Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/9036e07c-8283-43d3-9164-3e0e6cacf499/0/3130332e3135382e3233342e302f32342d3234203d3e20313431383938.roa
File: 3130332e3135382e3233342e302f32342d3234203d3e20313431383938.roa (raw, json)
Hash identifier: D2U2OhiX4JpcmakIWdkjvlLoKPGy8UFmuSAMLEyoyEQ=
Subject key identifier: 02:6D:08:C8:98:1E:C0:57:E3:51:0E:60:07:03:28:6D:ED:8E:D1:8B
Certificate issuer: /CN=B563D708A094B24FC361EDD11C91EE7979AB0471
Certificate serial: 33153F97302481264A20E62868A2985C56C0A820
Authority key identifier: B5:63:D7:08:A0:94:B2:4F:C3:61:ED:D1:1C:91:EE:79:79:AB:04:71
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B563D708A094B24FC361EDD11C91EE7979AB0471.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/9036e07c-8283-43d3-9164-3e0e6cacf499/0/3130332e3135382e3233342e302f32342d3234203d3e20313431383938.roa
Signing time: Thu 21 Nov 2024 10:00:02 +0000
ROA not before: Thu 21 Nov 2024 09:55:02 +0000
ROA not after: Thu 20 Nov 2025 10:00:02 +0000
asID: 141898
IP address blocks: 103.158.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/9036e07c-8283-43d3-9164-3e0e6cacf499/0/B563D708A094B24FC361EDD11C91EE7979AB0471.crl
rsync://repo-rpki.idnic.net/repo/9036e07c-8283-43d3-9164-3e0e6cacf499/0/B563D708A094B24FC361EDD11C91EE7979AB0471.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B563D708A094B24FC361EDD11C91EE7979AB0471.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 12:24:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:15:3f:97:30:24:81:26:4a:20:e6:28:68:a2:98:5c:56:c0:a8:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B563D708A094B24FC361EDD11C91EE7979AB0471
Validity
Not Before: Nov 21 09:55:02 2024 GMT
Not After : Nov 20 10:00:02 2025 GMT
Subject: CN=026D08C8981EC057E3510E600703286DED8ED18B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:57:e3:fb:ba:c2:5e:0e:6a:45:d3:4b:c9:5c:
32:3e:10:68:d2:f3:d9:41:f6:94:4b:aa:a6:aa:77:
59:92:f1:e4:b9:47:f2:b1:2e:88:97:04:10:ff:8b:
16:4a:1b:44:00:bc:9a:df:8c:14:ab:15:ed:76:38:
47:50:3c:0d:94:a2:fe:17:b9:63:17:f7:6e:0f:b6:
f4:22:a3:72:ca:b4:0a:30:14:f6:ae:46:ea:b3:82:
d7:80:b7:45:9b:33:e0:6c:2a:c6:e6:b9:7d:53:0c:
0e:20:b3:5b:61:1e:8b:7d:1c:8c:13:15:bc:b2:6d:
37:bd:e4:ea:d9:78:21:cc:24:1d:6c:22:c8:2f:f8:
31:c1:2d:33:df:62:f3:6d:e7:ba:7a:41:c3:a2:9e:
cf:9e:2e:97:33:49:7f:cc:46:d7:c3:de:fa:92:fd:
0f:29:f4:89:a5:bc:86:ae:06:d4:c0:32:65:4f:29:
f0:02:31:0d:1c:a5:e7:11:19:15:76:17:64:c8:c6:
77:99:b0:79:ca:98:f8:0e:97:1b:4e:5d:fd:ee:02:
0f:a6:a1:ae:14:58:2d:d2:83:fe:69:49:5f:d1:4f:
01:9c:d7:b5:2f:7a:98:f4:bf:0d:5b:af:2e:df:91:
be:c9:29:ae:97:10:6e:f3:3b:a0:b4:df:b0:08:16:
76:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:6D:08:C8:98:1E:C0:57:E3:51:0E:60:07:03:28:6D:ED:8E:D1:8B
X509v3 Authority Key Identifier:
keyid:B5:63:D7:08:A0:94:B2:4F:C3:61:ED:D1:1C:91:EE:79:79:AB:04:71
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/9036e07c-8283-43d3-9164-3e0e6cacf499/0/B563D708A094B24FC361EDD11C91EE7979AB0471.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B563D708A094B24FC361EDD11C91EE7979AB0471.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/9036e07c-8283-43d3-9164-3e0e6cacf499/0/3130332e3135382e3233342e302f32342d3234203d3e20313431383938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.158.234.0/24
Signature Algorithm: sha256WithRSAEncryption
44:f4:c0:00:66:02:81:3e:d8:ef:85:91:d0:6e:ef:68:fa:a6:
74:e0:72:5f:8b:e7:ba:59:91:1f:fa:fb:3f:32:f7:c6:da:d9:
25:98:99:1d:8f:32:ca:bc:a2:10:66:d8:d9:cf:67:04:3a:bd:
6a:ca:2a:5b:6a:72:5e:60:0f:33:4c:fa:bb:56:6d:d8:a1:66:
dd:7d:bd:aa:98:e9:11:c5:a1:67:ba:b1:b8:51:cd:1f:ec:cc:
da:16:05:6c:25:e8:9a:ab:76:01:79:08:b4:a0:b0:3a:df:66:
75:5b:65:50:ab:87:25:54:45:aa:9a:d5:97:d4:79:1b:48:57:
b2:1c:29:f2:38:36:1c:31:14:eb:3e:42:ed:88:29:c1:5e:31:
e1:24:29:76:6a:00:53:bd:20:21:56:2e:49:d2:75:d2:79:05:
61:84:a7:c7:18:08:c0:47:9d:81:49:67:0c:b6:ec:18:87:de:
2c:c5:88:dc:4d:62:67:18:fb:fc:00:c3:7d:33:11:af:ef:03:
48:0f:b7:0b:62:0b:ce:28:c4:30:f4:94:80:f5:66:ed:4c:6e:
72:bd:bc:a2:44:f4:3d:65:ff:cb:8f:7d:67:43:8a:dc:df:31:
1d:71:31:54:7d:9a:ba:b2:8d:78:39:26:c0:ee:ca:73:6b:78:
2b:67:bc:f0
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUMxU/lzAkgSZKIOYoaKKYXFbAqCAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjU2M0Q3MDhBMDk0QjI0RkMzNjFFREQxMUM5MUVFNzk3
OUFCMDQ3MTAeFw0yNDExMjEwOTU1MDJaFw0yNTExMjAxMDAwMDJaMDMxMTAvBgNV
BAMTKDAyNkQwOEM4OTgxRUMwNTdFMzUxMEU2MDA3MDMyODZERUQ4RUQxOEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvV+P7usJeDmpF00vJXDI+EGjS
89lB9pRLqqaqd1mS8eS5R/KxLoiXBBD/ixZKG0QAvJrfjBSrFe12OEdQPA2Uov4X
uWMX924PtvQio3LKtAowFPauRuqzgteAt0WbM+BsKsbmuX1TDA4gs1thHot9HIwT
FbyybTe95OrZeCHMJB1sIsgv+DHBLTPfYvNt57p6QcOins+eLpczSX/MRtfD3vqS
/Q8p9ImlvIauBtTAMmVPKfACMQ0cpecRGRV2F2TIxneZsHnKmPgOlxtOXf3uAg+m
oa4UWC3Sg/5pSV/RTwGc17Uvepj0vw1bry7fkb7JKa6XEG7zO6C037AIFnYNAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUAm0IyJgewFfjUQ5gBwMobe2O0YswHwYDVR0j
BBgwFoAUtWPXCKCUsk/DYe3RHJHueXmrBHEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
MDM2ZTA3Yy04MjgzLTQzZDMtOTE2NC0zZTBlNmNhY2Y0OTkvMC9CNTYzRDcwOEEw
OTRCMjRGQzM2MUVERDExQzkxRUU3OTc5QUIwNDcxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjU2M0Q3MDhBMDk0QjI0RkMzNjFFREQxMUM5MUVFNzk3OUFC
MDQ3MS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzkwMzZlMDdjLTgyODMtNDNkMy05
MTY0LTNlMGU2Y2FjZjQ5OS8wLzMxMzAzMzJlMzEzNTM4MmUzMjMzMzQyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM0MzEzODM5Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnnuowDQYJ
KoZIhvcNAQELBQADggEBAET0wABmAoE+2O+FkdBu72j6pnTgcl+L57pZkR/6+z8y
98ba2SWYmR2PMsq8ohBm2NnPZwQ6vWrKKltqcl5gDzNM+rtWbdihZt19vaqY6RHF
oWe6sbhRzR/szNoWBWwl6JqrdgF5CLSgsDrfZnVbZVCrhyVURaqa1ZfUeRtIV7Ic
KfI4NhwxFOs+Qu2IKcFeMeEkKXZqAFO9ICFWLknSddJ5BWGEp8cYCMBHnYFJZwy2
7BiH3izFiNxNYmcY+/wAw30zEa/vA0gPtwtiC84oxDD0lID1Zu1MbnK9vKJE9D1l
/8uPfWdDitzfMR1xMVR9mrqyjXg5JsDuynNreCtnvPA=
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:49:30 2025 by rpki-client