Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/9dc1c49c-d404-45a1-9e7d-86f5f852e276/0/3130332e3137352e3234302e302f32332d3234203d3e203435333035.roa
File: 3130332e3137352e3234302e302f32332d3234203d3e203435333035.roa (raw, json)
Hash identifier: fdKLklGtOpTaZiKknSWtQhokJ8SyF+EacKH1Get3Tjc=
Subject key identifier: 54:BE:DA:AB:5A:68:8A:73:4D:CD:68:C4:D6:5B:9F:65:DF:18:95:DC
Certificate issuer: /CN=A9DD956A549689BA0A3E2FC62291352AAABD591B
Certificate serial: 5898199CD099A5A177F732041097E38E8E0DA02A
Authority key identifier: A9:DD:95:6A:54:96:89:BA:0A:3E:2F:C6:22:91:35:2A:AA:BD:59:1B
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A9DD956A549689BA0A3E2FC62291352AAABD591B.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/9dc1c49c-d404-45a1-9e7d-86f5f852e276/0/3130332e3137352e3234302e302f32332d3234203d3e203435333035.roa
Signing time: Mon 01 Jul 2024 04:33:46 +0000
ROA not before: Mon 01 Jul 2024 04:28:46 +0000
ROA not after: Mon 30 Jun 2025 04:33:46 +0000
asID: 45305
IP address blocks: 103.175.240.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/9dc1c49c-d404-45a1-9e7d-86f5f852e276/0/A9DD956A549689BA0A3E2FC62291352AAABD591B.crl
rsync://repo-rpki.idnic.net/repo/9dc1c49c-d404-45a1-9e7d-86f5f852e276/0/A9DD956A549689BA0A3E2FC62291352AAABD591B.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A9DD956A549689BA0A3E2FC62291352AAABD591B.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 14:32:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:98:19:9c:d0:99:a5:a1:77:f7:32:04:10:97:e3:8e:8e:0d:a0:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9DD956A549689BA0A3E2FC62291352AAABD591B
Validity
Not Before: Jul 1 04:28:46 2024 GMT
Not After : Jun 30 04:33:46 2025 GMT
Subject: CN=54BEDAAB5A688A734DCD68C4D65B9F65DF1895DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5e:bf:af:74:b7:b5:fc:f1:de:f9:a9:38:e4:
f2:60:00:c3:60:dd:bf:fc:2d:83:08:cf:04:3e:c5:
63:0d:89:5d:1a:8d:c3:74:2e:5b:79:eb:2a:42:44:
02:5b:65:61:cd:e4:88:27:c7:17:fb:b9:29:a9:66:
5e:6c:bb:64:7e:c1:da:41:90:9b:6e:ac:94:5e:41:
89:17:34:d5:d1:8c:ea:ca:78:20:4b:89:11:4c:f4:
98:14:84:f1:df:2b:d2:25:40:f5:81:33:fa:cc:c0:
fc:4a:51:b1:cc:42:90:e3:a6:fd:65:9a:43:d9:be:
b7:94:09:71:a8:0d:19:84:e2:29:5b:e1:59:e1:e0:
76:6c:ca:41:26:23:fe:6a:bc:f2:e2:61:a8:71:be:
de:0d:5a:86:61:ad:f7:b2:c6:86:76:a8:be:16:13:
a9:89:6f:ee:9b:92:51:8a:83:8b:c4:c6:af:ec:2d:
66:9b:80:89:0a:83:56:90:67:c5:e9:e6:ce:c4:6d:
03:ef:e8:2f:08:f1:3a:64:87:ed:23:41:85:bd:87:
5b:50:e6:26:69:5a:ed:43:3b:94:e5:69:80:13:4d:
05:90:9b:53:a8:6a:04:48:c4:16:2c:81:a2:8a:b8:
75:1a:16:1b:27:3e:d1:f2:50:2a:3a:86:5f:d1:a6:
6d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:BE:DA:AB:5A:68:8A:73:4D:CD:68:C4:D6:5B:9F:65:DF:18:95:DC
X509v3 Authority Key Identifier:
keyid:A9:DD:95:6A:54:96:89:BA:0A:3E:2F:C6:22:91:35:2A:AA:BD:59:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/9dc1c49c-d404-45a1-9e7d-86f5f852e276/0/A9DD956A549689BA0A3E2FC62291352AAABD591B.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A9DD956A549689BA0A3E2FC62291352AAABD591B.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/9dc1c49c-d404-45a1-9e7d-86f5f852e276/0/3130332e3137352e3234302e302f32332d3234203d3e203435333035.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.175.240.0/23
Signature Algorithm: sha256WithRSAEncryption
11:6f:88:df:8f:5b:4c:64:a2:ae:91:ab:57:a9:51:7e:4d:a4:
56:fb:55:70:c1:31:f7:cf:4a:a9:9c:ac:80:33:c6:2d:30:c3:
99:67:e7:ec:42:ce:3c:7a:65:46:bc:93:96:4a:71:b9:dd:14:
0b:2e:94:66:5a:19:b5:c5:50:c8:67:44:56:a6:d7:6b:aa:1d:
bf:4c:65:0d:bf:4f:46:41:34:8e:44:85:f2:50:95:53:a0:04:
96:03:7a:f8:ac:78:46:e4:b0:ee:63:d5:ac:bb:ca:22:87:cb:
5c:0c:8a:d3:4f:ef:80:4b:d3:aa:40:14:3d:01:a5:58:d3:ba:
3e:91:00:b1:79:8c:68:ae:58:99:6a:9c:8f:10:a6:fd:c0:9b:
58:8f:38:5f:ec:5e:c9:75:0b:a1:99:db:4d:28:32:64:be:f7:
ae:83:a0:49:1e:18:88:d8:96:dd:24:62:ab:2c:2f:aa:18:d6:
ab:0a:47:bd:4c:36:cc:63:59:2a:a9:85:ff:54:d8:96:a1:5f:
2a:1f:13:d2:3f:62:80:02:43:d5:e1:8f:8a:66:94:5a:d5:41:
b2:8d:36:ae:1f:a3:4a:40:8e:86:2d:b0:8c:06:d8:07:4d:45:
9c:10:cc:f5:cf:cb:a8:df:67:5b:44:00:ab:7c:06:cd:2f:c6:
29:d2:15:b2
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUWJgZnNCZpaF39zIEEJfjjo4NoCowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTlERDk1NkE1NDk2ODlCQTBBM0UyRkM2MjI5MTM1MkFB
QUJENTkxQjAeFw0yNDA3MDEwNDI4NDZaFw0yNTA2MzAwNDMzNDZaMDMxMTAvBgNV
BAMTKDU0QkVEQUFCNUE2ODhBNzM0RENENjhDNEQ2NUI5RjY1REYxODk1REMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsXr+vdLe1/PHe+ak45PJgAMNg
3b/8LYMIzwQ+xWMNiV0ajcN0Llt56ypCRAJbZWHN5Ignxxf7uSmpZl5su2R+wdpB
kJturJReQYkXNNXRjOrKeCBLiRFM9JgUhPHfK9IlQPWBM/rMwPxKUbHMQpDjpv1l
mkPZvreUCXGoDRmE4ilb4Vnh4HZsykEmI/5qvPLiYahxvt4NWoZhrfeyxoZ2qL4W
E6mJb+6bklGKg4vExq/sLWabgIkKg1aQZ8Xp5s7EbQPv6C8I8Tpkh+0jQYW9h1tQ
5iZpWu1DO5TlaYATTQWQm1OoagRIxBYsgaKKuHUaFhsnPtHyUCo6hl/Rpm0jAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUVL7aq1poinNNzWjE1lufZd8YldwwHwYDVR0j
BBgwFoAUqd2ValSWiboKPi/GIpE1Kqq9WRswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
ZGMxYzQ5Yy1kNDA0LTQ1YTEtOWU3ZC04NmY1Zjg1MmUyNzYvMC9BOUREOTU2QTU0
OTY4OUJBMEEzRTJGQzYyMjkxMzUyQUFBQkQ1OTFCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQTlERDk1NkE1NDk2ODlCQTBBM0UyRkM2MjI5MTM1MkFBQUJE
NTkxQi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzlkYzFjNDljLWQ0MDQtNDVhMS05
ZTdkLTg2ZjVmODUyZTI3Ni8wLzMxMzAzMzJlMzEzNzM1MmUzMjM0MzAyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzNDM1MzMzMDM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ6/wMA0GCSqG
SIb3DQEBCwUAA4IBAQARb4jfj1tMZKKukatXqVF+TaRW+1VwwTH3z0qpnKyAM8Yt
MMOZZ+fsQs48emVGvJOWSnG53RQLLpRmWhm1xVDIZ0RWptdrqh2/TGUNv09GQTSO
RIXyUJVToASWA3r4rHhG5LDuY9Wsu8oih8tcDIrTT++AS9OqQBQ9AaVY07o+kQCx
eYxorliZapyPEKb9wJtYjzhf7F7JdQuhmdtNKDJkvveug6BJHhiI2JbdJGKrLC+q
GNarCke9TDbMY1kqqYX/VNiWoV8qHxPSP2KAAkPV4Y+KZpRa1UGyjTauH6NKQI6G
LbCMBtgHTUWcEMz1z8uo32dbRACrfAbNL8Yp0hWy
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:39:06 2025 by rpki-client