Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/8b36e88d-d573-4cbb-b460-a0b969aa84d5/0/3130332e3133342e3232302e302f32322d3234203d3e20313338383130.roa
File: 3130332e3133342e3232302e302f32322d3234203d3e20313338383130.roa (raw, json)
Hash identifier: a0j+Ltb1OwQYKb/6hZFFds4zTZTzXuaHwZXrIiBf/Aw=
Subject key identifier: 72:5D:CB:88:16:FF:EF:20:10:51:DC:B8:69:54:51:FB:6A:D4:9F:0A
Certificate issuer: /CN=B3263D687D5BDFB2FB4E802AB3B003FCFD266B5C
Certificate serial: 3E57F806866BC5134AC100C5AD16C172D198C7AE
Authority key identifier: B3:26:3D:68:7D:5B:DF:B2:FB:4E:80:2A:B3:B0:03:FC:FD:26:6B:5C
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B3263D687D5BDFB2FB4E802AB3B003FCFD266B5C.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/8b36e88d-d573-4cbb-b460-a0b969aa84d5/0/3130332e3133342e3232302e302f32322d3234203d3e20313338383130.roa
Signing time: Mon 01 Jul 2024 01:04:51 +0000
ROA not before: Mon 01 Jul 2024 00:59:51 +0000
ROA not after: Mon 30 Jun 2025 01:04:51 +0000
asID: 138810
IP address blocks: 103.134.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/8b36e88d-d573-4cbb-b460-a0b969aa84d5/0/B3263D687D5BDFB2FB4E802AB3B003FCFD266B5C.crl
rsync://repo-rpki.idnic.net/repo/8b36e88d-d573-4cbb-b460-a0b969aa84d5/0/B3263D687D5BDFB2FB4E802AB3B003FCFD266B5C.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B3263D687D5BDFB2FB4E802AB3B003FCFD266B5C.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 17:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:57:f8:06:86:6b:c5:13:4a:c1:00:c5:ad:16:c1:72:d1:98:c7:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B3263D687D5BDFB2FB4E802AB3B003FCFD266B5C
Validity
Not Before: Jul 1 00:59:51 2024 GMT
Not After : Jun 30 01:04:51 2025 GMT
Subject: CN=725DCB8816FFEF201051DCB8695451FB6AD49F0A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:60:34:c3:d7:f2:1a:44:6b:ee:f5:6b:46:d5:
9e:de:54:e8:f7:44:07:ea:3f:02:4c:45:01:0f:cb:
91:88:f8:bb:6a:af:b6:73:db:f2:0d:90:a3:80:02:
7e:a8:bb:dd:5b:8d:3e:35:d4:d2:f5:9e:c1:b9:b9:
61:06:af:6b:8c:23:49:0b:dc:52:0a:5c:55:c9:51:
3e:e1:56:80:b0:b0:62:5e:d9:6b:25:25:58:71:35:
84:88:dd:d2:2b:fa:40:30:ab:70:d0:31:74:81:4a:
86:35:76:1c:54:71:ae:02:b3:29:d4:a6:32:0e:f7:
13:28:ad:25:92:2e:52:a4:e8:1b:11:46:26:a4:a3:
a8:f6:a4:77:77:33:8a:1d:15:a1:f3:b2:27:89:80:
96:32:47:08:23:f5:25:32:01:62:f5:eb:e3:0f:0b:
7a:59:27:82:80:dc:fb:a9:46:d2:64:c2:7e:03:ae:
ab:0d:9c:70:e3:dc:95:f5:9a:e6:77:86:31:79:9f:
64:9a:3b:a9:94:74:0c:e7:c1:c9:fb:13:ba:65:fa:
7d:4a:b9:31:8d:a8:0b:4a:a9:e7:01:22:b2:b0:6f:
98:71:70:42:9e:78:a4:00:55:1c:05:9d:fd:26:e6:
52:08:49:df:8a:f3:8e:c3:05:15:b2:ea:73:71:ef:
8d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:5D:CB:88:16:FF:EF:20:10:51:DC:B8:69:54:51:FB:6A:D4:9F:0A
X509v3 Authority Key Identifier:
keyid:B3:26:3D:68:7D:5B:DF:B2:FB:4E:80:2A:B3:B0:03:FC:FD:26:6B:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/8b36e88d-d573-4cbb-b460-a0b969aa84d5/0/B3263D687D5BDFB2FB4E802AB3B003FCFD266B5C.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B3263D687D5BDFB2FB4E802AB3B003FCFD266B5C.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8b36e88d-d573-4cbb-b460-a0b969aa84d5/0/3130332e3133342e3232302e302f32322d3234203d3e20313338383130.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.134.220.0/22
Signature Algorithm: sha256WithRSAEncryption
04:79:9c:1a:df:dd:41:d6:3e:fe:41:74:d2:2b:e8:df:f8:18:
55:d2:d5:6d:d4:b9:a6:09:33:db:91:01:f8:82:4c:bf:c4:57:
2e:f5:51:a3:6a:b0:36:b2:8a:31:42:3c:ee:3b:78:92:8b:20:
12:32:9c:33:f5:80:f5:bc:6d:20:db:3a:d4:7e:a0:b3:3f:ab:
d6:8b:29:e7:83:a6:ee:bb:eb:9b:6f:b6:71:4a:49:41:29:7a:
4d:8e:c2:de:8e:2c:b1:45:00:9a:87:c0:9d:83:a6:b3:7a:72:
d6:cc:5e:12:25:40:88:ab:ee:b1:e5:e3:a0:e4:6c:fc:de:34:
42:f5:0d:a3:67:06:1f:36:f6:4e:12:18:62:7e:86:cb:97:af:
02:f8:90:33:c3:d1:4c:8f:25:92:3c:e2:97:71:d5:43:43:c1:
53:84:d8:77:fe:a1:de:b4:82:77:9b:39:8e:12:fd:7b:20:94:
88:f9:7f:bb:8f:10:09:cd:84:cc:ed:97:47:12:7a:49:ec:e2:
ab:e3:ee:1d:6c:fd:64:05:09:f5:9c:54:83:1d:19:3e:60:9a:
dd:4b:e7:0a:2f:9b:4f:c5:f0:4a:f6:03:28:da:35:0e:69:be:
5c:e0:fe:d4:6f:39:52:29:6d:2b:f9:9b:83:57:a8:a0:ce:d3:
5b:dc:bc:77
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUPlf4BoZrxRNKwQDFrRbBctGYx64wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjMyNjNENjg3RDVCREZCMkZCNEU4MDJBQjNCMDAzRkNG
RDI2NkI1QzAeFw0yNDA3MDEwMDU5NTFaFw0yNTA2MzAwMTA0NTFaMDMxMTAvBgNV
BAMTKDcyNURDQjg4MTZGRkVGMjAxMDUxRENCODY5NTQ1MUZCNkFENDlGMEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyYDTD1/IaRGvu9WtG1Z7eVOj3
RAfqPwJMRQEPy5GI+Ltqr7Zz2/INkKOAAn6ou91bjT411NL1nsG5uWEGr2uMI0kL
3FIKXFXJUT7hVoCwsGJe2WslJVhxNYSI3dIr+kAwq3DQMXSBSoY1dhxUca4CsynU
pjIO9xMorSWSLlKk6BsRRiako6j2pHd3M4odFaHzsieJgJYyRwgj9SUyAWL16+MP
C3pZJ4KA3PupRtJkwn4DrqsNnHDj3JX1muZ3hjF5n2SaO6mUdAznwcn7E7pl+n1K
uTGNqAtKqecBIrKwb5hxcEKeeKQAVRwFnf0m5lIISd+K847DBRWy6nNx741ZAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUcl3LiBb/7yAQUdy4aVRR+2rUnwowHwYDVR0j
BBgwFoAUsyY9aH1b37L7ToAqs7AD/P0ma1wwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
YjM2ZTg4ZC1kNTczLTRjYmItYjQ2MC1hMGI5NjlhYTg0ZDUvMC9CMzI2M0Q2ODdE
NUJERkIyRkI0RTgwMkFCM0IwMDNGQ0ZEMjY2QjVDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjMyNjNENjg3RDVCREZCMkZCNEU4MDJBQjNCMDAzRkNGRDI2
NkI1Qy5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhiMzZlODhkLWQ1NzMtNGNiYi1i
NDYwLWEwYjk2OWFhODRkNS8wLzMxMzAzMzJlMzEzMzM0MmUzMjMyMzAyZTMwMmYz
MjMyMmQzMjM0MjAzZDNlMjAzMTMzMzgzODMxMzAucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJnhtwwDQYJ
KoZIhvcNAQELBQADggEBAAR5nBrf3UHWPv5BdNIr6N/4GFXS1W3UuaYJM9uRAfiC
TL/EVy71UaNqsDayijFCPO47eJKLIBIynDP1gPW8bSDbOtR+oLM/q9aLKeeDpu67
65tvtnFKSUEpek2Owt6OLLFFAJqHwJ2DprN6ctbMXhIlQIir7rHl46DkbPzeNEL1
DaNnBh829k4SGGJ+hsuXrwL4kDPD0UyPJZI84pdx1UNDwVOE2Hf+od60gnebOY4S
/XsglIj5f7uPEAnNhMztl0cSekns4qvj7h1s/WQFCfWcVIMdGT5gmt1L5wovm0/F
8Er2AyjaNQ5pvlzg/tRvOVIpbSv5m4NXqKDO01vcvHc=
-----END CERTIFICATE-----
Generated at Wed Apr 9 15:18:20 2025 by rpki-client