32332d3233203d3e20313437303930.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.173.142.0/23
Signature Algorithm: sha256WithRSAEncryption
18:c9:28:34:09:2a:38:4b:ce:86:ce:07:24:b6:10:6c:c3:27:
9c:29:a9:aa:dc:aa:47:7c:d6:16:11:c2:11:0c:97:5b:cf:55:
24:54:27:bf:89:aa:ae:8a:65:9a:5b:7c:ed:a6:f9:b4:73:cf:
23:11:7a:29:26:ed:66:06:09:d6:77:e1:8c:80:bb:3b:45:53:
0f:7f:1a:1c:fc:92:5c:09:39:89:c0:61:4c:e4:ad:4c:d3:b7:
40:a3:ee:d6:8d:2b:9f:4f:2c:98:82:db:e3:8a:22:1d:73:0b:
93:04:e7:84:fe:96:62:56:1e:d4:d0:06:4f:2a:57:64:cc:6e:
f1:db:b5:4b:31:58:ff:18:b1:2c:73:72:40:3e:cc:4b:54:0c:
7f:ca:fd:be:df:3a:e2:e1:47:6d:90:d4:d3:04:57:cd:26:fb:
dd:bb:3d:d9:4a:eb:b6:6a:c7:ee:52:58:2f:96:0f:63:62:25:
47:ef:83:43:35:08:aa:98:cb:70:e9:a0:1b:c6:9a:f8:db:0f:
4c:1c:75:0a:f9:9e:64:4a:c2:e1:84:ec:f7:55:eb:99:75:96:
c4:f5:4b:08:a7:8f:fa:b2:7f:66:7a:76:aa:70:7f:c0:39:3d:
87:46:54:8d:db:f4:2a:02:36:4c:0a:0a:8b:9f:d8:1d:6a:ae:
68:3c:cf:1c
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUDBR6a9zOpFh3EbFvl0W3yd4WQoUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUxNTQ3MjgwNkREMDFCNTk3MTU0MTAxMDNENTFDMDVF
NEYyOEI5NjAeFw0yNTAxMjMwMTU1MDBaFw0yNjAxMjIwMjAwMDBaMDMxMTAvBgNV
BAMTKDRFQjhDMzZDNzVBRUU4NzU1RTkzNzE2NkFGQjA2MUQ4Rjg0RTNDRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPhdNyGsf/TxddCRdsSFPtWCNm
q6mlM3gxFgLrgd3T6LUlZy0vwoqRnAGzLfbkf4vjJJRk9wZQEeiEQTN/pY+KdcO+
KpgNKrBMBhWEfOiDUjA2dFuMrl0MOWuKUuK9T2B1vXlYn2Pzu9Q643Ec7aYb0arz
6sBlhjIpH+zixFBT1MDLmgQeAItzBao5kTzdFPLy4DO2qw7ouROJr5fB4Ic8WG7B
VgmOM7gmfraPd7KmvsyYbs84Tsbd9+RJv3K7W1H90G8n0IKiJx4LUiEM0uUFJEhq
0Ck1CipXPk7m9pGgtyr0agpqmlxq7MwFGh7oTENOkqbDFv/QTUWdfaaNJ8aDAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUTrjDbHWu6HVek3Fmr7Bh2PhOPO8wHwYDVR0j
BBgwFoAURRVHKAbdAbWXFUEBA9UcBeTyi5YwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
NGYxMzcyYy00M2E2LTRmZGEtYjUwZS1kMDFlYjQyYzY4OWYvMC80NTE1NDcyODA2
REQwMUI1OTcxNTQxMDEwM0Q1MUMwNUU0RjI4Qjk2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDUxNTQ3MjgwNkREMDFCNTk3MTU0MTAxMDNENTFDMDVFNEYy
OEI5Ni5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU0ZjEzNzJjLTQzYTYtNGZkYS1i
NTBlLWQwMWViNDJjNjg5Zi8wLzMxMzAzMzJlMzEzNzMzMmUzMTM0MzIyZTMwMmYz
MjMzMmQzMjMzMjAzZDNlMjAzMTM0MzczMDM5MzAucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnrY4wDQYJ
KoZIhvcNAQELBQADggEBABjJKDQJKjhLzobOByS2EGzDJ5wpqarcqkd81hYRwhEM
l1vPVSRUJ7+Jqq6KZZpbfO2m+bRzzyMReikm7WYGCdZ34YyAuztFUw9/Ghz8klwJ
OYnAYUzkrUzTt0Cj7taNK59PLJiC2+OKIh1zC5ME54T+lmJWHtTQBk8qV2TMbvHb
tUsxWP8YsSxzckA+zEtUDH/K/b7fOuLhR22Q1NMEV80m+927PdlK67Zqx+5SWC+W
D2NiJUfvg0M1CKqYy3DpoBvGmvjbD0wcdQr5nmRKwuGE7PdV65l1lsT1Swinj/qy
f2Z6dqpwf8A5PYdGVI3b9CoCNkwKCouf2B1qrmg8zxw=
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:13:21 2025 by rpki-client