Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/82d49179-4d8b-4d2d-abf4-43231deb5b01/0/3130332e3137302e39362e302f32332d3233203d3e20313432333638.roa
File: 3130332e3137302e39362e302f32332d3233203d3e20313432333638.roa (raw, json)
Hash identifier: vxYEkSC9Nhj9Qwmzlp+zXc3eS9PpNRTtM0I668VgpCo=
Subject key identifier: 11:87:28:EC:46:26:12:B1:7B:17:57:95:17:FE:07:A6:CB:F4:B9:4E
Certificate issuer: /CN=3BA10823C279932D7573B930625CD2884433C744
Certificate serial: 036CC1A16E0FB34361DBAF70C68136197FE6E857
Authority key identifier: 3B:A1:08:23:C2:79:93:2D:75:73:B9:30:62:5C:D2:88:44:33:C7:44
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3BA10823C279932D7573B930625CD2884433C744.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/82d49179-4d8b-4d2d-abf4-43231deb5b01/0/3130332e3137302e39362e302f32332d3233203d3e20313432333638.roa
Signing time: Sat 01 Mar 2025 08:00:00 +0000
ROA not before: Sat 01 Mar 2025 07:55:00 +0000
ROA not after: Sat 28 Feb 2026 08:00:00 +0000
asID: 142368
IP address blocks: 103.170.96.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:6c:c1:a1:6e:0f:b3:43:61:db:af:70:c6:81:36:19:7f:e6:e8:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BA10823C279932D7573B930625CD2884433C744
Validity
Not Before: Mar 1 07:55:00 2025 GMT
Not After : Feb 28 08:00:00 2026 GMT
Subject: CN=118728EC462612B17B17579517FE07A6CBF4B94E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d4:27:2c:c3:3c:31:08:5f:c0:ca:e2:77:85:
5f:73:fe:c6:99:61:21:30:c5:18:1c:df:9d:56:e8:
31:6e:f9:c4:11:07:07:06:2c:2f:3f:95:32:c7:5f:
c4:5a:6a:82:6e:d5:ed:70:7c:7a:b1:5e:7b:c9:e1:
da:c3:68:9f:4b:3c:30:d5:59:d0:61:65:db:46:81:
5d:bc:88:24:64:88:93:28:76:16:aa:a4:26:a9:33:
39:23:11:db:fa:4c:90:e7:24:70:b9:e4:d4:48:cf:
45:0e:c9:13:c5:eb:6b:fc:95:4f:9d:da:b2:55:b1:
de:a9:af:dc:b3:ea:47:7a:f5:48:65:95:00:99:1e:
9c:b1:ab:71:91:2a:92:ce:3b:18:3f:93:66:90:05:
b5:14:2d:74:4c:86:9a:06:83:3a:dd:67:86:18:09:
e1:eb:b7:b6:e8:98:08:7a:cb:61:25:c9:f4:34:ef:
a5:48:5b:5a:8a:ce:2f:16:cc:f7:70:16:27:8b:56:
53:39:1b:35:8b:62:64:dc:c1:02:57:e4:84:95:27:
03:e9:13:ca:51:a6:3d:95:95:76:ce:c6:bc:66:21:
59:b8:7a:14:df:fd:56:f1:ef:d4:7b:49:3b:8f:31:
87:55:71:8b:5f:0c:5b:ad:4f:3d:61:65:b2:4d:d7:
b1:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:87:28:EC:46:26:12:B1:7B:17:57:95:17:FE:07:A6:CB:F4:B9:4E
X509v3 Authority Key Identifier:
keyid:3B:A1:08:23:C2:79:93:2D:75:73:B9:30:62:5C:D2:88:44:33:C7:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/82d49179-4d8b-4d2d-abf4-43231deb5b01/0/3BA10823C279932D7573B930625CD2884433C744.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3BA10823C279932D7573B930625CD2884433C744.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/82d49179-4d8b-4d2d-abf4-43231deb5b01/0/3130332e3137302e39362e302f32332d3233203d3e20313432333638.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.170.96.0/23
Signature Algorithm: sha256WithRSAEncryption
34:15:c7:2e:5d:83:de:e9:a9:48:2c:68:94:e1:42:94:11:96:
d8:0f:44:2e:66:0c:86:8c:eb:f9:13:33:78:87:c9:6c:e6:14:
b4:19:e5:f3:c5:df:35:8c:99:36:f6:06:67:de:06:35:71:ac:
76:ca:58:99:71:66:4d:0e:ad:6b:3c:86:77:3a:f0:96:e0:93:
b6:de:a0:8a:a5:3b:41:a9:2c:1f:f1:8c:22:36:3c:38:58:c0:
3b:67:8a:67:8d:7e:f2:1d:85:bb:2e:6b:82:26:e3:6c:50:21:
e5:4c:94:39:b7:ac:85:bd:84:02:14:65:8b:a9:d0:d3:1d:61:
27:7e:42:6b:a2:68:c3:bb:49:9d:91:e5:60:83:ba:b4:83:68:
86:96:29:65:82:9f:b8:92:eb:e6:b9:ee:c9:e7:8d:5e:61:5b:
3e:24:24:b7:bb:ed:51:08:ec:34:0c:16:d3:3e:f0:1d:a0:dc:
38:f2:e8:cc:de:bb:eb:a2:4b:c1:07:12:5f:e0:03:5c:c6:76:
03:a0:ab:d1:90:20:a2:ac:33:1d:1f:3c:60:d8:cc:aa:fd:a4:
9b:34:6f:91:70:ad:ac:6d:c0:83:85:c6:a8:6c:c4:2c:99:7f:
75:ee:64:e6:c8:12:29:d3:b7:b5:40:9b:31:51:33:e9:f3:48:
6c:18:db:8c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUA2zBoW4Ps0Nh269wxoE2GX/m6FcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0JBMTA4MjNDMjc5OTMyRDc1NzNCOTMwNjI1Q0QyODg0
NDMzQzc0NDAeFw0yNTAzMDEwNzU1MDBaFw0yNjAyMjgwODAwMDBaMDMxMTAvBgNV
BAMTKDExODcyOEVDNDYyNjEyQjE3QjE3NTc5NTE3RkUwN0E2Q0JGNEI5NEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDj1CcswzwxCF/AyuJ3hV9z/saZ
YSEwxRgc351W6DFu+cQRBwcGLC8/lTLHX8RaaoJu1e1wfHqxXnvJ4drDaJ9LPDDV
WdBhZdtGgV28iCRkiJModhaqpCapMzkjEdv6TJDnJHC55NRIz0UOyRPF62v8lU+d
2rJVsd6pr9yz6kd69UhllQCZHpyxq3GRKpLOOxg/k2aQBbUULXRMhpoGgzrdZ4YY
CeHrt7bomAh6y2ElyfQ076VIW1qKzi8WzPdwFieLVlM5GzWLYmTcwQJX5ISVJwPp
E8pRpj2VlXbOxrxmIVm4ehTf/Vbx79R7STuPMYdVcYtfDFutTz1hZbJN17ENAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUEYco7EYmErF7F1eVF/4Hpsv0uU4wHwYDVR0j
BBgwFoAUO6EII8J5ky11c7kwYlzSiEQzx0QwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
MmQ0OTE3OS00ZDhiLTRkMmQtYWJmNC00MzIzMWRlYjViMDEvMC8zQkExMDgyM0My
Nzk5MzJENzU3M0I5MzA2MjVDRDI4ODQ0MzNDNzQ0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvM0JBMTA4MjNDMjc5OTMyRDc1NzNCOTMwNjI1Q0QyODg0NDMz
Qzc0NC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzgyZDQ5MTc5LTRkOGItNGQyZC1h
YmY0LTQzMjMxZGViNWIwMS8wLzMxMzAzMzJlMzEzNzMwMmUzOTM2MmUzMDJmMzIz
MzJkMzIzMzIwM2QzZTIwMzEzNDMyMzMzNjM4LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ6pgMA0GCSqG
SIb3DQEBCwUAA4IBAQA0FccuXYPe6alILGiU4UKUEZbYD0QuZgyGjOv5EzN4h8ls
5hS0GeXzxd81jJk29gZn3gY1cax2yliZcWZNDq1rPIZ3OvCW4JO23qCKpTtBqSwf
8YwiNjw4WMA7Z4pnjX7yHYW7LmuCJuNsUCHlTJQ5t6yFvYQCFGWLqdDTHWEnfkJr
omjDu0mdkeVgg7q0g2iGlillgp+4kuvmue7J541eYVs+JCS3u+1RCOw0DBbTPvAd
oNw48ujM3rvrokvBBxJf4ANcxnYDoKvRkCCirDMdHzxg2Myq/aSbNG+RcK2sbcCD
hcaobMQsmX917mTmyBIp07e1QJsxUTPp80hsGNuM
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:30:34 2025 by rpki-client