Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/5aba4e59-fb31-41b5-88e7-0b2ced1f201c/0/3130332e3132342e3133372e302f32342d3234203d3e20313338303839.roa
File: 3130332e3132342e3133372e302f32342d3234203d3e20313338303839.roa (raw, json)
Hash identifier: vPo4xg80UOtB6VJUwA4UWFKXU9vTxzV/7Yqjm3eG2dU=
Subject key identifier: 4D:C0:74:42:42:DF:7C:98:70:F8:ED:81:B5:61:A0:9C:06:89:7B:B1
Certificate issuer: /CN=7D4F0D007B60134996AC3198B9E5B71EAF70E733
Certificate serial: 65068878CA839F77BBB76B2CBEE20D99FE2DFA4D
Authority key identifier: 7D:4F:0D:00:7B:60:13:49:96:AC:31:98:B9:E5:B7:1E:AF:70:E7:33
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7D4F0D007B60134996AC3198B9E5B71EAF70E733.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/5aba4e59-fb31-41b5-88e7-0b2ced1f201c/0/3130332e3132342e3133372e302f32342d3234203d3e20313338303839.roa
Signing time: Mon 24 Feb 2025 14:00:00 +0000
ROA not before: Mon 24 Feb 2025 13:55:00 +0000
ROA not after: Mon 23 Feb 2026 14:00:00 +0000
asID: 138089
IP address blocks: 103.124.137.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:06:88:78:ca:83:9f:77:bb:b7:6b:2c:be:e2:0d:99:fe:2d:fa:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7D4F0D007B60134996AC3198B9E5B71EAF70E733
Validity
Not Before: Feb 24 13:55:00 2025 GMT
Not After : Feb 23 14:00:00 2026 GMT
Subject: CN=4DC0744242DF7C9870F8ED81B561A09C06897BB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ff:5f:a8:be:ee:ea:16:e0:a5:b3:48:18:ec:
df:c4:5a:27:c2:e5:c9:83:f2:f0:5e:04:2b:7b:08:
6e:cd:75:4d:ad:ea:c2:6a:e5:dc:47:20:dc:21:77:
ec:c7:9b:1a:7f:b5:8a:0a:bb:2c:4c:ee:39:93:2d:
43:a8:d4:5d:1e:6e:27:a5:ae:3a:3d:7d:a9:b2:42:
9d:b8:fe:62:81:a1:4e:32:9c:96:31:c5:3c:42:51:
64:77:b9:c7:e2:c8:6b:42:ea:3c:01:16:31:6c:d7:
79:59:66:b1:78:0a:d0:26:3d:7f:4f:bf:c6:77:d1:
57:f8:13:ff:05:22:ab:0b:14:d2:15:24:e7:99:ff:
e1:82:c8:8e:53:79:c6:c1:3c:3d:f7:9d:e4:03:21:
14:b5:d1:85:d9:ba:62:ef:c6:03:a1:09:07:98:1c:
73:23:75:be:b3:a1:62:17:c1:bd:eb:a3:e1:f1:d3:
75:87:e7:8d:5c:4f:92:d7:7e:ee:7a:45:87:0a:a9:
c2:2d:e6:8b:af:66:7d:b3:f0:88:c7:e9:74:1b:11:
d0:78:c5:ee:80:9d:66:25:c7:33:a0:d8:43:db:82:
e7:b8:d5:43:17:64:34:4d:e7:54:5e:f3:82:f8:d7:
82:24:eb:64:39:10:be:78:a4:0c:54:06:a0:a9:a5:
40:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C0:74:42:42:DF:7C:98:70:F8:ED:81:B5:61:A0:9C:06:89:7B:B1
X509v3 Authority Key Identifier:
keyid:7D:4F:0D:00:7B:60:13:49:96:AC:31:98:B9:E5:B7:1E:AF:70:E7:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/5aba4e59-fb31-41b5-88e7-0b2ced1f201c/0/7D4F0D007B60134996AC3198B9E5B71EAF70E733.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7D4F0D007B60134996AC3198B9E5B71EAF70E733.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5aba4e59-fb31-41b5-88e7-0b2ced1f201c/0/3130332e3132342e3133372e302f32342d3234203d3e20313338303839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.124.137.0/24
Signature Algorithm: sha256WithRSAEncryption
48:25:8e:ae:f7:5b:d4:e1:83:13:92:a0:94:f5:58:3b:07:5a:
43:1d:66:e4:84:d3:7f:49:3a:66:4b:6a:29:f6:dd:36:8e:5b:
c1:71:a3:41:9e:24:8f:a1:86:d5:3b:53:c9:d9:61:4a:48:60:
9b:a7:14:ab:56:8a:90:bf:d8:66:0f:2e:ea:d8:53:c7:f2:70:
c6:05:78:d1:4f:b8:f4:69:98:f4:ec:a4:60:76:b2:79:3a:a2:
76:87:55:3e:74:29:ed:da:0f:b3:b5:04:92:81:41:26:1e:6c:
b3:0e:5c:ae:98:44:1a:7c:a7:87:1b:23:b5:6d:5b:20:3e:2e:
d6:f9:50:3b:7c:e4:fd:e2:29:71:cb:f8:38:cb:71:d1:91:7e:
b5:18:fe:70:31:4f:7f:df:ca:9e:d7:46:5b:a7:64:59:a8:39:
ec:32:70:43:37:86:16:73:1f:e8:d3:00:af:9b:df:da:ce:76:
f5:a9:6f:b7:40:82:43:2f:a0:22:ab:88:9b:7f:b3:ea:0b:12:
ed:9b:86:0e:e3:6d:86:d9:2e:a8:90:c6:b2:b4:59:3c:1c:a9:
ee:d9:6f:ae:81:9e:29:4b:7e:97:4f:59:02:a7:11:c8:45:d8:
cd:17:8d:ae:ae:68:0a:38:b4:9f:7e:13:f4:8a:cb:81:f4:92:
fd:17:38:4e
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUZQaIeMqDn3e7t2ssvuINmf4t+k0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0Q0RjBEMDA3QjYwMTM0OTk2QUMzMTk4QjlFNUI3MUVB
RjcwRTczMzAeFw0yNTAyMjQxMzU1MDBaFw0yNjAyMjMxNDAwMDBaMDMxMTAvBgNV
BAMTKDREQzA3NDQyNDJERjdDOTg3MEY4RUQ4MUI1NjFBMDlDMDY4OTdCQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw/1+ovu7qFuCls0gY7N/EWifC
5cmD8vBeBCt7CG7NdU2t6sJq5dxHINwhd+zHmxp/tYoKuyxM7jmTLUOo1F0ebiel
rjo9famyQp24/mKBoU4ynJYxxTxCUWR3ucfiyGtC6jwBFjFs13lZZrF4CtAmPX9P
v8Z30Vf4E/8FIqsLFNIVJOeZ/+GCyI5TecbBPD33neQDIRS10YXZumLvxgOhCQeY
HHMjdb6zoWIXwb3ro+Hx03WH541cT5LXfu56RYcKqcIt5ouvZn2z8IjH6XQbEdB4
xe6AnWYlxzOg2EPbgue41UMXZDRN51Re84L414Ik62Q5EL54pAxUBqCppUA/AgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUTcB0QkLffJhw+O2BtWGgnAaJe7EwHwYDVR0j
BBgwFoAUfU8NAHtgE0mWrDGYueW3Hq9w5zMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
YWJhNGU1OS1mYjMxLTQxYjUtODhlNy0wYjJjZWQxZjIwMWMvMC83RDRGMEQwMDdC
NjAxMzQ5OTZBQzMxOThCOUU1QjcxRUFGNzBFNzMzLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvN0Q0RjBEMDA3QjYwMTM0OTk2QUMzMTk4QjlFNUI3MUVBRjcw
RTczMy5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVhYmE0ZTU5LWZiMzEtNDFiNS04
OGU3LTBiMmNlZDFmMjAxYy8wLzMxMzAzMzJlMzEzMjM0MmUzMTMzMzcyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzgzMDM4Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnfIkwDQYJ
KoZIhvcNAQELBQADggEBAEgljq73W9ThgxOSoJT1WDsHWkMdZuSE039JOmZLain2
3TaOW8Fxo0GeJI+hhtU7U8nZYUpIYJunFKtWipC/2GYPLurYU8fycMYFeNFPuPRp
mPTspGB2snk6onaHVT50Ke3aD7O1BJKBQSYebLMOXK6YRBp8p4cbI7VtWyA+Ltb5
UDt85P3iKXHL+DjLcdGRfrUY/nAxT3/fyp7XRlunZFmoOewycEM3hhZzH+jTAK+b
39rOdvWpb7dAgkMvoCKriJt/s+oLEu2bhg7jbYbZLqiQxrK0WTwcqe7Zb66BnilL
fpdPWQKnEchF2M0Xja6uaAo4tJ9+E/SKy4H0kv0XOE4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:45:40 2025 by rpki-client