Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/7a70d44e-0f70-45a3-af04-81f429db3a5d/0/3130332e3137342e3137352e302f32342d3234203d3e20313437313031.roa
File: 3130332e3137342e3137352e302f32342d3234203d3e20313437313031.roa (raw, json)
Hash identifier: hiVWfFJS+ICMc15b4VDK2HR8eWbWj/hyT+N05K9QMHE=
Subject key identifier: 4A:6F:AF:A5:95:28:50:E3:3A:20:0F:58:35:C2:E9:7D:24:F2:C0:A4
Certificate issuer: /CN=7767CF49D7661AFAB45870341D88D2F3D9A86CE4
Certificate serial: 5B2AE3F8FA53EB9CA4B633C434DF4EBB1DC869CC
Authority key identifier: 77:67:CF:49:D7:66:1A:FA:B4:58:70:34:1D:88:D2:F3:D9:A8:6C:E4
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7767CF49D7661AFAB45870341D88D2F3D9A86CE4.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/7a70d44e-0f70-45a3-af04-81f429db3a5d/0/3130332e3137342e3137352e302f32342d3234203d3e20313437313031.roa
Signing time: Thu 20 Feb 2025 11:00:01 +0000
ROA not before: Thu 20 Feb 2025 10:55:01 +0000
ROA not after: Thu 19 Feb 2026 11:00:01 +0000
asID: 147101
IP address blocks: 103.174.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:2a:e3:f8:fa:53:eb:9c:a4:b6:33:c4:34:df:4e:bb:1d:c8:69:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7767CF49D7661AFAB45870341D88D2F3D9A86CE4
Validity
Not Before: Feb 20 10:55:01 2025 GMT
Not After : Feb 19 11:00:01 2026 GMT
Subject: CN=4A6FAFA5952850E33A200F5835C2E97D24F2C0A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:dc:a0:31:00:b6:7a:28:ef:ae:96:28:49:e5:
6a:5d:ef:bb:97:9f:bb:a1:a2:f7:cf:20:98:1a:b2:
65:bf:33:20:75:33:8d:98:9a:1f:2e:7c:38:46:8c:
7b:84:7d:30:ea:5d:a2:2e:b0:36:29:d6:c0:03:1d:
77:61:98:a6:2e:83:c6:32:19:75:9e:32:25:8e:86:
29:11:71:34:e8:38:f7:ef:b4:06:98:96:49:3a:27:
51:47:3e:e7:57:45:2d:18:c3:91:f1:84:bb:6a:56:
12:c1:30:9a:a2:7e:5f:aa:f5:69:30:e3:a8:52:ee:
38:e6:b7:c8:f7:ea:ab:24:be:b3:e1:5b:f8:2e:63:
78:c2:d5:8b:c1:eb:32:dc:42:e3:77:a1:37:78:56:
9a:e1:55:95:72:fa:9b:22:1a:c4:d7:81:31:33:e8:
7d:56:25:3c:f3:09:c6:01:b8:12:bf:14:ad:a9:7f:
38:de:e1:92:8f:f1:0a:8c:6e:a9:be:e4:85:2f:4b:
9d:be:d5:80:bd:c9:d3:af:cd:c4:4e:f2:20:8c:a3:
10:50:c7:8c:c0:64:7b:c1:87:6b:60:0b:4c:f3:7f:
6c:a1:81:e7:22:b7:09:2b:a9:ad:1b:6d:95:ac:b2:
fc:f9:68:fb:9f:55:46:ee:2c:e9:86:b3:74:d8:70:
e8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:6F:AF:A5:95:28:50:E3:3A:20:0F:58:35:C2:E9:7D:24:F2:C0:A4
X509v3 Authority Key Identifier:
keyid:77:67:CF:49:D7:66:1A:FA:B4:58:70:34:1D:88:D2:F3:D9:A8:6C:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/7a70d44e-0f70-45a3-af04-81f429db3a5d/0/7767CF49D7661AFAB45870341D88D2F3D9A86CE4.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7767CF49D7661AFAB45870341D88D2F3D9A86CE4.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7a70d44e-0f70-45a3-af04-81f429db3a5d/0/3130332e3137342e3137352e302f32342d3234203d3e20313437313031.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.174.175.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:fb:23:d3:f0:ea:45:fb:03:37:21:af:25:c0:ba:52:ac:c4:
51:6c:62:71:e1:10:ba:29:86:bc:37:bd:71:bd:b8:04:42:7c:
6f:fa:83:8a:d7:88:1b:73:31:80:06:3a:cb:9a:82:7a:54:1a:
44:9a:4c:8a:6d:39:d9:0d:0c:ab:47:c7:55:4f:4f:91:b5:f0:
a9:1c:a9:8d:4a:59:36:fe:7b:f2:72:f4:1f:65:f7:0b:3c:ee:
f2:d4:c1:60:f0:57:8c:97:3b:35:3f:ec:06:92:2d:50:02:0d:
13:af:79:75:11:4d:12:38:37:dd:52:3a:d7:e7:2a:55:74:b8:
b0:58:59:f1:2d:3c:4d:3e:18:e1:d1:24:20:08:cb:d6:e6:17:
33:1f:50:19:4d:32:78:c0:de:6c:b4:98:5c:8d:4d:c7:e3:d0:
a1:d5:b9:dc:c7:52:cf:ec:e0:32:02:76:ee:f6:55:9d:b8:35:
d6:64:65:a6:91:41:e4:6e:bd:b8:24:6e:29:f8:a8:a6:d2:ae:
e4:85:39:b2:ae:cb:b2:b6:f5:fd:8e:31:2a:60:05:07:7e:b7:
83:97:41:09:32:e5:9c:7a:5b:d9:ad:9c:43:44:67:f5:b2:42:
a8:a6:54:05:0c:51:c9:c4:be:68:0d:3e:a2:d7:92:09:b2:04:
5a:42:5d:32
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUWyrj+PpT65yktjPENN9Oux3IacwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzc2N0NGNDlENzY2MUFGQUI0NTg3MDM0MUQ4OEQyRjNE
OUE4NkNFNDAeFw0yNTAyMjAxMDU1MDFaFw0yNjAyMTkxMTAwMDFaMDMxMTAvBgNV
BAMTKDRBNkZBRkE1OTUyODUwRTMzQTIwMEY1ODM1QzJFOTdEMjRGMkMwQTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC23KAxALZ6KO+ulihJ5Wpd77uX
n7uhovfPIJgasmW/MyB1M42Ymh8ufDhGjHuEfTDqXaIusDYp1sADHXdhmKYug8Yy
GXWeMiWOhikRcTToOPfvtAaYlkk6J1FHPudXRS0Yw5HxhLtqVhLBMJqifl+q9Wkw
46hS7jjmt8j36qskvrPhW/guY3jC1YvB6zLcQuN3oTd4VprhVZVy+psiGsTXgTEz
6H1WJTzzCcYBuBK/FK2pfzje4ZKP8QqMbqm+5IUvS52+1YC9ydOvzcRO8iCMoxBQ
x4zAZHvBh2tgC0zzf2yhgecitwkrqa0bbZWssvz5aPufVUbuLOmGs3TYcOj3AgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUSm+vpZUoUOM6IA9YNcLpfSTywKQwHwYDVR0j
BBgwFoAUd2fPSddmGvq0WHA0HYjS89mobOQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
YTcwZDQ0ZS0wZjcwLTQ1YTMtYWYwNC04MWY0MjlkYjNhNWQvMC83NzY3Q0Y0OUQ3
NjYxQUZBQjQ1ODcwMzQxRDg4RDJGM0Q5QTg2Q0U0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNzc2N0NGNDlENzY2MUFGQUI0NTg3MDM0MUQ4OEQyRjNEOUE4
NkNFNC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdhNzBkNDRlLTBmNzAtNDVhMy1h
ZjA0LTgxZjQyOWRiM2E1ZC8wLzMxMzAzMzJlMzEzNzM0MmUzMTM3MzUyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM0MzczMTMwMzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnrq8wDQYJ
KoZIhvcNAQELBQADggEBAEr7I9Pw6kX7AzchryXAulKsxFFsYnHhELophrw3vXG9
uARCfG/6g4rXiBtzMYAGOsuagnpUGkSaTIptOdkNDKtHx1VPT5G18KkcqY1KWTb+
e/Jy9B9l9ws87vLUwWDwV4yXOzU/7AaSLVACDROveXURTRI4N91SOtfnKlV0uLBY
WfEtPE0+GOHRJCAIy9bmFzMfUBlNMnjA3my0mFyNTcfj0KHVudzHUs/s4DICdu72
VZ24NdZkZaaRQeRuvbgkbin4qKbSruSFObKuy7K29f2OMSpgBQd+t4OXQQky5Zx6
W9mtnENEZ/WyQqimVAUMUcnEvmgNPqLXkgmyBFpCXTI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:30:50 2025 by rpki-client