Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/b1a77add-a49a-4c8f-a735-ef96c33ab29f/0/3130332e3233352e37342e302f32342d3234203d3e20313431313230.roa
File: 3130332e3233352e37342e302f32342d3234203d3e20313431313230.roa (raw, json)
Hash identifier: e9uiS3KNGlZ+EQjSXY4m6NwJ9lRr8aifmafZU96mQ7k=
Subject key identifier: 84:A1:B0:D7:F6:7B:2C:97:D7:DD:3F:2A:31:71:AF:6C:06:FB:08:EA
Certificate issuer: /CN=D9CD40474BDD0C0707766CEDBAF0B6A186CF582F
Certificate serial: 51ECA3D752393A3249637D9AA1B95CBFC0B58650
Authority key identifier: D9:CD:40:47:4B:DD:0C:07:07:76:6C:ED:BA:F0:B6:A1:86:CF:58:2F
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D9CD40474BDD0C0707766CEDBAF0B6A186CF582F.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/b1a77add-a49a-4c8f-a735-ef96c33ab29f/0/3130332e3233352e37342e302f32342d3234203d3e20313431313230.roa
Signing time: Fri 07 Feb 2025 12:00:00 +0000
ROA not before: Fri 07 Feb 2025 11:55:00 +0000
ROA not after: Fri 06 Feb 2026 12:00:00 +0000
asID: 141120
IP address blocks: 103.235.74.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:ec:a3:d7:52:39:3a:32:49:63:7d:9a:a1:b9:5c:bf:c0:b5:86:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D9CD40474BDD0C0707766CEDBAF0B6A186CF582F
Validity
Not Before: Feb 7 11:55:00 2025 GMT
Not After : Feb 6 12:00:00 2026 GMT
Subject: CN=84A1B0D7F67B2C97D7DD3F2A3171AF6C06FB08EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:84:fa:f1:a2:2f:e7:2d:05:c2:65:b0:36:04:
20:ba:9c:8c:ba:cb:9b:06:ba:9b:d9:bb:c7:b7:6c:
c7:26:f9:97:49:84:a2:b7:a0:99:1f:bc:93:9c:8f:
ea:fb:29:42:63:d3:78:98:39:54:27:82:c0:bb:39:
70:00:fe:0b:17:f9:b6:8f:e2:34:1d:f2:82:43:b5:
b5:1f:42:26:1d:6a:fe:51:79:ca:ce:15:03:3c:80:
e2:ab:21:a5:c8:b1:c1:15:79:ce:f0:db:3c:db:ea:
f7:20:41:a4:00:f7:df:11:09:5b:36:b0:74:19:14:
5f:ea:57:0f:3c:ce:ea:e9:bc:0c:5e:d8:26:f8:e9:
51:89:08:1a:bb:11:a1:d5:ae:39:32:19:76:b0:e1:
63:41:09:34:5e:e3:0e:d6:4a:42:bc:08:da:55:63:
ad:c7:fe:5d:59:48:d2:f0:07:fe:d5:6d:eb:5e:28:
d9:ec:68:df:17:ea:72:03:11:62:e2:8e:07:49:ac:
ab:54:25:53:5a:03:ee:4f:58:36:8c:46:5a:71:b2:
f7:55:06:b7:f4:f6:3a:c1:e7:0b:94:c1:3f:d9:78:
1d:af:c8:fb:86:63:90:d8:a0:41:ec:81:36:31:66:
7a:83:f8:c5:f5:6b:a5:a4:67:0a:1a:16:1a:09:1e:
4e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:A1:B0:D7:F6:7B:2C:97:D7:DD:3F:2A:31:71:AF:6C:06:FB:08:EA
X509v3 Authority Key Identifier:
keyid:D9:CD:40:47:4B:DD:0C:07:07:76:6C:ED:BA:F0:B6:A1:86:CF:58:2F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/b1a77add-a49a-4c8f-a735-ef96c33ab29f/0/D9CD40474BDD0C0707766CEDBAF0B6A186CF582F.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D9CD40474BDD0C0707766CEDBAF0B6A186CF582F.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b1a77add-a49a-4c8f-a735-ef96c33ab29f/0/3130332e3233352e37342e302f32342d3234203d3e20313431313230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.235.74.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:95:12:4b:1b:53:a1:fd:97:9c:17:b9:d1:64:5b:35:bf:69:
4d:47:66:ce:62:91:e2:79:02:b1:e7:24:bf:72:45:a9:69:b2:
69:c0:53:8e:3d:1b:6b:96:9f:4b:41:44:42:a8:11:31:07:c2:
e6:33:46:d3:06:36:c8:8b:7f:0e:df:a5:b3:0a:7c:b9:35:6e:
86:fd:71:fb:30:d4:77:dd:5c:ee:7c:fb:e8:0d:d1:3c:ba:8b:
eb:d3:1c:39:06:04:0f:3e:0d:15:81:af:8e:11:62:4e:d0:17:
68:ca:30:7f:79:cd:47:77:95:20:18:b6:62:30:81:ec:9d:9f:
f9:d2:93:16:93:29:40:07:88:16:61:6d:50:d2:a7:83:53:c9:
99:fb:1e:a7:30:55:05:84:94:6b:c5:72:cf:38:f7:b4:de:09:
84:31:30:f3:68:a9:cd:be:63:6c:a7:8d:3e:9e:75:c0:c8:cf:
70:f7:6f:ec:80:be:c0:7e:5f:77:f3:22:27:c5:1f:bc:69:4e:
c0:10:47:b8:1f:a2:70:2b:0a:19:0b:9d:f4:1f:2e:fe:c2:a1:
de:0a:8b:6a:9b:c1:7f:71:d3:16:3b:a5:14:d5:d9:1a:47:9e:
9f:e3:63:6b:48:45:30:8e:14:c2:59:67:34:b4:f5:7d:d0:1b:
a8:6a:a0:f7
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUUeyj11I5OjJJY32aoblcv8C1hlAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDlDRDQwNDc0QkREMEMwNzA3NzY2Q0VEQkFGMEI2QTE4
NkNGNTgyRjAeFw0yNTAyMDcxMTU1MDBaFw0yNjAyMDYxMjAwMDBaMDMxMTAvBgNV
BAMTKDg0QTFCMEQ3RjY3QjJDOTdEN0REM0YyQTMxNzFBRjZDMDZGQjA4RUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDThPrxoi/nLQXCZbA2BCC6nIy6
y5sGupvZu8e3bMcm+ZdJhKK3oJkfvJOcj+r7KUJj03iYOVQngsC7OXAA/gsX+baP
4jQd8oJDtbUfQiYdav5RecrOFQM8gOKrIaXIscEVec7w2zzb6vcgQaQA998RCVs2
sHQZFF/qVw88zurpvAxe2Cb46VGJCBq7EaHVrjkyGXaw4WNBCTRe4w7WSkK8CNpV
Y63H/l1ZSNLwB/7VbeteKNnsaN8X6nIDEWLijgdJrKtUJVNaA+5PWDaMRlpxsvdV
Brf09jrB5wuUwT/ZeB2vyPuGY5DYoEHsgTYxZnqD+MX1a6WkZwoaFhoJHk7DAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUhKGw1/Z7LJfX3T8qMXGvbAb7COowHwYDVR0j
BBgwFoAU2c1AR0vdDAcHdmztuvC2oYbPWC8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i
MWE3N2FkZC1hNDlhLTRjOGYtYTczNS1lZjk2YzMzYWIyOWYvMC9EOUNENDA0NzRC
REQwQzA3MDc3NjZDRURCQUYwQjZBMTg2Q0Y1ODJGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDlDRDQwNDc0QkREMEMwNzA3NzY2Q0VEQkFGMEI2QTE4NkNG
NTgyRi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2IxYTc3YWRkLWE0OWEtNGM4Zi1h
NzM1LWVmOTZjMzNhYjI5Zi8wLzMxMzAzMzJlMzIzMzM1MmUzNzM0MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNDMxMzEzMjMwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ+tKMA0GCSqG
SIb3DQEBCwUAA4IBAQAOlRJLG1Oh/ZecF7nRZFs1v2lNR2bOYpHieQKx5yS/ckWp
abJpwFOOPRtrlp9LQURCqBExB8LmM0bTBjbIi38O36WzCny5NW6G/XH7MNR33Vzu
fPvoDdE8uovr0xw5BgQPPg0Vga+OEWJO0BdoyjB/ec1Hd5UgGLZiMIHsnZ/50pMW
kylAB4gWYW1Q0qeDU8mZ+x6nMFUFhJRrxXLPOPe03gmEMTDzaKnNvmNsp40+nnXA
yM9w92/sgL7Afl938yInxR+8aU7AEEe4H6JwKwoZC530Hy7+wqHeCotqm8F/cdMW
O6UU1dkaR56f42NrSEUwjhTCWWc0tPV90BuoaqD3
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:09:26 2025 by rpki-client