Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/aea7a115-b8b8-490b-8320-c9e59a1003dd/0/3130332e3234372e3132312e302f32342d3234203d3e20313439373436.roa
File: 3130332e3234372e3132312e302f32342d3234203d3e20313439373436.roa (raw, json)
Hash identifier: IDWCZT4uAeHS9R8+qCUs6bMdQGmyEUG0b6ZQgSamVag=
Subject key identifier: E2:61:E3:2F:B8:50:A7:82:DE:A3:59:BF:E2:3E:E3:6D:DE:D1:71:26
Certificate issuer: /CN=C00163880F235714759920507217F2A7D557C953
Certificate serial: 427FA9DD130AF5D09DD3F40B29E2FDE96A08DA0E
Authority key identifier: C0:01:63:88:0F:23:57:14:75:99:20:50:72:17:F2:A7:D5:57:C9:53
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C00163880F235714759920507217F2A7D557C953.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/aea7a115-b8b8-490b-8320-c9e59a1003dd/0/3130332e3234372e3132312e302f32342d3234203d3e20313439373436.roa
Signing time: Sat 21 Dec 2024 18:00:47 +0000
ROA not before: Sat 21 Dec 2024 17:55:47 +0000
ROA not after: Sat 20 Dec 2025 18:00:47 +0000
asID: 149746
IP address blocks: 103.247.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/aea7a115-b8b8-490b-8320-c9e59a1003dd/0/C00163880F235714759920507217F2A7D557C953.crl
rsync://repo-rpki.idnic.net/repo/aea7a115-b8b8-490b-8320-c9e59a1003dd/0/C00163880F235714759920507217F2A7D557C953.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C00163880F235714759920507217F2A7D557C953.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 12 Apr 2025 05:03:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:7f:a9:dd:13:0a:f5:d0:9d:d3:f4:0b:29:e2:fd:e9:6a:08:da:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C00163880F235714759920507217F2A7D557C953
Validity
Not Before: Dec 21 17:55:47 2024 GMT
Not After : Dec 20 18:00:47 2025 GMT
Subject: CN=E261E32FB850A782DEA359BFE23EE36DDED17126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c6:6d:16:f7:df:a1:8a:82:52:d5:b4:f5:18:
fb:62:0f:96:d1:9f:b8:cc:99:f6:c0:c6:cf:57:32:
72:9f:a6:38:88:e5:27:40:1a:2a:c7:6c:29:91:6f:
9f:4f:4b:22:6e:ec:ac:76:96:ab:3d:52:73:b8:96:
15:a3:0c:80:75:da:8d:2e:dc:c3:7c:f2:ad:e5:88:
08:6c:f4:7c:dd:62:40:24:82:71:d8:bc:09:3b:f1:
72:00:b3:96:f7:4a:3f:17:5f:a2:c4:9c:76:51:92:
f8:3e:92:92:99:bc:f0:4b:fa:46:0c:9d:43:e3:13:
46:64:6d:84:d4:36:03:76:fc:09:80:31:d9:96:10:
59:f3:f8:a8:d4:54:ec:23:e0:24:81:9b:1e:47:a3:
d2:1b:2b:f3:5a:13:2d:4e:02:e9:5f:10:7a:fc:0c:
12:5a:13:2b:18:34:bc:58:27:be:59:4d:16:93:12:
83:0d:68:81:ae:4f:11:e6:ad:1a:8e:43:67:1f:57:
03:01:a3:19:25:d3:1c:cf:bc:ff:39:ae:82:b8:1b:
6c:50:8b:b7:f2:c0:a1:54:c4:9a:e1:0f:92:71:57:
ea:01:75:af:07:21:f8:78:62:28:9e:ed:c4:42:09:
3d:7b:9d:e4:7c:f0:e4:b0:51:92:51:e2:60:50:61:
2b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:61:E3:2F:B8:50:A7:82:DE:A3:59:BF:E2:3E:E3:6D:DE:D1:71:26
X509v3 Authority Key Identifier:
keyid:C0:01:63:88:0F:23:57:14:75:99:20:50:72:17:F2:A7:D5:57:C9:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/aea7a115-b8b8-490b-8320-c9e59a1003dd/0/C00163880F235714759920507217F2A7D557C953.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C00163880F235714759920507217F2A7D557C953.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/aea7a115-b8b8-490b-8320-c9e59a1003dd/0/3130332e3234372e3132312e302f32342d3234203d3e20313439373436.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.247.121.0/24
Signature Algorithm: sha256WithRSAEncryption
18:bb:7a:53:87:c0:00:24:79:b4:4c:c9:eb:04:fa:f6:2f:c0:
7f:b4:c1:12:6a:3b:eb:c6:a8:ee:f3:50:99:1a:8d:24:6f:f4:
a9:e1:6a:2b:f2:ba:0b:5e:2c:db:35:58:12:04:9b:36:cb:a9:
9b:61:85:b1:03:ca:fb:dd:1a:ff:77:10:c1:0f:e3:d0:cc:40:
68:93:31:a1:e6:57:69:fe:40:10:76:a5:b2:91:c4:e4:a6:7b:
e6:2d:76:73:00:08:d6:f1:27:fa:f5:a6:4a:aa:0e:a0:38:29:
87:e2:b6:ac:97:8e:65:e7:80:2c:e9:33:8a:cf:39:bd:e0:25:
21:44:3f:48:b7:f2:cf:a1:33:1b:58:3e:b5:ca:4e:29:7c:07:
a7:f8:ff:1f:ad:ad:7b:e3:b6:96:68:78:75:df:7b:a9:37:32:
81:d6:22:d7:97:45:71:69:c3:89:d8:87:c7:ee:a9:1d:03:07:
b9:45:50:23:de:98:22:0a:c0:39:23:e1:5a:0a:a0:ce:70:07:
1f:bc:e8:3d:46:17:9f:ed:3c:cc:72:21:e5:33:fb:52:b1:86:
ed:96:e0:5b:d5:89:98:ed:3c:36:a8:06:b0:4f:51:c6:ec:41:
99:ed:ea:ae:f8:d3:80:9c:f8:fd:a4:ac:bd:1e:3b:b8:1d:5a:
71:e9:a6:3a
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUQn+p3RMK9dCd0/QLKeL96WoI2g4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzAwMTYzODgwRjIzNTcxNDc1OTkyMDUwNzIxN0YyQTdE
NTU3Qzk1MzAeFw0yNDEyMjExNzU1NDdaFw0yNTEyMjAxODAwNDdaMDMxMTAvBgNV
BAMTKEUyNjFFMzJGQjg1MEE3ODJERUEzNTlCRkUyM0VFMzZEREVEMTcxMjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWxm0W99+hioJS1bT1GPtiD5bR
n7jMmfbAxs9XMnKfpjiI5SdAGirHbCmRb59PSyJu7Kx2lqs9UnO4lhWjDIB12o0u
3MN88q3liAhs9HzdYkAkgnHYvAk78XIAs5b3Sj8XX6LEnHZRkvg+kpKZvPBL+kYM
nUPjE0ZkbYTUNgN2/AmAMdmWEFnz+KjUVOwj4CSBmx5Ho9IbK/NaEy1OAulfEHr8
DBJaEysYNLxYJ75ZTRaTEoMNaIGuTxHmrRqOQ2cfVwMBoxkl0xzPvP85roK4G2xQ
i7fywKFUxJrhD5JxV+oBda8HIfh4Yiie7cRCCT17neR88OSwUZJR4mBQYSu3AgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQU4mHjL7hQp4Leo1m/4j7jbd7RcSYwHwYDVR0j
BBgwFoAUwAFjiA8jVxR1mSBQchfyp9VXyVMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ZWE3YTExNS1iOGI4LTQ5MGItODMyMC1jOWU1OWExMDAzZGQvMC9DMDAxNjM4ODBG
MjM1NzE0NzU5OTIwNTA3MjE3RjJBN0Q1NTdDOTUzLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQzAwMTYzODgwRjIzNTcxNDc1OTkyMDUwNzIxN0YyQTdENTU3
Qzk1My5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2FlYTdhMTE1LWI4YjgtNDkwYi04
MzIwLWM5ZTU5YTEwMDNkZC8wLzMxMzAzMzJlMzIzNDM3MmUzMTMyMzEyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM0MzkzNzM0MzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABn93kwDQYJ
KoZIhvcNAQELBQADggEBABi7elOHwAAkebRMyesE+vYvwH+0wRJqO+vGqO7zUJka
jSRv9KnhaivyugteLNs1WBIEmzbLqZthhbEDyvvdGv93EMEP49DMQGiTMaHmV2n+
QBB2pbKRxOSme+YtdnMACNbxJ/r1pkqqDqA4KYfitqyXjmXngCzpM4rPOb3gJSFE
P0i38s+hMxtYPrXKTil8B6f4/x+trXvjtpZoeHXfe6k3MoHWIteXRXFpw4nYh8fu
qR0DB7lFUCPemCIKwDkj4VoKoM5wBx+86D1GF5/tPMxyIeUz+1Kxhu2W4FvViZjt
PDaoBrBPUcbsQZnt6q7404Cc+P2krL0eO7gdWnHppjo=
-----END CERTIFICATE-----
Generated at Thu Apr 10 05:59:37 2025 by rpki-client