Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/82d49179-4d8b-4d2d-abf4-43231deb5b01/0/3130332e3137302e39362e302f32342d3234203d3e20313432333638.roa
File: 3130332e3137302e39362e302f32342d3234203d3e20313432333638.roa (raw, json)
Hash identifier: w4V1rEatEsKd8iCkT+5VUEi6gaUfZgI24xqxd5TI3Io=
Subject key identifier: 7F:14:FF:82:6E:0B:C2:70:33:CD:C6:3A:99:4F:19:24:B6:7D:77:63
Certificate issuer: /CN=3BA10823C279932D7573B930625CD2884433C744
Certificate serial: 4584679ADB04AA44DD5724DBA0ED4798322628F9
Authority key identifier: 3B:A1:08:23:C2:79:93:2D:75:73:B9:30:62:5C:D2:88:44:33:C7:44
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3BA10823C279932D7573B930625CD2884433C744.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/82d49179-4d8b-4d2d-abf4-43231deb5b01/0/3130332e3137302e39362e302f32342d3234203d3e20313432333638.roa
Signing time: Sat 01 Mar 2025 11:00:00 +0000
ROA not before: Sat 01 Mar 2025 10:55:00 +0000
ROA not after: Sat 28 Feb 2026 11:00:00 +0000
asID: 142368
IP address blocks: 103.170.96.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:84:67:9a:db:04:aa:44:dd:57:24:db:a0:ed:47:98:32:26:28:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BA10823C279932D7573B930625CD2884433C744
Validity
Not Before: Mar 1 10:55:00 2025 GMT
Not After : Feb 28 11:00:00 2026 GMT
Subject: CN=7F14FF826E0BC27033CDC63A994F1924B67D7763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:94:19:9e:18:c6:54:9b:86:f2:65:4a:77:85:
12:ec:4c:64:a5:38:57:cc:4f:38:e1:4d:aa:92:86:
65:92:50:50:e5:2f:fc:5c:3b:53:0a:f9:98:9d:a4:
e3:91:eb:31:b1:5e:c5:60:83:fa:56:2f:32:1f:b1:
b2:f9:c4:b8:60:20:d3:77:99:77:1b:61:9d:c4:be:
d7:3b:5c:d7:ac:d8:eb:45:75:9d:4d:48:78:43:b0:
7b:38:3b:42:67:6a:38:cf:d0:b0:3b:d8:ff:31:4f:
cc:58:24:dd:03:54:05:e6:fd:a4:7f:a4:be:7a:74:
9a:84:20:64:42:96:c6:90:7e:a2:38:86:a4:e8:8c:
ad:05:36:79:e0:14:18:b8:19:91:ca:17:56:ea:8b:
50:d6:bd:15:96:fe:5b:28:1d:47:1f:cc:10:c1:72:
0a:ee:b3:0f:4b:86:3e:a6:9a:20:33:7f:83:33:ca:
c1:76:6e:79:07:a7:84:41:9a:fa:0f:32:0e:ce:27:
88:94:7b:8c:20:5d:a2:43:1a:c9:33:6b:5c:1b:ae:
01:74:f8:3d:34:40:ef:f3:3d:e8:90:f0:49:b5:3b:
68:74:24:6b:69:15:b3:8a:c1:64:25:80:69:5b:87:
b8:31:ce:fe:9b:85:ce:b6:76:0f:27:c3:b0:23:2d:
fb:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:14:FF:82:6E:0B:C2:70:33:CD:C6:3A:99:4F:19:24:B6:7D:77:63
X509v3 Authority Key Identifier:
keyid:3B:A1:08:23:C2:79:93:2D:75:73:B9:30:62:5C:D2:88:44:33:C7:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/82d49179-4d8b-4d2d-abf4-43231deb5b01/0/3BA10823C279932D7573B930625CD2884433C744.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3BA10823C279932D7573B930625CD2884433C744.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/82d49179-4d8b-4d2d-abf4-43231deb5b01/0/3130332e3137302e39362e302f32342d3234203d3e20313432333638.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.170.96.0/24
Signature Algorithm: sha256WithRSAEncryption
90:b8:2c:61:ef:8d:80:31:49:79:b1:dc:c5:dc:f4:56:e1:2b:
cf:b3:88:70:15:c6:99:af:53:e3:51:fd:1b:8c:98:36:c5:65:
72:f7:ed:eb:6d:cd:e7:bf:f6:f9:41:82:40:d2:86:fe:10:82:
7c:17:d5:03:e2:52:a1:a5:fb:64:3a:4d:4e:38:3b:63:48:ca:
35:d7:52:3a:52:93:49:04:d3:b5:38:e8:31:4b:a7:01:40:b0:
e9:c7:cc:b1:05:bf:d6:b3:7d:2f:7c:2f:ff:95:44:76:42:f0:
3a:8f:b9:b4:4b:fe:89:6a:b7:af:1d:a3:a0:3d:91:71:12:e8:
e4:8f:73:6d:6c:63:72:f3:02:49:5d:1e:18:a0:f4:bf:9a:06:
2e:a9:c5:e5:e3:71:99:13:87:d5:ba:a7:ad:e6:00:05:0a:24:
b3:43:37:10:f7:79:ff:84:9b:8e:66:8c:cd:92:41:fb:35:53:
69:ae:70:9d:a2:eb:9d:59:c6:21:74:6a:6b:b6:47:d9:00:96:
bd:40:d4:e9:5a:15:a6:5f:54:2b:aa:a1:94:1f:a0:fb:a2:86:
c9:91:71:c7:dc:cb:69:15:de:4c:02:a6:04:47:48:dc:5d:f6:
2c:34:ea:5a:07:c2:0f:a3:0f:50:11:6d:b6:e6:90:78:15:88:
ff:d9:43:45
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIURYRnmtsEqkTdVyTboO1HmDImKPkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0JBMTA4MjNDMjc5OTMyRDc1NzNCOTMwNjI1Q0QyODg0
NDMzQzc0NDAeFw0yNTAzMDExMDU1MDBaFw0yNjAyMjgxMTAwMDBaMDMxMTAvBgNV
BAMTKDdGMTRGRjgyNkUwQkMyNzAzM0NEQzYzQTk5NEYxOTI0QjY3RDc3NjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSlBmeGMZUm4byZUp3hRLsTGSl
OFfMTzjhTaqShmWSUFDlL/xcO1MK+ZidpOOR6zGxXsVgg/pWLzIfsbL5xLhgINN3
mXcbYZ3Evtc7XNes2OtFdZ1NSHhDsHs4O0JnajjP0LA72P8xT8xYJN0DVAXm/aR/
pL56dJqEIGRClsaQfqI4hqTojK0FNnngFBi4GZHKF1bqi1DWvRWW/lsoHUcfzBDB
cgrusw9Lhj6mmiAzf4MzysF2bnkHp4RBmvoPMg7OJ4iUe4wgXaJDGskza1wbrgF0
+D00QO/zPeiQ8Em1O2h0JGtpFbOKwWQlgGlbh7gxzv6bhc62dg8nw7AjLfs/AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUfxT/gm4LwnAzzcY6mU8ZJLZ9d2MwHwYDVR0j
BBgwFoAUO6EII8J5ky11c7kwYlzSiEQzx0QwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
MmQ0OTE3OS00ZDhiLTRkMmQtYWJmNC00MzIzMWRlYjViMDEvMC8zQkExMDgyM0My
Nzk5MzJENzU3M0I5MzA2MjVDRDI4ODQ0MzNDNzQ0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvM0JBMTA4MjNDMjc5OTMyRDc1NzNCOTMwNjI1Q0QyODg0NDMz
Qzc0NC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzgyZDQ5MTc5LTRkOGItNGQyZC1h
YmY0LTQzMjMxZGViNWIwMS8wLzMxMzAzMzJlMzEzNzMwMmUzOTM2MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNDMyMzMzNjM4LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ6pgMA0GCSqG
SIb3DQEBCwUAA4IBAQCQuCxh742AMUl5sdzF3PRW4SvPs4hwFcaZr1PjUf0bjJg2
xWVy9+3rbc3nv/b5QYJA0ob+EIJ8F9UD4lKhpftkOk1OODtjSMo111I6UpNJBNO1
OOgxS6cBQLDpx8yxBb/Ws30vfC//lUR2QvA6j7m0S/6JarevHaOgPZFxEujkj3Nt
bGNy8wJJXR4YoPS/mgYuqcXl43GZE4fVuqet5gAFCiSzQzcQ93n/hJuOZozNkkH7
NVNprnCdouudWcYhdGprtkfZAJa9QNTpWhWmX1QrqqGUH6D7oobJkXHH3MtpFd5M
AqYER0jcXfYsNOpaB8IPow9QEW225pB4FYj/2UNF
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:37:49 2025 by rpki-client