Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/3130332e32392e342e302f32332d3233203d3e203338373533.roa
File: 3130332e32392e342e302f32332d3233203d3e203338373533.roa (raw, json)
Hash identifier: g/pHAZRmE5MRW94qZN+yAzAuuLvKZVY2nqLqj3t6jl0=
Subject key identifier: 94:3D:D3:DD:63:BB:07:FD:93:2C:CE:FD:10:BC:15:EA:D8:85:A7:67
Certificate issuer: /CN=11C9BA28534BA44999B4BA5D6B0F28E568DF6E14
Certificate serial: 23440CE00D5792390986D03222E5A92F4FADC55D
Authority key identifier: 11:C9:BA:28:53:4B:A4:49:99:B4:BA:5D:6B:0F:28:E5:68:DF:6E:14
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/3130332e32392e342e302f32332d3233203d3e203338373533.roa
Signing time: Tue 02 Jul 2024 08:03:17 +0000
ROA not before: Tue 02 Jul 2024 07:58:17 +0000
ROA not after: Tue 01 Jul 2025 08:03:17 +0000
asID: 38753
IP address blocks: 103.29.4.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:44:0c:e0:0d:57:92:39:09:86:d0:32:22:e5:a9:2f:4f:ad:c5:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11C9BA28534BA44999B4BA5D6B0F28E568DF6E14
Validity
Not Before: Jul 2 07:58:17 2024 GMT
Not After : Jul 1 08:03:17 2025 GMT
Subject: CN=943DD3DD63BB07FD932CCEFD10BC15EAD885A767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:49:4c:13:ec:b7:4c:7b:85:11:a8:95:8e:a8:
de:5d:c4:4f:f9:62:9e:14:25:df:92:f7:a6:fc:1d:
cf:4e:0b:89:7c:a1:75:b8:32:c9:17:84:08:a4:7c:
72:cc:5c:da:15:6a:92:85:45:89:cd:43:96:e0:cb:
29:fe:dd:2f:28:5e:e8:ea:13:0e:52:18:bd:cd:29:
a5:6a:ae:0d:61:44:a2:9f:a5:43:a6:d0:03:73:1a:
5f:f7:c1:78:bd:7c:29:6f:b1:0b:70:61:9e:36:ee:
e4:d7:82:bf:b7:47:54:93:bd:9e:15:b6:21:be:c7:
6b:cd:0b:33:4c:c6:88:e9:ad:31:f4:93:5c:6d:93:
bd:6c:6c:83:51:2a:24:6b:41:3d:01:8a:8f:d4:13:
0a:1b:f7:0d:9c:84:ee:90:b2:f2:34:36:34:3b:ef:
09:6d:06:36:7e:2a:aa:15:8c:d2:47:51:d9:1e:57:
35:2b:dc:4b:60:c8:45:4a:90:a3:3b:38:7c:37:da:
e3:36:a2:c8:8d:2e:b2:5e:1d:44:80:2f:79:e3:5d:
97:e1:74:8b:6e:af:5c:2b:21:97:86:b8:25:a3:7a:
86:89:e1:66:26:e9:68:24:ea:06:18:5c:80:b1:35:
8e:4c:7a:39:05:0b:4d:e2:68:28:22:b4:96:fe:a2:
5f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:3D:D3:DD:63:BB:07:FD:93:2C:CE:FD:10:BC:15:EA:D8:85:A7:67
X509v3 Authority Key Identifier:
keyid:11:C9:BA:28:53:4B:A4:49:99:B4:BA:5D:6B:0F:28:E5:68:DF:6E:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/3130332e32392e342e302f32332d3233203d3e203338373533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.29.4.0/23
Signature Algorithm: sha256WithRSAEncryption
63:d2:7b:11:d1:79:fc:8f:3d:de:ff:16:ce:c2:99:50:bb:a0:
3e:35:58:c2:83:6a:9f:8d:8b:97:3e:c6:e0:47:d7:45:6f:a5:
67:8e:f2:8e:cc:42:81:30:d6:6e:a6:02:7a:c0:dc:f4:83:6f:
14:98:d4:b3:02:6c:3e:82:9c:70:c5:72:2c:27:fc:7a:34:46:
ba:2a:d8:9e:75:ad:c8:43:70:2c:1d:3b:6e:2a:99:b2:04:75:
1e:6d:dc:05:5d:00:3c:a3:32:be:32:31:e1:f8:52:40:3f:8a:
0c:a8:2e:f3:f2:21:01:7f:e8:7b:c7:41:6d:e1:3a:55:39:9e:
7f:12:ec:5a:76:7e:c4:01:98:ba:8a:40:ad:0a:b9:72:c5:88:
a5:80:d9:d8:3e:cd:61:2a:3d:35:83:bf:48:5b:da:99:1c:5a:
43:e0:22:ed:e6:52:74:1a:81:dc:59:85:58:72:16:b0:22:92:
c7:20:8d:f0:eb:30:48:8b:da:9f:5d:74:05:43:f0:54:73:99:
eb:93:26:24:a6:e5:66:51:64:95:63:ee:3d:07:7f:a0:3e:f0:
27:1f:6c:25:46:52:be:5e:f0:3e:64:a5:b4:4e:65:05:bc:3e:
05:7d:7a:d6:72:dd:2b:34:c0:2e:21:eb:7d:78:11:43:27:91:
88:9c:96:14
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUI0QM4A1XkjkJhtAyIuWpL0+txV0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFDOUJBMjg1MzRCQTQ0OTk5QjRCQTVENkIwRjI4RTU2
OERGNkUxNDAeFw0yNDA3MDIwNzU4MTdaFw0yNTA3MDEwODAzMTdaMDMxMTAvBgNV
BAMTKDk0M0REM0RENjNCQjA3RkQ5MzJDQ0VGRDEwQkMxNUVBRDg4NUE3NjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqSUwT7LdMe4URqJWOqN5dxE/5
Yp4UJd+S96b8Hc9OC4l8oXW4MskXhAikfHLMXNoVapKFRYnNQ5bgyyn+3S8oXujq
Ew5SGL3NKaVqrg1hRKKfpUOm0ANzGl/3wXi9fClvsQtwYZ427uTXgr+3R1STvZ4V
tiG+x2vNCzNMxojprTH0k1xtk71sbINRKiRrQT0Bio/UEwob9w2chO6QsvI0NjQ7
7wltBjZ+KqoVjNJHUdkeVzUr3EtgyEVKkKM7OHw32uM2osiNLrJeHUSAL3njXZfh
dItur1wrIZeGuCWjeoaJ4WYm6Wgk6gYYXICxNY5MejkFC03iaCgitJb+ol/vAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUlD3T3WO7B/2TLM79ELwV6tiFp2cwHwYDVR0j
BBgwFoAUEcm6KFNLpEmZtLpdaw8o5WjfbhQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
MDZiNjY3My00N2ExLTQ1ZTUtYjZjMi00MmFiOGI0NzYyNDkvMC8xMUM5QkEyODUz
NEJBNDQ5OTlCNEJBNUQ2QjBGMjhFNTY4REY2RTE0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTFDOUJBMjg1MzRCQTQ0OTk5QjRCQTVENkIwRjI4RTU2OERG
NkUxNC5jZXIwgZ0GCCsGAQUFBwELBIGQMIGNMIGKBggrBgEFBQcwC4Z+cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTA2YjY2NzMtNDdhMS00NWU1LWI2
YzItNDJhYjhiNDc2MjQ5LzAvMzEzMDMzMmUzMjM5MmUzNDJlMzAyZjMyMzMyZDMy
MzMyMDNkM2UyMDMzMzgzNzM1MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnHQQwDQYJKoZIhvcNAQEL
BQADggEBAGPSexHRefyPPd7/Fs7CmVC7oD41WMKDap+Ni5c+xuBH10VvpWeO8o7M
QoEw1m6mAnrA3PSDbxSY1LMCbD6CnHDFciwn/Ho0Rroq2J51rchDcCwdO24qmbIE
dR5t3AVdADyjMr4yMeH4UkA/igyoLvPyIQF/6HvHQW3hOlU5nn8S7Fp2fsQBmLqK
QK0KuXLFiKWA2dg+zWEqPTWDv0hb2pkcWkPgIu3mUnQagdxZhVhyFrAikscgjfDr
MEiL2p9ddAVD8FRzmeuTJiSm5WZRZJVj7j0Hf6A+8CcfbCVGUr5e8D5kpbROZQW8
PgV9etZy3Ss0wC4h6314EUMnkYiclhQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:50:41 2025 by rpki-client