Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3132312e3130312e3138382e302f32342d3234203d3e203338373835.roa
File: 3132312e3130312e3138382e302f32342d3234203d3e203338373835.roa (raw, json)
Hash identifier: jVBeyFMPWkiATlRCTVFrCw8EykcpuEgYVgn4T3UPT6M=
Subject key identifier: E7:3B:A3:78:56:F4:47:06:90:E3:A0:F6:6E:C4:86:5D:85:57:36:6D
Certificate issuer: /CN=3308A0FBD29F359AD61CAA389208E1D74CC28164
Certificate serial: 3525BB82792149EB6F6CF34749DFB84678B19FEE
Authority key identifier: 33:08:A0:FB:D2:9F:35:9A:D6:1C:AA:38:92:08:E1:D7:4C:C2:81:64
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3308A0FBD29F359AD61CAA389208E1D74CC28164.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3132312e3130312e3138382e302f32342d3234203d3e203338373835.roa
Signing time: Thu 03 Apr 2025 05:00:02 +0000
ROA not before: Thu 03 Apr 2025 04:55:02 +0000
ROA not after: Thu 02 Apr 2026 05:00:02 +0000
asID: 38785
IP address blocks: 121.101.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3308A0FBD29F359AD61CAA389208E1D74CC28164.crl
rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3308A0FBD29F359AD61CAA389208E1D74CC28164.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3308A0FBD29F359AD61CAA389208E1D74CC28164.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 13 Apr 2025 04:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:25:bb:82:79:21:49:eb:6f:6c:f3:47:49:df:b8:46:78:b1:9f:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3308A0FBD29F359AD61CAA389208E1D74CC28164
Validity
Not Before: Apr 3 04:55:02 2025 GMT
Not After : Apr 2 05:00:02 2026 GMT
Subject: CN=E73BA37856F4470690E3A0F66EC4865D8557366D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:87:d6:2d:9f:c9:64:1a:d9:d9:9a:5a:74:b7:
2a:02:49:20:a8:a7:04:55:cb:bf:f6:b9:8a:ab:01:
91:b9:0c:4c:3b:ad:a2:dd:33:de:4d:50:39:d6:02:
e6:a3:22:75:e7:a8:d8:c5:20:f5:e9:d2:88:7b:69:
6f:6a:e7:a5:92:f6:16:79:f1:72:9e:3e:36:b9:5e:
8c:45:69:f6:56:c9:19:e0:ed:05:fe:45:6d:0c:34:
44:c2:f2:37:62:69:01:ed:2f:95:e5:f9:f4:78:b7:
34:e7:e8:6d:49:ec:8f:aa:4a:c1:e7:6b:00:2f:4a:
a1:60:9a:cf:fb:a7:2c:a5:51:da:34:68:ca:cc:5a:
df:0b:c0:dd:dc:64:63:4b:97:43:66:20:63:cd:b5:
9d:18:f8:c0:0a:06:bb:c5:25:77:48:9a:d7:35:c8:
ca:f5:2c:f5:66:7d:00:16:97:ba:bb:27:7b:63:3b:
7e:30:8b:93:8b:8b:98:9c:19:48:8a:80:83:90:70:
c6:04:13:fe:29:f2:b2:7f:16:1b:05:b0:bc:66:cd:
84:6c:94:12:2a:ee:e8:d2:18:7f:71:1f:5c:a2:eb:
d3:f1:5e:fc:4b:c1:ee:e1:ae:6b:a5:75:e5:a0:1b:
a2:b0:dc:d1:6f:5c:84:d3:e0:79:2a:b8:be:32:88:
0b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:3B:A3:78:56:F4:47:06:90:E3:A0:F6:6E:C4:86:5D:85:57:36:6D
X509v3 Authority Key Identifier:
keyid:33:08:A0:FB:D2:9F:35:9A:D6:1C:AA:38:92:08:E1:D7:4C:C2:81:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3308A0FBD29F359AD61CAA389208E1D74CC28164.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3308A0FBD29F359AD61CAA389208E1D74CC28164.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3132312e3130312e3138382e302f32342d3234203d3e203338373835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.101.188.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:24:d9:c2:90:e8:e9:09:4b:4e:e2:00:78:d7:b9:d1:ba:6b:
8e:94:34:99:81:90:ab:a3:15:2e:1c:93:df:3d:30:13:b9:08:
5a:3a:d3:5e:bc:92:47:14:b8:e8:91:6f:5a:e3:dd:2e:cd:c5:
08:12:11:52:3e:46:d5:ca:0a:b2:2e:6f:da:c6:06:66:e2:ab:
74:fb:85:7d:84:e0:2c:5c:1b:77:45:7a:bf:17:e0:0b:3b:de:
22:a2:c5:c9:18:9d:fe:6f:b2:b1:f7:fe:25:a1:f0:38:58:8a:
c0:45:a6:b7:a3:ca:80:9c:bf:3d:44:51:ee:8e:26:61:12:73:
b1:c9:31:4c:bc:2a:91:0e:c2:67:1d:fe:d7:67:c5:90:52:9b:
6e:ca:15:a6:cc:d7:e7:07:5c:ec:2d:63:7a:5f:ff:51:02:73:
6d:81:e7:be:2d:43:7d:4d:dc:5b:5c:5f:0f:67:c2:8e:69:46:
3e:f4:4c:cc:9b:b8:58:c0:96:90:79:17:ac:00:11:6d:19:27:
94:06:7a:f2:5d:01:18:3c:ac:0b:a7:26:8b:4c:37:bb:0c:e7:
0b:6e:c6:76:31:25:cb:5a:ea:e9:7f:49:9a:c4:11:db:5f:99:
a4:2e:c8:c2:cd:bf:24:4f:27:8e:c4:20:3c:00:2e:3c:aa:72:
1d:8d:4e:c6
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUNSW7gnkhSetvbPNHSd+4Rnixn+4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzMwOEEwRkJEMjlGMzU5QUQ2MUNBQTM4OTIwOEUxRDc0
Q0MyODE2NDAeFw0yNTA0MDMwNDU1MDJaFw0yNjA0MDIwNTAwMDJaMDMxMTAvBgNV
BAMTKEU3M0JBMzc4NTZGNDQ3MDY5MEUzQTBGNjZFQzQ4NjVEODU1NzM2NkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0h9Ytn8lkGtnZmlp0tyoCSSCo
pwRVy7/2uYqrAZG5DEw7raLdM95NUDnWAuajInXnqNjFIPXp0oh7aW9q56WS9hZ5
8XKePja5XoxFafZWyRng7QX+RW0MNETC8jdiaQHtL5Xl+fR4tzTn6G1J7I+qSsHn
awAvSqFgms/7pyylUdo0aMrMWt8LwN3cZGNLl0NmIGPNtZ0Y+MAKBrvFJXdImtc1
yMr1LPVmfQAWl7q7J3tjO34wi5OLi5icGUiKgIOQcMYEE/4p8rJ/FhsFsLxmzYRs
lBIq7ujSGH9xH1yi69PxXvxLwe7hrmuldeWgG6Kw3NFvXITT4HkquL4yiAuHAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU5zujeFb0RwaQ46D2bsSGXYVXNm0wHwYDVR0j
BBgwFoAUMwig+9KfNZrWHKo4kgjh10zCgWQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
NTcyZGZiZS00Y2EwLTRhNDYtODAzNy00OTY4ZWQ5N2NhZGMvMC8zMzA4QTBGQkQy
OUYzNTlBRDYxQ0FBMzg5MjA4RTFENzRDQzI4MTY0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMzMwOEEwRkJEMjlGMzU5QUQ2MUNBQTM4OTIwOEUxRDc0Q0My
ODE2NC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E1NzJkZmJlLTRjYTAtNGE0Ni04
MDM3LTQ5NjhlZDk3Y2FkYy8wLzMxMzIzMTJlMzEzMDMxMmUzMTM4MzgyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMzM4MzczODM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAeWW8MA0GCSqG
SIb3DQEBCwUAA4IBAQAbJNnCkOjpCUtO4gB417nRumuOlDSZgZCroxUuHJPfPTAT
uQhaOtNevJJHFLjokW9a490uzcUIEhFSPkbVygqyLm/axgZm4qt0+4V9hOAsXBt3
RXq/F+ALO94iosXJGJ3+b7Kx9/4lofA4WIrARaa3o8qAnL89RFHujiZhEnOxyTFM
vCqRDsJnHf7XZ8WQUptuyhWmzNfnB1zsLWN6X/9RAnNtgee+LUN9TdxbXF8PZ8KO
aUY+9EzMm7hYwJaQeResABFtGSeUBnryXQEYPKwLpyaLTDe7DOcLbsZ2MSXLWurp
f0maxBHbX5mkLsjCzb8kTyeOxCA8AC48qnIdjU7G
-----END CERTIFICATE-----
Generated at Thu Apr 10 04:07:47 2025 by rpki-client