Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/3130332e3137362e39372e302f32342d3234203d3e20313437313331.roa
File: 3130332e3137362e39372e302f32342d3234203d3e20313437313331.roa (raw, json)
Hash identifier: gcQbwwcsgWLto/MeqdtpULkQCdJ/hBMpFsyWHdzWTU8=
Subject key identifier: AC:3A:B1:16:11:B0:68:D4:D2:43:29:FF:3B:AD:69:57:9F:FE:54:10
Certificate issuer: /CN=4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657
Certificate serial: 37F56D792E7133C7C5472D2539EE9B24AFF94F05
Authority key identifier: 43:37:E9:FF:91:A0:CB:65:CE:1E:B8:FA:EB:61:08:F5:E3:7B:B6:57
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/3130332e3137362e39372e302f32342d3234203d3e20313437313331.roa
Signing time: Mon 20 Jan 2025 17:00:02 +0000
ROA not before: Mon 20 Jan 2025 16:55:02 +0000
ROA not after: Mon 19 Jan 2026 17:00:02 +0000
asID: 147131
IP address blocks: 103.176.97.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:f5:6d:79:2e:71:33:c7:c5:47:2d:25:39:ee:9b:24:af:f9:4f:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657
Validity
Not Before: Jan 20 16:55:02 2025 GMT
Not After : Jan 19 17:00:02 2026 GMT
Subject: CN=AC3AB11611B068D4D24329FF3BAD69579FFE5410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e5:b2:53:1f:49:67:a8:80:cd:d4:c5:4f:4d:
51:8e:0c:fc:93:3e:43:fc:cc:ae:dc:5e:2a:38:0d:
2f:cd:63:54:6a:49:24:3a:8c:0d:04:fa:5e:44:27:
30:dd:fb:b7:26:7e:6f:58:34:41:75:3e:c3:74:f8:
ee:03:c0:36:93:73:a5:51:74:4b:af:e6:d3:9f:86:
8e:a0:c9:7d:a3:ce:fe:98:4b:f9:24:e2:aa:74:4b:
35:14:a2:c0:e1:4b:e6:d1:49:5d:12:6f:ba:c9:1f:
d3:b5:f2:ee:ca:01:a8:e9:16:b1:d2:21:28:75:46:
3a:3e:7a:24:ab:f8:da:f9:23:25:3c:3a:25:f8:18:
4c:da:88:a9:ff:bf:43:7a:1e:2d:d0:4b:06:d3:a9:
2f:da:7e:1f:84:f7:2e:65:48:c7:24:4d:9d:85:a6:
6d:94:50:c6:9d:0f:48:f8:e9:28:70:fc:43:c9:6f:
41:69:42:2d:26:f6:ca:f4:66:4f:d3:92:53:9a:ec:
9a:f1:cd:7f:e1:13:b0:5d:d0:74:46:4e:42:cb:ad:
36:8e:fa:5a:ee:87:e5:87:41:8c:23:1c:c4:9e:22:
77:f3:99:dc:15:71:bd:12:b2:35:4d:6f:ef:26:5a:
56:4c:04:3f:b6:df:45:31:6b:1e:8c:eb:36:69:4b:
c1:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:3A:B1:16:11:B0:68:D4:D2:43:29:FF:3B:AD:69:57:9F:FE:54:10
X509v3 Authority Key Identifier:
keyid:43:37:E9:FF:91:A0:CB:65:CE:1E:B8:FA:EB:61:08:F5:E3:7B:B6:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/3130332e3137362e39372e302f32342d3234203d3e20313437313331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.176.97.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:d6:bb:7b:82:83:a9:43:3e:61:4d:a9:b6:a9:ec:0a:89:60:
0f:0c:b0:8f:db:e3:cb:75:79:ac:04:69:42:b5:9d:6e:9a:87:
44:6d:e7:c7:c2:8f:25:cc:41:9c:05:16:49:ee:ea:bd:26:ac:
e7:ba:ba:24:e9:99:0d:20:cf:2d:cf:4b:06:2a:bb:4a:19:90:
e7:cb:60:77:c8:ea:10:66:9a:b0:16:7d:ef:5c:03:9b:d4:08:
90:cc:1e:a9:07:3d:14:03:ac:9b:36:34:60:e7:fa:6f:79:cb:
46:81:90:d6:51:b2:57:89:94:80:00:52:5c:a7:26:bd:b5:5a:
c8:31:fe:98:4d:9b:24:bb:81:2f:2c:b9:74:08:87:85:bb:19:
21:c2:0d:fa:80:79:c4:d5:7d:6d:55:7d:27:11:8e:00:36:27:
f1:d6:e7:4f:1f:0c:1a:e0:f9:ef:e4:9b:cb:c3:4a:5b:e1:34:
e7:2b:3d:70:3b:f0:b6:18:3d:31:60:a9:dc:47:48:3d:54:34:
a4:6b:3e:d1:94:ab:bd:d8:9c:2a:4f:ae:20:f3:07:3c:a1:f9:
b9:2f:27:6e:4a:b5:21:ee:72:1c:7a:cb:39:42:18:19:f3:7a:
15:03:b3:68:b5:c3:08:59:ac:a7:cf:0e:7b:16:f5:8a:bc:92:
18:fb:d4:88
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUN/VteS5xM8fFRy0lOe6bJK/5TwUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDMzN0U5RkY5MUEwQ0I2NUNFMUVCOEZBRUI2MTA4RjVF
MzdCQjY1NzAeFw0yNTAxMjAxNjU1MDJaFw0yNjAxMTkxNzAwMDJaMDMxMTAvBgNV
BAMTKEFDM0FCMTE2MTFCMDY4RDREMjQzMjlGRjNCQUQ2OTU3OUZGRTU0MTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO5bJTH0lnqIDN1MVPTVGODPyT
PkP8zK7cXio4DS/NY1RqSSQ6jA0E+l5EJzDd+7cmfm9YNEF1PsN0+O4DwDaTc6VR
dEuv5tOfho6gyX2jzv6YS/kk4qp0SzUUosDhS+bRSV0Sb7rJH9O18u7KAajpFrHS
ISh1Rjo+eiSr+Nr5IyU8OiX4GEzaiKn/v0N6Hi3QSwbTqS/afh+E9y5lSMckTZ2F
pm2UUMadD0j46Shw/EPJb0FpQi0m9sr0Zk/TklOa7JrxzX/hE7Bd0HRGTkLLrTaO
+lruh+WHQYwjHMSeInfzmdwVcb0SsjVNb+8mWlZMBD+230Uxax6M6zZpS8GNAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUrDqxFhGwaNTSQyn/O61pV5/+VBAwHwYDVR0j
BBgwFoAUQzfp/5Ggy2XOHrj662EI9eN7tlcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
YzM0ZGMzZi0zMDhmLTRkZTEtYTM2NS03MDFiZDljZjEwMDQvMC80MzM3RTlGRjkx
QTBDQjY1Q0UxRUI4RkFFQjYxMDhGNUUzN0JCNjU3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDMzN0U5RkY5MUEwQ0I2NUNFMUVCOEZBRUI2MTA4RjVFMzdC
QjY1Ny5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVjMzRkYzNmLTMwOGYtNGRlMS1h
MzY1LTcwMWJkOWNmMTAwNC8wLzMxMzAzMzJlMzEzNzM2MmUzOTM3MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNDM3MzEzMzMxLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ7BhMA0GCSqG
SIb3DQEBCwUAA4IBAQCr1rt7goOpQz5hTam2qewKiWAPDLCP2+PLdXmsBGlCtZ1u
modEbefHwo8lzEGcBRZJ7uq9Jqznurok6ZkNIM8tz0sGKrtKGZDny2B3yOoQZpqw
Fn3vXAOb1AiQzB6pBz0UA6ybNjRg5/pvectGgZDWUbJXiZSAAFJcpya9tVrIMf6Y
TZsku4EvLLl0CIeFuxkhwg36gHnE1X1tVX0nEY4ANifx1udPHwwa4Pnv5JvLw0pb
4TTnKz1wO/C2GD0xYKncR0g9VDSkaz7RlKu92JwqT64g8wc8ofm5LyduSrUh7nIc
ess5QhgZ83oVA7NotcMIWaynzw57FvWKvJIY+9SI
-----END CERTIFICATE-----
Generated at Wed Apr 9 07:57:29 2025 by rpki-client