Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/96124329-ec20-4460-ac31-9c36cf94f3fb/0/323430363a376530303a35393a3a2f34382d3438203d3e20313430343035.roa
File: 323430363a376530303a35393a3a2f34382d3438203d3e20313430343035.roa (raw, json)
Hash identifier: gnvURXZkhn/FEj22B4ytqTMsZk8ZLC9E8Tq6VbTdHlg=
Subject key identifier: C2:88:B6:BC:83:A4:B9:EE:BA:C3:34:75:8B:03:01:13:05:A8:0B:94
Certificate issuer: /CN=8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F
Certificate serial: 3384FB629D5B3F45B7AC3975234DE6E853E07681
Authority key identifier: 8A:FE:BB:51:D0:0C:8E:06:AA:EA:84:2E:0C:0C:FF:C2:CA:B9:61:0F
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/96124329-ec20-4460-ac31-9c36cf94f3fb/0/323430363a376530303a35393a3a2f34382d3438203d3e20313430343035.roa
Signing time: Thu 27 Mar 2025 04:00:00 +0000
ROA not before: Thu 27 Mar 2025 03:55:00 +0000
ROA not after: Thu 26 Mar 2026 04:00:00 +0000
asID: 140405
IP address blocks: 2406:7e00:59::/48 maxlen: 48
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/96124329-ec20-4460-ac31-9c36cf94f3fb/0/8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F.crl
rsync://repo-rpki.idnic.net/repo/96124329-ec20-4460-ac31-9c36cf94f3fb/0/8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 12 Apr 2025 16:59:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:84:fb:62:9d:5b:3f:45:b7:ac:39:75:23:4d:e6:e8:53:e0:76:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F
Validity
Not Before: Mar 27 03:55:00 2025 GMT
Not After : Mar 26 04:00:00 2026 GMT
Subject: CN=C288B6BC83A4B9EEBAC334758B03011305A80B94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:32:fe:1a:39:79:dd:3e:fc:63:3f:a9:7e:f2:
9c:4c:64:b9:6e:b5:81:1f:3c:49:1d:ae:39:39:cc:
3f:c9:db:9e:1e:42:7d:7d:99:6f:f1:a3:a0:ca:2e:
fe:59:b3:f2:72:da:ce:ed:58:89:97:d1:28:fc:6c:
fc:61:0b:07:b8:83:a9:ae:84:90:6d:3f:84:45:d6:
9d:96:83:f2:13:c7:56:6f:82:c7:02:fa:c5:5b:03:
a1:87:13:e5:9c:bf:5a:7e:d8:a6:66:61:81:74:00:
bd:f0:36:77:1b:b7:1d:df:7e:a0:46:d8:e9:46:1d:
21:92:c6:52:33:e5:c0:d6:c0:67:f0:38:57:fe:dd:
7c:45:a1:d2:cd:f8:ae:1c:f5:a7:46:d2:fa:f8:4d:
c4:6a:04:b0:45:cf:51:9c:03:0d:f8:3e:1a:83:e1:
79:7c:84:6b:c5:f6:a9:d8:99:1b:fe:98:03:cf:13:
ea:36:34:78:e7:ea:07:f7:e1:b4:76:98:89:f8:06:
1b:8d:ae:ad:ec:51:f3:62:02:d5:85:05:2f:b3:1e:
dc:0d:83:a5:96:df:72:81:7a:4c:48:ea:d6:ac:52:
ba:91:1b:a1:95:b5:f8:4c:96:3b:36:e5:bc:d2:02:
20:aa:40:a4:b3:be:c4:75:82:75:c0:ee:ed:9c:11:
ca:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:88:B6:BC:83:A4:B9:EE:BA:C3:34:75:8B:03:01:13:05:A8:0B:94
X509v3 Authority Key Identifier:
keyid:8A:FE:BB:51:D0:0C:8E:06:AA:EA:84:2E:0C:0C:FF:C2:CA:B9:61:0F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/96124329-ec20-4460-ac31-9c36cf94f3fb/0/8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/96124329-ec20-4460-ac31-9c36cf94f3fb/0/323430363a376530303a35393a3a2f34382d3438203d3e20313430343035.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:7e00:59::/48
Signature Algorithm: sha256WithRSAEncryption
98:cf:40:61:d5:b9:9e:70:8a:2a:f8:57:b7:c6:77:f1:29:3b:
37:26:aa:14:58:a3:01:32:a1:d3:1a:28:b8:c9:08:e4:af:68:
f6:51:c3:e2:fa:a2:2c:b6:ec:58:56:fb:bd:86:25:5e:e4:db:
c5:4b:cd:4a:04:a0:32:32:4a:44:2e:d9:b8:c1:92:28:77:2a:
bf:c8:42:b4:52:0b:e1:3c:90:df:cd:68:0d:47:ff:f3:14:20:
c0:2c:b0:7d:35:40:ba:24:f6:e2:e2:0a:93:cf:45:30:71:39:
d0:50:43:36:87:b4:0e:44:57:e8:24:6b:57:f3:dd:77:2d:d8:
36:90:3b:8d:6e:1a:44:ba:bd:66:5f:ca:7e:ef:f2:30:01:a7:
f5:0b:ac:f1:fc:50:c0:02:cb:54:fc:92:f9:55:46:03:d5:d5:
90:18:48:da:83:2d:dd:04:9a:04:69:28:3f:a3:c6:c5:28:66:
ba:b2:29:b9:2f:c5:79:7c:8f:7b:ab:76:cf:20:16:ca:15:d3:
81:d2:9f:51:83:af:fb:cf:56:fa:7c:d4:fd:74:62:69:a1:09:
af:55:76:cd:6a:fa:36:15:45:d8:11:a5:fb:06:0a:2f:fe:87:
ef:f5:0a:0e:d3:41:f0:a6:8e:82:bc:3d:91:a3:3e:dd:1f:63:
89:14:bd:16
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUM4T7Yp1bP0W3rDl1I03m6FPgdoEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEFGRUJCNTFEMDBDOEUwNkFBRUE4NDJFMEMwQ0ZGQzJD
QUI5NjEwRjAeFw0yNTAzMjcwMzU1MDBaFw0yNjAzMjYwNDAwMDBaMDMxMTAvBgNV
BAMTKEMyODhCNkJDODNBNEI5RUVCQUMzMzQ3NThCMDMwMTEzMDVBODBCOTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiMv4aOXndPvxjP6l+8pxMZLlu
tYEfPEkdrjk5zD/J254eQn19mW/xo6DKLv5Zs/Jy2s7tWImX0Sj8bPxhCwe4g6mu
hJBtP4RF1p2Wg/ITx1ZvgscC+sVbA6GHE+Wcv1p+2KZmYYF0AL3wNncbtx3ffqBG
2OlGHSGSxlIz5cDWwGfwOFf+3XxFodLN+K4c9adG0vr4TcRqBLBFz1GcAw34PhqD
4Xl8hGvF9qnYmRv+mAPPE+o2NHjn6gf34bR2mIn4BhuNrq3sUfNiAtWFBS+zHtwN
g6WW33KBekxI6tasUrqRG6GVtfhMljs25bzSAiCqQKSzvsR1gnXA7u2cEcoZAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUwoi2vIOkue66wzR1iwMBEwWoC5QwHwYDVR0j
BBgwFoAUiv67UdAMjgaq6oQuDAz/wsq5YQ8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
NjEyNDMyOS1lYzIwLTQ0NjAtYWMzMS05YzM2Y2Y5NGYzZmIvMC84QUZFQkI1MUQw
MEM4RTA2QUFFQTg0MkUwQzBDRkZDMkNBQjk2MTBGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOEFGRUJCNTFEMDBDOEUwNkFBRUE4NDJFMEMwQ0ZGQzJDQUI5
NjEwRi5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk2MTI0MzI5LWVjMjAtNDQ2MC1h
YzMxLTljMzZjZjk0ZjNmYi8wLzMyMzQzMDM2M2EzNzY1MzAzMDNhMzUzOTNhM2Ey
ZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzQzMDM0MzAzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQGfgAA
WTANBgkqhkiG9w0BAQsFAAOCAQEAmM9AYdW5nnCKKvhXt8Z38Sk7NyaqFFijATKh
0xoouMkI5K9o9lHD4vqiLLbsWFb7vYYlXuTbxUvNSgSgMjJKRC7ZuMGSKHcqv8hC
tFIL4TyQ381oDUf/8xQgwCywfTVAuiT24uIKk89FMHE50FBDNoe0DkRX6CRrV/Pd
dy3YNpA7jW4aRLq9Zl/Kfu/yMAGn9Qus8fxQwALLVPyS+VVGA9XVkBhI2oMt3QSa
BGkoP6PGxShmurIpuS/FeXyPe6t2zyAWyhXTgdKfUYOv+89W+nzU/XRiaaEJr1V2
zWr6NhVF2BGl+wYKL/6H7/UKDtNB8KaOgrw9kaM+3R9jiRS9Fg==
-----END CERTIFICATE-----
Generated at Thu Apr 10 13:05:52 2025 by rpki-client