Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/904d0397-ffa0-4903-805f-084527bc430c/0/3130332e32322e3230342e302f32322d3234203d3e20313334363430.roa
File: 3130332e32322e3230342e302f32322d3234203d3e20313334363430.roa (raw, json)
Hash identifier: g1Ka7yfyJPbCamNmlkRkAf0k4fb7xbeQ8IZXUzIAW64=
Subject key identifier: 40:BA:A7:0B:3C:33:23:F1:3A:2D:58:91:F4:D3:63:94:2C:1B:E1:85
Certificate issuer: /CN=A075EFE65C596438427C6A22E60EB0A01ADEDA8A
Certificate serial: 5E294D297B617158A03FC5F382344742218BFDD4
Authority key identifier: A0:75:EF:E6:5C:59:64:38:42:7C:6A:22:E6:0E:B0:A0:1A:DE:DA:8A
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A075EFE65C596438427C6A22E60EB0A01ADEDA8A.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/904d0397-ffa0-4903-805f-084527bc430c/0/3130332e32322e3230342e302f32322d3234203d3e20313334363430.roa
Signing time: Wed 12 Feb 2025 11:00:00 +0000
ROA not before: Wed 12 Feb 2025 10:55:00 +0000
ROA not after: Wed 11 Feb 2026 11:00:00 +0000
asID: 134640
IP address blocks: 103.22.204.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:29:4d:29:7b:61:71:58:a0:3f:c5:f3:82:34:47:42:21:8b:fd:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A075EFE65C596438427C6A22E60EB0A01ADEDA8A
Validity
Not Before: Feb 12 10:55:00 2025 GMT
Not After : Feb 11 11:00:00 2026 GMT
Subject: CN=40BAA70B3C3323F13A2D5891F4D363942C1BE185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:57:b3:14:4b:d9:e2:59:ef:08:d6:d2:3e:26:
a7:cd:81:78:78:68:c8:74:d9:5b:01:b0:62:80:a8:
c4:b9:29:18:10:21:86:92:03:88:17:03:85:2c:72:
6c:58:83:b9:95:76:31:92:09:27:59:88:72:06:20:
a7:b7:e1:ff:fb:3b:8a:a4:e3:0f:c4:fb:1b:7e:8f:
9f:84:95:4e:7a:61:83:da:42:03:96:37:f1:f6:8d:
aa:14:d1:e5:39:03:a8:31:b8:5d:40:00:d6:5f:8a:
39:d9:98:3f:4b:c6:e5:f7:68:8f:fb:52:5c:c5:f2:
9e:05:48:31:36:e2:b4:16:6e:05:cb:cd:85:39:0a:
e4:24:0f:95:8c:b7:6f:f2:43:72:74:c5:d1:36:e5:
49:3f:bc:97:30:53:ff:d6:f6:4b:f7:d2:a0:37:57:
05:b3:a4:ad:85:4e:cc:d5:de:de:c1:d7:4d:d3:67:
43:ef:3d:99:44:22:30:2c:4f:72:3b:bd:cf:e8:14:
ec:29:e0:60:d4:99:05:f4:98:bb:98:31:44:24:c5:
12:46:fc:9a:ec:aa:d9:d0:6a:4f:d2:49:b6:b7:53:
31:e1:47:b0:18:07:45:24:4d:21:b9:38:92:14:f1:
13:a7:80:a7:04:6e:a0:4d:98:32:48:c0:f7:59:cb:
a4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:BA:A7:0B:3C:33:23:F1:3A:2D:58:91:F4:D3:63:94:2C:1B:E1:85
X509v3 Authority Key Identifier:
keyid:A0:75:EF:E6:5C:59:64:38:42:7C:6A:22:E6:0E:B0:A0:1A:DE:DA:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/904d0397-ffa0-4903-805f-084527bc430c/0/A075EFE65C596438427C6A22E60EB0A01ADEDA8A.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A075EFE65C596438427C6A22E60EB0A01ADEDA8A.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/904d0397-ffa0-4903-805f-084527bc430c/0/3130332e32322e3230342e302f32322d3234203d3e20313334363430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.22.204.0/22
Signature Algorithm: sha256WithRSAEncryption
74:17:bc:4c:9c:fc:7b:76:03:65:67:00:92:7c:9e:d2:74:d6:
60:87:31:0e:d8:7b:c1:e8:e8:a5:b9:f7:17:52:4e:91:66:d9:
44:bf:ae:c8:48:ce:9e:3e:ef:78:01:0f:fb:88:fa:7c:4b:0c:
f9:b5:79:b9:b2:30:ad:73:4b:e7:9b:ff:2d:41:aa:0f:ce:3f:
ea:2c:65:7d:4b:16:45:a5:33:4d:58:77:04:65:86:aa:cf:be:
2d:e7:5c:b8:76:66:ed:fd:0b:b9:5a:7a:cd:9b:63:b2:40:f5:
63:bd:45:95:37:e1:75:79:1a:e3:59:10:2d:00:a0:52:5a:1a:
31:16:57:06:4a:50:06:2b:8d:4b:fa:e1:65:1c:71:e3:b2:0a:
bd:4c:c9:20:31:dc:8d:d6:7f:ae:f8:26:55:f0:71:b9:a5:fd:
ba:59:7c:ff:c4:8f:f9:72:d8:68:65:86:8a:d0:ec:e8:99:37:
6c:bb:d5:c9:d5:3c:44:50:16:5d:98:8e:a2:3a:eb:5e:aa:67:
7a:57:68:0a:96:4f:e7:f1:9c:ad:55:57:f0:21:3a:9a:47:bf:
f6:5d:77:47:be:d0:c6:1f:a5:c8:f1:30:79:26:69:48:fb:96:
91:70:98:8f:8b:9e:bb:0a:7c:42:51:42:7d:46:66:48:f6:09:
51:28:27:37
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUXilNKXthcVigP8XzgjRHQiGL/dQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTA3NUVGRTY1QzU5NjQzODQyN0M2QTIyRTYwRUIwQTAx
QURFREE4QTAeFw0yNTAyMTIxMDU1MDBaFw0yNjAyMTExMTAwMDBaMDMxMTAvBgNV
BAMTKDQwQkFBNzBCM0MzMzIzRjEzQTJENTg5MUY0RDM2Mzk0MkMxQkUxODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSV7MUS9niWe8I1tI+JqfNgXh4
aMh02VsBsGKAqMS5KRgQIYaSA4gXA4UscmxYg7mVdjGSCSdZiHIGIKe34f/7O4qk
4w/E+xt+j5+ElU56YYPaQgOWN/H2jaoU0eU5A6gxuF1AANZfijnZmD9LxuX3aI/7
UlzF8p4FSDE24rQWbgXLzYU5CuQkD5WMt2/yQ3J0xdE25Uk/vJcwU//W9kv30qA3
VwWzpK2FTszV3t7B103TZ0PvPZlEIjAsT3I7vc/oFOwp4GDUmQX0mLuYMUQkxRJG
/JrsqtnQak/SSba3UzHhR7AYB0UkTSG5OJIU8ROngKcEbqBNmDJIwPdZy6S/AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUQLqnCzwzI/E6LViR9NNjlCwb4YUwHwYDVR0j
BBgwFoAUoHXv5lxZZDhCfGoi5g6woBre2oowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
MDRkMDM5Ny1mZmEwLTQ5MDMtODA1Zi0wODQ1MjdiYzQzMGMvMC9BMDc1RUZFNjVD
NTk2NDM4NDI3QzZBMjJFNjBFQjBBMDFBREVEQThBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQTA3NUVGRTY1QzU5NjQzODQyN0M2QTIyRTYwRUIwQTAxQURF
REE4QS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzkwNGQwMzk3LWZmYTAtNDkwMy04
MDVmLTA4NDUyN2JjNDMwYy8wLzMxMzAzMzJlMzIzMjJlMzIzMDM0MmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzEzMzM0MzYzNDMwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZxbMMA0GCSqG
SIb3DQEBCwUAA4IBAQB0F7xMnPx7dgNlZwCSfJ7SdNZghzEO2HvB6OilufcXUk6R
ZtlEv67ISM6ePu94AQ/7iPp8Swz5tXm5sjCtc0vnm/8tQaoPzj/qLGV9SxZFpTNN
WHcEZYaqz74t51y4dmbt/Qu5WnrNm2OyQPVjvUWVN+F1eRrjWRAtAKBSWhoxFlcG
SlAGK41L+uFlHHHjsgq9TMkgMdyN1n+u+CZV8HG5pf26WXz/xI/5cthoZYaK0Ozo
mTdsu9XJ1TxEUBZdmI6iOuteqmd6V2gKlk/n8ZytVVfwITqaR7/2XXdHvtDGH6XI
8TB5JmlI+5aRcJiPi567CnxCUUJ9RmZI9glRKCc3
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:10:12 2025 by rpki-client