Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/3130332e32392e362e302f32332d3233203d3e203338373533.roa
File: 3130332e32392e362e302f32332d3233203d3e203338373533.roa (raw, json)
Hash identifier: CLrQY1BQKD2fLojDo9h/pFnA/W4A0rb6S6kVVBQHkKA=
Subject key identifier: 07:31:3C:49:A2:1E:95:B9:E4:18:08:4E:6A:77:39:57:97:17:BF:37
Certificate issuer: /CN=11C9BA28534BA44999B4BA5D6B0F28E568DF6E14
Certificate serial: 409DD10AC1F08E9B7BC28C6C3875BC79BF39A350
Authority key identifier: 11:C9:BA:28:53:4B:A4:49:99:B4:BA:5D:6B:0F:28:E5:68:DF:6E:14
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/3130332e32392e362e302f32332d3233203d3e203338373533.roa
Signing time: Tue 02 Jul 2024 08:03:19 +0000
ROA not before: Tue 02 Jul 2024 07:58:19 +0000
ROA not after: Tue 01 Jul 2025 08:03:19 +0000
asID: 38753
IP address blocks: 103.29.6.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:9d:d1:0a:c1:f0:8e:9b:7b:c2:8c:6c:38:75:bc:79:bf:39:a3:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11C9BA28534BA44999B4BA5D6B0F28E568DF6E14
Validity
Not Before: Jul 2 07:58:19 2024 GMT
Not After : Jul 1 08:03:19 2025 GMT
Subject: CN=07313C49A21E95B9E418084E6A7739579717BF37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:18:be:04:9a:96:7d:4b:9f:ee:23:3d:ff:1e:
c0:6d:92:92:a7:a3:48:f6:3b:84:b7:00:b5:3d:08:
d4:72:05:37:3d:1e:5c:4f:87:ec:8d:fc:b2:10:f4:
0d:18:e1:f9:5f:61:17:e7:52:f9:52:f8:53:48:59:
11:ab:07:3b:a5:bb:a6:b9:87:1d:0b:f5:c7:5f:dc:
0f:7f:26:68:a3:e6:73:3d:97:5d:f5:58:f3:c1:16:
17:34:49:0c:ab:d3:2c:4c:cd:a3:1c:c1:a3:83:c0:
24:cb:cf:11:be:98:2a:e1:03:59:44:75:7b:f4:64:
3b:7f:0d:b2:82:c8:ee:37:25:2c:28:47:96:8b:e9:
88:82:04:eb:3f:e2:4e:d1:a5:20:ac:75:06:ea:63:
f1:6b:c4:2f:7d:81:cd:27:9e:99:ef:fd:39:5c:f5:
d2:36:1f:23:a0:a3:5d:28:59:92:1d:a9:7c:e3:69:
44:9e:0c:f1:a9:e5:3d:13:c1:ed:b6:3d:8e:1f:d2:
7c:d9:da:0e:2e:36:fc:87:3f:ff:6b:07:4d:b4:27:
70:16:8e:b7:20:21:c4:a4:11:f4:0e:35:78:e6:a4:
84:a4:b1:47:ec:c2:67:3a:2c:99:0b:62:ac:9d:9d:
6e:e2:07:c1:87:ff:e9:df:70:0d:4d:be:aa:c6:1e:
fa:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:31:3C:49:A2:1E:95:B9:E4:18:08:4E:6A:77:39:57:97:17:BF:37
X509v3 Authority Key Identifier:
keyid:11:C9:BA:28:53:4B:A4:49:99:B4:BA:5D:6B:0F:28:E5:68:DF:6E:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/3130332e32392e362e302f32332d3233203d3e203338373533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.29.6.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:6c:90:7c:9f:8b:dc:09:8a:21:6e:1c:0e:c2:58:7b:72:b2:
c4:95:5e:83:6d:26:57:4e:1e:ec:2b:09:b0:2e:22:9c:f1:2d:
04:64:3b:5f:7e:26:52:e1:d4:3a:51:2a:00:21:de:8d:c8:ff:
1d:99:1b:97:55:50:3a:34:35:40:54:8f:3f:91:d6:25:e3:3d:
4b:a8:be:92:1f:f9:58:4c:21:28:ff:09:7f:82:ee:9f:4e:31:
99:c9:0e:ca:c1:03:5a:24:10:58:f6:5d:e5:e8:9f:a1:23:e7:
68:a7:39:3a:aa:60:2a:bc:2f:e9:93:65:1a:ce:a3:f8:e4:87:
04:5d:c1:28:4a:4e:e2:eb:dd:b9:53:b8:02:8c:4d:e0:10:43:
47:65:40:e5:94:d6:be:37:5c:cd:51:96:e1:c5:b6:f3:40:50:
7d:68:04:f6:be:ef:30:d2:fb:3a:db:c3:64:89:29:e0:82:d7:
9f:15:d3:0c:1a:c1:6a:3f:26:5b:1a:3c:81:c2:46:20:59:16:
58:c3:9c:e4:51:4d:f7:6b:fc:bb:3c:c2:12:3d:ed:19:6c:0c:
3d:45:7b:f5:56:5a:a7:ea:d2:5b:ea:5b:97:a7:d0:f2:bd:03:
73:97:b1:dc:fb:39:b7:45:c3:81:a1:7f:85:ed:10:9a:9d:32:
97:a3:02:b4
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUQJ3RCsHwjpt7woxsOHW8eb85o1AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFDOUJBMjg1MzRCQTQ0OTk5QjRCQTVENkIwRjI4RTU2
OERGNkUxNDAeFw0yNDA3MDIwNzU4MTlaFw0yNTA3MDEwODAzMTlaMDMxMTAvBgNV
BAMTKDA3MzEzQzQ5QTIxRTk1QjlFNDE4MDg0RTZBNzczOTU3OTcxN0JGMzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9GL4EmpZ9S5/uIz3/HsBtkpKn
o0j2O4S3ALU9CNRyBTc9HlxPh+yN/LIQ9A0Y4flfYRfnUvlS+FNIWRGrBzulu6a5
hx0L9cdf3A9/Jmij5nM9l131WPPBFhc0SQyr0yxMzaMcwaODwCTLzxG+mCrhA1lE
dXv0ZDt/DbKCyO43JSwoR5aL6YiCBOs/4k7RpSCsdQbqY/FrxC99gc0nnpnv/Tlc
9dI2HyOgo10oWZIdqXzjaUSeDPGp5T0Twe22PY4f0nzZ2g4uNvyHP/9rB020J3AW
jrcgIcSkEfQONXjmpISksUfswmc6LJkLYqydnW7iB8GH/+nfcA1NvqrGHvpnAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUBzE8SaIelbnkGAhOanc5V5cXvzcwHwYDVR0j
BBgwFoAUEcm6KFNLpEmZtLpdaw8o5WjfbhQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
MDZiNjY3My00N2ExLTQ1ZTUtYjZjMi00MmFiOGI0NzYyNDkvMC8xMUM5QkEyODUz
NEJBNDQ5OTlCNEJBNUQ2QjBGMjhFNTY4REY2RTE0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTFDOUJBMjg1MzRCQTQ0OTk5QjRCQTVENkIwRjI4RTU2OERG
NkUxNC5jZXIwgZ0GCCsGAQUFBwELBIGQMIGNMIGKBggrBgEFBQcwC4Z+cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTA2YjY2NzMtNDdhMS00NWU1LWI2
YzItNDJhYjhiNDc2MjQ5LzAvMzEzMDMzMmUzMjM5MmUzNjJlMzAyZjMyMzMyZDMy
MzMyMDNkM2UyMDMzMzgzNzM1MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnHQYwDQYJKoZIhvcNAQEL
BQADggEBABtskHyfi9wJiiFuHA7CWHtyssSVXoNtJldOHuwrCbAuIpzxLQRkO19+
JlLh1DpRKgAh3o3I/x2ZG5dVUDo0NUBUjz+R1iXjPUuovpIf+VhMISj/CX+C7p9O
MZnJDsrBA1okEFj2XeXon6Ej52inOTqqYCq8L+mTZRrOo/jkhwRdwShKTuLr3blT
uAKMTeAQQ0dlQOWU1r43XM1RluHFtvNAUH1oBPa+7zDS+zrbw2SJKeCC158V0wwa
wWo/JlsaPIHCRiBZFljDnORRTfdr/Ls8whI97RlsDD1Fe/VWWqfq0lvqW5en0PK9
A3OXsdz7ObdFw4Ghf4XtEJqdMpejArQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:50:31 2025 by rpki-client