Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/8783ed28-5881-47da-ae66-e1db67942eb1/0/3130332e3232352e39372e302f32342d3234203d3e20313339343332.roa
File: 3130332e3232352e39372e302f32342d3234203d3e20313339343332.roa (raw, json)
Hash identifier: rwWXLno549FvBCR7UqrdCi7giNmOD5uuZTisrjvVg1w=
Subject key identifier: 38:8A:D8:8C:B6:C0:8E:50:DB:40:F8:41:87:32:E5:6F:51:99:20:96
Certificate issuer: /CN=3FF5F93CDAB2F666B963C41BB83ED3E35130D530
Certificate serial: 524D42B361353E9286ECA488CAEEC75D608A6322
Authority key identifier: 3F:F5:F9:3C:DA:B2:F6:66:B9:63:C4:1B:B8:3E:D3:E3:51:30:D5:30
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3FF5F93CDAB2F666B963C41BB83ED3E35130D530.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/8783ed28-5881-47da-ae66-e1db67942eb1/0/3130332e3232352e39372e302f32342d3234203d3e20313339343332.roa
Signing time: Fri 31 Jan 2025 07:02:48 +0000
ROA not before: Fri 31 Jan 2025 06:57:48 +0000
ROA not after: Fri 30 Jan 2026 07:02:48 +0000
asID: 139432
IP address blocks: 103.225.97.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:4d:42:b3:61:35:3e:92:86:ec:a4:88:ca:ee:c7:5d:60:8a:63:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3FF5F93CDAB2F666B963C41BB83ED3E35130D530
Validity
Not Before: Jan 31 06:57:48 2025 GMT
Not After : Jan 30 07:02:48 2026 GMT
Subject: CN=388AD88CB6C08E50DB40F8418732E56F51992096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:08:41:1c:c0:51:65:31:4c:03:c1:f0:e4:72:
73:2a:bf:a4:b2:4b:ed:53:79:0a:c3:44:7c:bd:fc:
3e:ce:6b:0f:fb:cc:32:75:3f:68:44:9b:b9:ab:3b:
95:69:c1:76:a9:cb:6f:aa:9c:85:2b:82:24:fd:e7:
30:12:d7:66:32:24:55:15:5f:7f:29:2d:ed:37:09:
3e:b2:c6:98:23:fc:55:bb:01:2e:ba:5d:44:48:53:
46:1b:ff:5a:63:32:8e:4e:a4:c8:6f:39:73:83:49:
bc:74:70:6f:ef:dd:f7:30:70:80:2f:08:df:8b:41:
d4:07:c1:48:02:a7:09:96:91:3d:ba:a2:a8:e9:f8:
86:8b:af:6b:eb:5c:e4:01:15:0b:ee:1d:72:47:01:
1e:21:a9:ec:48:f7:ba:b6:4f:57:a7:67:f3:41:9f:
27:fa:e1:07:70:e8:96:3f:7c:e5:77:99:51:87:66:
d7:2d:da:7f:51:28:a0:cd:3f:db:c3:64:5f:3c:29:
c2:e4:28:c9:56:42:c7:e4:f6:86:f4:4f:83:f4:72:
3d:d6:86:78:0b:b7:b1:4c:13:26:21:89:80:38:4b:
98:3d:1e:d7:30:48:34:14:70:1f:f4:06:b2:bf:5f:
2e:6e:3e:f3:28:c4:b9:a5:ed:c1:41:8d:3a:2f:d4:
df:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:8A:D8:8C:B6:C0:8E:50:DB:40:F8:41:87:32:E5:6F:51:99:20:96
X509v3 Authority Key Identifier:
keyid:3F:F5:F9:3C:DA:B2:F6:66:B9:63:C4:1B:B8:3E:D3:E3:51:30:D5:30
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/8783ed28-5881-47da-ae66-e1db67942eb1/0/3FF5F93CDAB2F666B963C41BB83ED3E35130D530.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3FF5F93CDAB2F666B963C41BB83ED3E35130D530.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8783ed28-5881-47da-ae66-e1db67942eb1/0/3130332e3232352e39372e302f32342d3234203d3e20313339343332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.225.97.0/24
Signature Algorithm: sha256WithRSAEncryption
03:1c:ed:01:e4:bc:5b:e0:38:1b:9b:a6:5c:7c:6a:af:81:bf:
c7:bb:9b:94:dc:62:dc:ec:2f:a3:19:8a:d4:15:d9:56:f1:85:
38:5c:8a:bb:37:a1:a5:c5:b8:46:be:15:73:b1:7f:77:50:49:
97:7d:71:2d:02:3b:42:20:31:a4:6d:62:26:c5:bf:7d:a9:6e:
e5:ad:5a:7e:aa:68:c3:d3:7e:6e:4e:cc:25:33:42:90:60:a5:
4f:b9:1c:81:89:71:fe:12:c6:02:01:f0:cb:f8:7f:cc:5e:c1:
fc:d7:c5:9d:e7:00:39:ad:eb:97:71:d9:c4:fc:37:29:bd:aa:
57:2d:37:5f:ec:64:c2:31:c9:87:17:cc:87:0a:4c:44:84:cf:
39:53:3f:64:af:8d:f8:67:76:65:cc:8d:aa:63:8b:68:6d:27:
f2:f2:7d:11:48:e6:a4:6e:56:38:a4:d7:8f:91:fc:ad:62:74:
9e:62:cd:c2:da:ac:14:43:b2:1d:7a:2c:98:a6:f8:fc:1c:a9:
30:90:0d:30:df:d6:4c:c9:5e:63:93:3c:2e:2b:6e:2c:5f:1f:
e6:a7:53:6b:49:e9:72:3d:03:d7:72:06:f9:16:d2:d9:d0:55:
9d:ea:95:6d:7a:45:c8:ee:fa:08:f3:b9:5b:9d:69:32:62:26:
2b:19:f0:aa
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUUk1Cs2E1PpKG7KSIyu7HXWCKYyIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0ZGNUY5M0NEQUIyRjY2NkI5NjNDNDFCQjgzRUQzRTM1
MTMwRDUzMDAeFw0yNTAxMzEwNjU3NDhaFw0yNjAxMzAwNzAyNDhaMDMxMTAvBgNV
BAMTKDM4OEFEODhDQjZDMDhFNTBEQjQwRjg0MTg3MzJFNTZGNTE5OTIwOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDECEEcwFFlMUwDwfDkcnMqv6Sy
S+1TeQrDRHy9/D7Oaw/7zDJ1P2hEm7mrO5VpwXapy2+qnIUrgiT95zAS12YyJFUV
X38pLe03CT6yxpgj/FW7AS66XURIU0Yb/1pjMo5OpMhvOXODSbx0cG/v3fcwcIAv
CN+LQdQHwUgCpwmWkT26oqjp+IaLr2vrXOQBFQvuHXJHAR4hqexI97q2T1enZ/NB
nyf64Qdw6JY/fOV3mVGHZtct2n9RKKDNP9vDZF88KcLkKMlWQsfk9ob0T4P0cj3W
hngLt7FMEyYhiYA4S5g9HtcwSDQUcB/0BrK/Xy5uPvMoxLml7cFBjTov1N8PAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUOIrYjLbAjlDbQPhBhzLlb1GZIJYwHwYDVR0j
BBgwFoAUP/X5PNqy9ma5Y8QbuD7T41Ew1TAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
NzgzZWQyOC01ODgxLTQ3ZGEtYWU2Ni1lMWRiNjc5NDJlYjEvMC8zRkY1RjkzQ0RB
QjJGNjY2Qjk2M0M0MUJCODNFRDNFMzUxMzBENTMwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvM0ZGNUY5M0NEQUIyRjY2NkI5NjNDNDFCQjgzRUQzRTM1MTMw
RDUzMC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzg3ODNlZDI4LTU4ODEtNDdkYS1h
ZTY2LWUxZGI2Nzk0MmViMS8wLzMxMzAzMzJlMzIzMjM1MmUzOTM3MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzM5MzQzMzMyLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ+FhMA0GCSqG
SIb3DQEBCwUAA4IBAQADHO0B5Lxb4Dgbm6ZcfGqvgb/Hu5uU3GLc7C+jGYrUFdlW
8YU4XIq7N6GlxbhGvhVzsX93UEmXfXEtAjtCIDGkbWImxb99qW7lrVp+qmjD035u
TswlM0KQYKVPuRyBiXH+EsYCAfDL+H/MXsH818Wd5wA5reuXcdnE/DcpvapXLTdf
7GTCMcmHF8yHCkxEhM85Uz9kr434Z3ZlzI2qY4tobSfy8n0RSOakblY4pNePkfyt
YnSeYs3C2qwUQ7IdeiyYpvj8HKkwkA0w39ZMyV5jkzwuK24sXx/mp1NrSelyPQPX
cgb5FtLZ0FWd6pVtekXI7voI87lbnWkyYiYrGfCq
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:48:59 2025 by rpki-client