Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/78d774f4-2300-4e69-a6ca-7cf48002e2fb/0/3130332e3137322e3132302e302f32332d3234203d3e20313432333938.roa
File: 3130332e3137322e3132302e302f32332d3234203d3e20313432333938.roa (raw, json)
Hash identifier: pXYOCZxRABB//TtVnh1gM8sswwbpc2HW8vVv8Mpvxgk=
Subject key identifier: B7:F4:12:C0:DE:52:D3:60:AA:B1:4A:EF:90:90:30:51:CA:BF:CD:0E
Certificate issuer: /CN=45422D0C59556C680872F58CC42068EF3ED1BA2E
Certificate serial: 2376950793DDB80CA537CCFB9D1F74DD17AA3E8A
Authority key identifier: 45:42:2D:0C:59:55:6C:68:08:72:F5:8C:C4:20:68:EF:3E:D1:BA:2E
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/45422D0C59556C680872F58CC42068EF3ED1BA2E.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/78d774f4-2300-4e69-a6ca-7cf48002e2fb/0/3130332e3137322e3132302e302f32332d3234203d3e20313432333938.roa
Signing time: Tue 14 Jan 2025 06:00:01 +0000
ROA not before: Tue 14 Jan 2025 05:55:01 +0000
ROA not after: Tue 13 Jan 2026 06:00:01 +0000
asID: 142398
IP address blocks: 103.172.120.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:76:95:07:93:dd:b8:0c:a5:37:cc:fb:9d:1f:74:dd:17:aa:3e:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45422D0C59556C680872F58CC42068EF3ED1BA2E
Validity
Not Before: Jan 14 05:55:01 2025 GMT
Not After : Jan 13 06:00:01 2026 GMT
Subject: CN=B7F412C0DE52D360AAB14AEF90903051CABFCD0E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ff:ec:38:c4:b3:dc:d8:6d:cf:26:78:e1:a5:
0f:6f:50:8a:cb:ab:f9:82:b0:15:69:2d:5a:0c:7f:
63:89:a1:e5:d3:e9:c4:31:78:bf:b6:f3:dd:10:d5:
58:14:b7:d9:b7:b4:ce:c7:9b:a8:51:ba:d3:43:ad:
ed:2a:1d:20:35:ea:0c:01:51:dc:78:92:68:44:be:
c2:2f:70:6d:82:89:3d:58:d8:4b:52:a4:25:f2:45:
ea:30:73:c8:45:a4:83:67:f6:c8:62:42:e0:a0:cc:
7c:46:cb:9a:7b:91:bf:2b:c9:da:9b:f8:09:ed:ab:
30:d1:4a:0e:b8:9a:41:a0:88:a9:fd:fa:9f:10:b7:
61:45:14:c6:2e:10:3d:5c:34:f6:de:75:e1:6e:ba:
31:78:09:19:81:3b:f9:26:6e:c1:26:28:25:fb:fb:
c3:ba:1b:82:20:33:25:cf:5c:f5:5d:da:ad:ec:5c:
e0:98:fa:bd:78:62:bf:91:91:40:b5:8a:75:1b:b9:
db:39:9b:27:a1:55:44:11:dc:57:07:57:4f:88:dc:
8f:36:a3:36:4d:40:27:cb:a3:48:75:b2:8c:8e:30:
5f:7a:91:06:8b:7f:ab:18:43:75:fb:91:5e:fd:dd:
37:bf:56:81:b4:aa:16:da:31:29:bf:99:57:a8:7c:
74:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F4:12:C0:DE:52:D3:60:AA:B1:4A:EF:90:90:30:51:CA:BF:CD:0E
X509v3 Authority Key Identifier:
keyid:45:42:2D:0C:59:55:6C:68:08:72:F5:8C:C4:20:68:EF:3E:D1:BA:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/78d774f4-2300-4e69-a6ca-7cf48002e2fb/0/45422D0C59556C680872F58CC42068EF3ED1BA2E.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/45422D0C59556C680872F58CC42068EF3ED1BA2E.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/78d774f4-2300-4e69-a6ca-7cf48002e2fb/0/3130332e3137322e3132302e302f32332d3234203d3e20313432333938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.172.120.0/23
Signature Algorithm: sha256WithRSAEncryption
94:85:d4:63:9b:e6:bc:9c:e8:0e:df:7d:b0:8e:e3:cb:8d:41:
cb:af:4c:9f:06:f9:96:0d:c3:7b:89:82:3f:e1:63:33:a1:b0:
3c:c3:6e:3a:fd:27:b5:8c:6f:89:3c:59:54:f2:ef:c1:6c:65:
09:44:a9:67:f6:64:53:a9:dd:b0:47:7a:a3:11:da:e9:15:d2:
7e:85:0e:ea:d2:22:b6:42:69:5b:46:d2:34:85:92:b0:bd:c4:
14:28:f3:2a:68:09:f2:60:ab:ad:3a:c0:de:e7:60:da:29:63:
57:de:2b:d8:17:16:f2:96:74:e3:79:6a:e3:18:4e:27:ba:6b:
93:04:4c:a0:8a:d0:29:ee:b4:2b:2b:64:f5:3f:71:ef:d7:f7:
0c:d9:9e:2b:0b:c4:96:af:b6:95:9a:0e:07:84:c7:fb:d7:ba:
84:9f:3b:e7:2f:df:27:9c:3c:a7:16:1c:ca:1c:a9:a9:ca:d5:
a4:12:0a:16:17:56:7d:00:d7:fe:8b:08:51:2f:de:7f:85:9a:
d7:93:35:9f:d8:02:49:32:50:ee:ed:01:2d:af:63:25:26:7f:
64:93:25:f9:63:b7:3e:d3:04:42:f7:eb:e4:fe:17:a9:69:d7:
7f:1b:d3:13:a0:c0:7a:e9:ea:f5:64:12:9a:a6:21:43:05:ab:
49:5a:ea:03
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUI3aVB5PduAylN8z7nR903ReqPoowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDU0MjJEMEM1OTU1NkM2ODA4NzJGNThDQzQyMDY4RUYz
RUQxQkEyRTAeFw0yNTAxMTQwNTU1MDFaFw0yNjAxMTMwNjAwMDFaMDMxMTAvBgNV
BAMTKEI3RjQxMkMwREU1MkQzNjBBQUIxNEFFRjkwOTAzMDUxQ0FCRkNEMEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDX/+w4xLPc2G3PJnjhpQ9vUIrL
q/mCsBVpLVoMf2OJoeXT6cQxeL+2890Q1VgUt9m3tM7Hm6hRutNDre0qHSA16gwB
Udx4kmhEvsIvcG2CiT1Y2EtSpCXyReowc8hFpINn9shiQuCgzHxGy5p7kb8rydqb
+AntqzDRSg64mkGgiKn9+p8Qt2FFFMYuED1cNPbedeFuujF4CRmBO/kmbsEmKCX7
+8O6G4IgMyXPXPVd2q3sXOCY+r14Yr+RkUC1inUbuds5myehVUQR3FcHV0+I3I82
ozZNQCfLo0h1soyOMF96kQaLf6sYQ3X7kV793Te/VoG0qhbaMSm/mVeofHTFAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUt/QSwN5S02CqsUrvkJAwUcq/zQ4wHwYDVR0j
BBgwFoAURUItDFlVbGgIcvWMxCBo7z7Rui4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
OGQ3NzRmNC0yMzAwLTRlNjktYTZjYS03Y2Y0ODAwMmUyZmIvMC80NTQyMkQwQzU5
NTU2QzY4MDg3MkY1OENDNDIwNjhFRjNFRDFCQTJFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDU0MjJEMEM1OTU1NkM2ODA4NzJGNThDQzQyMDY4RUYzRUQx
QkEyRS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzc4ZDc3NGY0LTIzMDAtNGU2OS1h
NmNhLTdjZjQ4MDAyZTJmYi8wLzMxMzAzMzJlMzEzNzMyMmUzMTMyMzAyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMTM0MzIzMzM5Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnrHgwDQYJ
KoZIhvcNAQELBQADggEBAJSF1GOb5ryc6A7ffbCO48uNQcuvTJ8G+ZYNw3uJgj/h
YzOhsDzDbjr9J7WMb4k8WVTy78FsZQlEqWf2ZFOp3bBHeqMR2ukV0n6FDurSIrZC
aVtG0jSFkrC9xBQo8ypoCfJgq606wN7nYNopY1feK9gXFvKWdON5auMYTie6a5ME
TKCK0CnutCsrZPU/ce/X9wzZnisLxJavtpWaDgeEx/vXuoSfO+cv3yecPKcWHMoc
qanK1aQSChYXVn0A1/6LCFEv3n+FmteTNZ/YAkkyUO7tAS2vYyUmf2STJfljtz7T
BEL36+T+F6lp138b0xOgwHrp6vVkEpqmIUMFq0la6gM=
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:31:13 2025 by rpki-client