Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a43336f8-e546-462c-8410-b7732b6c8015/0/3130332e3138392e39362e302f32332d3234203d3e203435333035.roa
File: 3130332e3138392e39362e302f32332d3234203d3e203435333035.roa (raw, json)
Hash identifier: wVefZUkFDr2RBqD4UPWhwrEjzDTX8ZVDe5YAYTdiEdo=
Subject key identifier: 32:CD:F9:26:24:54:25:C3:22:52:B8:BF:51:3C:56:47:18:08:3E:39
Certificate issuer: /CN=A3969B26389933D7D21F3A8D757CB9C5687740E4
Certificate serial: 13A70E0D9AFEED7A64CF3C7EDBAC6C963658BD4A
Authority key identifier: A3:96:9B:26:38:99:33:D7:D2:1F:3A:8D:75:7C:B9:C5:68:77:40:E4
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A3969B26389933D7D21F3A8D757CB9C5687740E4.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a43336f8-e546-462c-8410-b7732b6c8015/0/3130332e3138392e39362e302f32332d3234203d3e203435333035.roa
Signing time: Sat 29 Mar 2025 04:00:00 +0000
ROA not before: Sat 29 Mar 2025 03:55:00 +0000
ROA not after: Sat 28 Mar 2026 04:00:00 +0000
asID: 45305
IP address blocks: 103.189.96.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:a7:0e:0d:9a:fe:ed:7a:64:cf:3c:7e:db:ac:6c:96:36:58:bd:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A3969B26389933D7D21F3A8D757CB9C5687740E4
Validity
Not Before: Mar 29 03:55:00 2025 GMT
Not After : Mar 28 04:00:00 2026 GMT
Subject: CN=32CDF926245425C32252B8BF513C564718083E39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2f:18:63:f9:51:f7:5d:c1:81:7c:81:31:37:
6f:6e:b6:64:c5:fb:78:59:2f:f2:bd:24:42:ea:9e:
22:2f:f8:7c:50:44:19:dc:9f:62:99:59:b2:0f:81:
f7:d2:32:38:e0:cd:7d:46:2e:43:19:91:f7:04:20:
5c:23:9d:81:29:5b:6b:c6:a4:61:d6:80:1b:b9:7c:
5c:43:bb:9f:10:ff:9d:d9:26:72:ef:b0:2e:7a:9e:
28:63:1f:2d:5d:41:7e:32:6d:1a:0c:d0:24:73:4a:
fc:84:77:d2:79:93:a7:ab:52:75:a7:48:fe:4b:4d:
39:ee:a7:9b:fa:0a:fd:39:81:60:6f:99:ca:67:23:
dd:79:49:99:87:c0:26:09:98:cf:4c:63:0b:67:f7:
1a:6d:93:e3:c3:ef:0b:87:a4:97:50:81:af:80:6f:
33:1d:84:a0:20:79:ab:d8:fe:58:16:7d:68:f5:55:
15:2d:58:fa:cd:03:a7:f6:dc:e8:18:84:f2:91:fe:
f9:27:23:4f:f0:56:d3:5a:59:aa:18:cb:05:55:02:
bc:68:c5:72:0f:03:9f:ea:ba:b8:6d:08:7a:ed:e8:
a8:11:33:cf:64:1a:00:eb:f7:c6:1f:f4:c7:87:1d:
82:3f:80:64:ba:f9:47:cc:84:c3:d6:5e:ed:81:be:
0a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:CD:F9:26:24:54:25:C3:22:52:B8:BF:51:3C:56:47:18:08:3E:39
X509v3 Authority Key Identifier:
keyid:A3:96:9B:26:38:99:33:D7:D2:1F:3A:8D:75:7C:B9:C5:68:77:40:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a43336f8-e546-462c-8410-b7732b6c8015/0/A3969B26389933D7D21F3A8D757CB9C5687740E4.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A3969B26389933D7D21F3A8D757CB9C5687740E4.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a43336f8-e546-462c-8410-b7732b6c8015/0/3130332e3138392e39362e302f32332d3234203d3e203435333035.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.189.96.0/23
Signature Algorithm: sha256WithRSAEncryption
08:7d:d1:09:6a:8d:29:2e:d1:76:31:97:f2:a1:e5:82:f1:80:
5a:7f:39:11:33:c1:99:7e:93:67:38:52:57:fc:65:99:a4:12:
ea:01:a5:1d:e1:c0:04:f7:97:1f:ed:c3:bb:12:27:ca:f7:b5:
d5:59:3a:00:ea:31:b0:e6:17:96:70:72:01:da:c8:b9:ee:c9:
a0:19:a0:99:a2:7e:7a:0f:c6:ae:fc:7a:30:06:2a:e2:fd:95:
46:0f:db:85:35:d6:5f:31:c7:8c:22:cf:4b:f6:04:50:94:55:
31:dd:d6:48:b0:01:ae:c2:96:54:68:ec:5a:c8:1d:1e:b1:cf:
aa:8a:0f:d4:df:3f:f2:ee:ec:e7:9c:00:18:23:c9:aa:52:2e:
14:c0:19:b5:bb:f5:dc:df:a2:34:bb:bf:e1:d0:75:5b:c1:71:
32:41:6a:e1:29:a7:f2:24:47:5d:17:e8:cb:81:a6:bd:ef:a5:
42:30:54:6d:25:e6:0f:1d:0c:7f:40:24:67:1d:a9:a8:7c:1e:
af:92:ee:00:49:a5:d3:a2:89:80:0c:b3:0f:14:69:7e:0f:5d:
47:9f:f2:e4:42:ab:80:6a:27:58:11:b8:21:2d:68:87:6c:ca:
1f:54:85:f4:c1:6e:7a:97:b7:58:90:e1:20:3a:0c:fb:0d:b1:
e9:5c:d4:9f
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUE6cODZr+7Xpkzzx+26xsljZYvUowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTM5NjlCMjYzODk5MzNEN0QyMUYzQThENzU3Q0I5QzU2
ODc3NDBFNDAeFw0yNTAzMjkwMzU1MDBaFw0yNjAzMjgwNDAwMDBaMDMxMTAvBgNV
BAMTKDMyQ0RGOTI2MjQ1NDI1QzMyMjUyQjhCRjUxM0M1NjQ3MTgwODNFMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnLxhj+VH3XcGBfIExN29utmTF
+3hZL/K9JELqniIv+HxQRBncn2KZWbIPgffSMjjgzX1GLkMZkfcEIFwjnYEpW2vG
pGHWgBu5fFxDu58Q/53ZJnLvsC56nihjHy1dQX4ybRoM0CRzSvyEd9J5k6erUnWn
SP5LTTnup5v6Cv05gWBvmcpnI915SZmHwCYJmM9MYwtn9xptk+PD7wuHpJdQga+A
bzMdhKAgeavY/lgWfWj1VRUtWPrNA6f23OgYhPKR/vknI0/wVtNaWaoYywVVArxo
xXIPA5/qurhtCHrt6KgRM89kGgDr98Yf9MeHHYI/gGS6+UfMhMPWXu2BvgoPAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUMs35JiRUJcMiUri/UTxWRxgIPjkwHwYDVR0j
BBgwFoAUo5abJjiZM9fSHzqNdXy5xWh3QOQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
NDMzMzZmOC1lNTQ2LTQ2MmMtODQxMC1iNzczMmI2YzgwMTUvMC9BMzk2OUIyNjM4
OTkzM0Q3RDIxRjNBOEQ3NTdDQjlDNTY4Nzc0MEU0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQTM5NjlCMjYzODk5MzNEN0QyMUYzQThENzU3Q0I5QzU2ODc3
NDBFNC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E0MzMzNmY4LWU1NDYtNDYyYy04
NDEwLWI3NzMyYjZjODAxNS8wLzMxMzAzMzJlMzEzODM5MmUzOTM2MmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzQzNTMzMzAzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWe9YDANBgkqhkiG
9w0BAQsFAAOCAQEACH3RCWqNKS7RdjGX8qHlgvGAWn85ETPBmX6TZzhSV/xlmaQS
6gGlHeHABPeXH+3DuxInyve11Vk6AOoxsOYXlnByAdrIue7JoBmgmaJ+eg/Grvx6
MAYq4v2VRg/bhTXWXzHHjCLPS/YEUJRVMd3WSLABrsKWVGjsWsgdHrHPqooP1N8/
8u7s55wAGCPJqlIuFMAZtbv13N+iNLu/4dB1W8FxMkFq4Smn8iRHXRfoy4Gmve+l
QjBUbSXmDx0Mf0AkZx2pqHwer5LuAEml06KJgAyzDxRpfg9dR5/y5EKrgGonWBG4
IS1oh2zKH1SF9MFuepe3WJDhIDoM+w2x6VzUnw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:59:17 2025 by rpki-client