Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a198f7f8-e715-4b79-af32-2e51541a34ff/0/3130332e3135392e3131332e302f32342d3234203d3e20313431363032.roa
File: 3130332e3135392e3131332e302f32342d3234203d3e20313431363032.roa (raw, json)
Hash identifier: 9I+AAYT9jscAtTdglfuTXpyY3wCIeAY04o0CINXU2Js=
Subject key identifier: 86:7B:8E:CC:C2:0A:14:3C:F0:08:5B:04:E9:A6:BE:9E:F2:FC:29:AF
Certificate issuer: /CN=A00E9E21EE9327F05930AF9DD5847A98BCE26C66
Certificate serial: 48DD59B76D4322D260BF3A6A9C0415F08D65B441
Authority key identifier: A0:0E:9E:21:EE:93:27:F0:59:30:AF:9D:D5:84:7A:98:BC:E2:6C:66
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A00E9E21EE9327F05930AF9DD5847A98BCE26C66.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a198f7f8-e715-4b79-af32-2e51541a34ff/0/3130332e3135392e3131332e302f32342d3234203d3e20313431363032.roa
Signing time: Fri 21 Jun 2024 10:01:19 +0000
ROA not before: Fri 21 Jun 2024 09:56:19 +0000
ROA not after: Fri 20 Jun 2025 10:01:19 +0000
asID: 141602
IP address blocks: 103.159.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/a198f7f8-e715-4b79-af32-2e51541a34ff/0/A00E9E21EE9327F05930AF9DD5847A98BCE26C66.crl
rsync://repo-rpki.idnic.net/repo/a198f7f8-e715-4b79-af32-2e51541a34ff/0/A00E9E21EE9327F05930AF9DD5847A98BCE26C66.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A00E9E21EE9327F05930AF9DD5847A98BCE26C66.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 06:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:dd:59:b7:6d:43:22:d2:60:bf:3a:6a:9c:04:15:f0:8d:65:b4:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A00E9E21EE9327F05930AF9DD5847A98BCE26C66
Validity
Not Before: Jun 21 09:56:19 2024 GMT
Not After : Jun 20 10:01:19 2025 GMT
Subject: CN=867B8ECCC20A143CF0085B04E9A6BE9EF2FC29AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:24:7e:f2:5c:64:f8:5b:9f:25:49:da:89:ba:
29:3f:fa:9f:27:1b:83:7e:32:ce:cf:9e:28:c6:1a:
69:d2:c6:be:3f:e4:5b:da:1a:16:51:4b:4a:3b:75:
53:7c:e8:cc:34:d7:53:97:68:fe:4f:66:fd:ea:dd:
4e:80:52:2e:22:ef:58:dd:58:50:ec:52:6e:1c:c6:
7b:34:a8:0f:7c:54:6f:92:bc:6a:1b:bf:70:dd:7b:
13:2c:f9:32:5b:7b:a0:d4:a6:38:12:b4:83:e3:fe:
97:3f:d5:54:12:9c:0f:e0:4e:e7:6c:1d:75:f4:a8:
58:0b:ec:e4:e5:5c:8d:7f:b0:7a:94:1a:cf:7f:17:
12:09:32:a3:4c:d8:7a:b5:ac:df:6e:f6:8e:b3:93:
94:7a:f5:8c:6e:60:5c:89:dd:06:1b:36:91:00:05:
27:6b:77:6c:6b:96:a2:ae:ec:17:a2:43:40:12:46:
80:67:ab:67:52:4f:dd:0a:a4:b2:1c:31:0e:45:8c:
dd:51:1d:a1:a1:63:e6:78:c8:ff:9f:19:02:46:00:
1e:00:63:72:0b:13:25:9f:63:1e:24:f9:d9:59:97:
60:9f:14:f7:8a:5a:8a:e9:aa:d8:f2:c5:be:9b:5f:
13:7b:41:f0:a9:51:25:df:97:e8:61:45:f3:d0:25:
f9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:7B:8E:CC:C2:0A:14:3C:F0:08:5B:04:E9:A6:BE:9E:F2:FC:29:AF
X509v3 Authority Key Identifier:
keyid:A0:0E:9E:21:EE:93:27:F0:59:30:AF:9D:D5:84:7A:98:BC:E2:6C:66
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a198f7f8-e715-4b79-af32-2e51541a34ff/0/A00E9E21EE9327F05930AF9DD5847A98BCE26C66.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A00E9E21EE9327F05930AF9DD5847A98BCE26C66.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a198f7f8-e715-4b79-af32-2e51541a34ff/0/3130332e3135392e3131332e302f32342d3234203d3e20313431363032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.159.113.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:58:25:b8:a5:16:91:64:fe:8f:36:b4:87:1f:43:5f:e9:87:
bb:f9:8e:ea:bb:84:70:5f:af:11:7c:f4:8e:d2:02:7d:11:4c:
18:0a:50:3e:c7:9f:fb:1a:f2:04:a2:b1:59:2f:6e:36:93:18:
9c:fd:3f:28:4b:bd:db:b3:54:f5:36:f3:ed:d7:28:6b:62:ec:
07:ed:1c:ee:ff:47:e0:13:11:d4:71:df:21:35:f9:ca:18:fa:
3e:c0:8b:6a:bf:a5:88:9b:01:90:db:aa:fa:50:1d:c2:6a:31:
19:66:24:72:60:e0:62:ce:2d:5d:08:b3:61:93:84:07:de:cb:
12:77:4b:a9:e8:f3:81:93:7e:ce:77:b7:27:60:d6:ab:97:cf:
9e:9f:5c:bf:b4:09:82:38:e4:b5:c5:c4:14:1e:d5:e7:5e:ff:
1e:6f:28:42:e4:92:7e:00:14:bf:59:eb:bc:45:b3:56:5b:22:
46:fc:17:fb:7f:00:74:a9:de:32:bf:4d:20:aa:be:36:b7:41:
ce:1d:23:50:56:59:25:e4:e0:cc:e3:d3:a5:e4:6e:5c:92:75:
a1:26:2a:58:fd:88:fa:8c:24:64:34:37:ad:d6:01:f7:51:5c:
f8:de:52:22:71:7a:08:19:6c:85:99:05:f5:26:e7:a0:f7:ef:
0b:7d:c8:c2
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUSN1Zt21DItJgvzpqnAQV8I1ltEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTAwRTlFMjFFRTkzMjdGMDU5MzBBRjlERDU4NDdBOThC
Q0UyNkM2NjAeFw0yNDA2MjEwOTU2MTlaFw0yNTA2MjAxMDAxMTlaMDMxMTAvBgNV
BAMTKDg2N0I4RUNDQzIwQTE0M0NGMDA4NUIwNEU5QTZCRTlFRjJGQzI5QUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTJH7yXGT4W58lSdqJuik/+p8n
G4N+Ms7PnijGGmnSxr4/5FvaGhZRS0o7dVN86Mw011OXaP5PZv3q3U6AUi4i71jd
WFDsUm4cxns0qA98VG+SvGobv3DdexMs+TJbe6DUpjgStIPj/pc/1VQSnA/gTuds
HXX0qFgL7OTlXI1/sHqUGs9/FxIJMqNM2Hq1rN9u9o6zk5R69YxuYFyJ3QYbNpEA
BSdrd2xrlqKu7BeiQ0ASRoBnq2dST90KpLIcMQ5FjN1RHaGhY+Z4yP+fGQJGAB4A
Y3ILEyWfYx4k+dlZl2CfFPeKWorpqtjyxb6bXxN7QfCpUSXfl+hhRfPQJfmLAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUhnuOzMIKFDzwCFsE6aa+nvL8Ka8wHwYDVR0j
BBgwFoAUoA6eIe6TJ/BZMK+d1YR6mLzibGYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
MTk4ZjdmOC1lNzE1LTRiNzktYWYzMi0yZTUxNTQxYTM0ZmYvMC9BMDBFOUUyMUVF
OTMyN0YwNTkzMEFGOURENTg0N0E5OEJDRTI2QzY2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQTAwRTlFMjFFRTkzMjdGMDU5MzBBRjlERDU4NDdBOThCQ0Uy
NkM2Ni5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2ExOThmN2Y4LWU3MTUtNGI3OS1h
ZjMyLTJlNTE1NDFhMzRmZi8wLzMxMzAzMzJlMzEzNTM5MmUzMTMxMzMyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM0MzEzNjMwMzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnn3EwDQYJ
KoZIhvcNAQELBQADggEBAJ5YJbilFpFk/o82tIcfQ1/ph7v5juq7hHBfrxF89I7S
An0RTBgKUD7Hn/sa8gSisVkvbjaTGJz9PyhLvduzVPU28+3XKGti7AftHO7/R+AT
EdRx3yE1+coY+j7Ai2q/pYibAZDbqvpQHcJqMRlmJHJg4GLOLV0Is2GThAfeyxJ3
S6no84GTfs53tydg1quXz56fXL+0CYI45LXFxBQe1ede/x5vKELkkn4AFL9Z67xF
s1ZbIkb8F/t/AHSp3jK/TSCqvja3Qc4dI1BWWSXk4Mzj06XkblySdaEmKlj9iPqM
JGQ0N63WAfdRXPjeUiJxeggZbIWZBfUm56D37wt9yMI=
-----END CERTIFICATE-----
Generated at Wed Apr 9 12:58:32 2025 by rpki-client