Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/be540164-3d46-4794-bf55-b6b134d9ab13/0/3230322e35312e36312e302f32342d3234203d3e20323031333431.roa
File: 3230322e35312e36312e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: iGn1V/gq7zu3cpw0mI8Bqv3oMJsgKj/I69u4ba5O7zE=
Subject key identifier: 7F:7B:AA:CB:E1:C5:69:41:3E:C2:50:10:02:2F:63:A3:0F:BD:1C:B7
Certificate issuer: /CN=3E6B5AF231FD809FBC8E599215B14D357AC66A8C
Certificate serial: 2A11C253CBF6A04229D669816018AE74E43DA741
Authority key identifier: 3E:6B:5A:F2:31:FD:80:9F:BC:8E:59:92:15:B1:4D:35:7A:C6:6A:8C
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E6B5AF231FD809FBC8E599215B14D357AC66A8C.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/be540164-3d46-4794-bf55-b6b134d9ab13/0/3230322e35312e36312e302f32342d3234203d3e20323031333431.roa
Signing time: Wed 26 Mar 2025 06:00:58 +0000
ROA not before: Wed 26 Mar 2025 05:55:58 +0000
ROA not after: Wed 25 Mar 2026 06:00:58 +0000
asID: 201341
IP address blocks: 202.51.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/be540164-3d46-4794-bf55-b6b134d9ab13/0/3E6B5AF231FD809FBC8E599215B14D357AC66A8C.crl
rsync://repo-rpki.idnic.net/repo/be540164-3d46-4794-bf55-b6b134d9ab13/0/3E6B5AF231FD809FBC8E599215B14D357AC66A8C.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E6B5AF231FD809FBC8E599215B14D357AC66A8C.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 13:05:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:11:c2:53:cb:f6:a0:42:29:d6:69:81:60:18:ae:74:e4:3d:a7:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E6B5AF231FD809FBC8E599215B14D357AC66A8C
Validity
Not Before: Mar 26 05:55:58 2025 GMT
Not After : Mar 25 06:00:58 2026 GMT
Subject: CN=7F7BAACBE1C569413EC25010022F63A30FBD1CB7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:39:f1:e7:6c:09:af:f8:0f:a1:c8:9a:15:73:
2d:71:b9:7f:ad:41:87:88:21:f4:17:87:0f:fd:a2:
b1:e7:84:03:08:52:c2:38:cc:7b:d7:2e:13:a7:4c:
7b:d4:aa:6c:7d:c8:39:43:e7:e7:3e:0b:0d:f3:e0:
9c:70:4e:e4:18:f1:e4:59:b3:b2:40:fa:c3:be:f1:
5b:ac:f7:d3:92:2e:05:2a:8e:82:ce:eb:5f:e9:ab:
e1:f3:c6:89:d4:74:c9:c8:1d:0d:32:d7:4e:19:dd:
a8:b7:36:6c:8e:57:33:41:2f:b3:c3:98:48:64:10:
46:a8:6c:0f:47:d5:2e:41:45:f3:b2:0f:71:08:d1:
65:08:aa:7d:f9:6a:06:ee:14:28:cb:ac:7f:f7:98:
7d:5d:72:69:c9:51:9c:09:d8:61:13:88:cc:a4:d7:
df:6f:1d:20:8d:44:1a:ae:ca:92:90:61:fc:95:ab:
20:a7:f3:ea:b4:cc:46:1f:40:92:c7:9e:48:04:5c:
1f:c1:70:17:65:ba:19:ee:e9:3f:7b:a0:de:19:50:
1e:aa:b2:4c:c1:b8:a0:ad:57:df:35:4a:b1:5e:00:
11:ff:6d:b2:85:36:b1:e9:ed:7e:53:6d:15:05:62:
ba:c6:f9:8f:96:ab:b7:82:9b:f9:22:a6:8f:bb:d0:
a5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:7B:AA:CB:E1:C5:69:41:3E:C2:50:10:02:2F:63:A3:0F:BD:1C:B7
X509v3 Authority Key Identifier:
keyid:3E:6B:5A:F2:31:FD:80:9F:BC:8E:59:92:15:B1:4D:35:7A:C6:6A:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/be540164-3d46-4794-bf55-b6b134d9ab13/0/3E6B5AF231FD809FBC8E599215B14D357AC66A8C.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E6B5AF231FD809FBC8E599215B14D357AC66A8C.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/be540164-3d46-4794-bf55-b6b134d9ab13/0/3230322e35312e36312e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.51.61.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:3d:83:77:d7:32:9f:87:48:19:61:3d:13:f9:42:6c:ba:25:
52:66:f4:f2:c3:13:0b:49:6d:26:61:04:b5:6c:ef:32:9b:10:
23:d4:98:9a:a1:c9:48:1d:5e:ed:71:f3:6e:c7:ec:98:a1:57:
c2:ed:ff:d3:de:75:50:30:49:05:b5:2b:02:f9:76:1f:04:b3:
7e:27:c4:ce:70:85:cf:31:2b:dc:ae:a8:3e:48:ce:1e:56:40:
f4:ed:47:e6:31:c2:19:76:62:b6:55:0d:83:36:1a:ed:9e:ab:
8b:11:cb:ed:1f:c5:0a:03:16:da:ef:44:76:60:23:f2:a3:71:
e5:2b:bf:71:df:2d:0e:99:91:5d:6d:7e:e9:f5:c1:94:35:14:
4f:21:c8:1e:e4:0d:47:fc:d3:98:49:28:c9:0d:08:ae:5f:d7:
62:ed:76:e2:32:0b:bf:70:f2:7f:87:9c:15:49:50:02:15:9a:
13:d9:88:11:cc:27:8e:04:18:ac:70:86:b2:f7:bb:93:36:07:
03:e9:29:17:d4:cb:ab:ba:e9:7f:d8:ff:b5:dc:d3:cc:67:5a:
e0:bc:48:a9:41:65:ce:e9:02:3a:cc:75:90:94:82:38:e7:77:
75:8a:a9:f2:77:31:2e:c8:1a:98:68:22:90:20:7c:eb:51:b7:
13:fc:c4:90
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUKhHCU8v2oEIp1mmBYBiudOQ9p0EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0U2QjVBRjIzMUZEODA5RkJDOEU1OTkyMTVCMTREMzU3
QUM2NkE4QzAeFw0yNTAzMjYwNTU1NThaFw0yNjAzMjUwNjAwNThaMDMxMTAvBgNV
BAMTKDdGN0JBQUNCRTFDNTY5NDEzRUMyNTAxMDAyMkY2M0EzMEZCRDFDQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxOfHnbAmv+A+hyJoVcy1xuX+t
QYeIIfQXhw/9orHnhAMIUsI4zHvXLhOnTHvUqmx9yDlD5+c+Cw3z4JxwTuQY8eRZ
s7JA+sO+8Vus99OSLgUqjoLO61/pq+HzxonUdMnIHQ0y104Z3ai3NmyOVzNBL7PD
mEhkEEaobA9H1S5BRfOyD3EI0WUIqn35agbuFCjLrH/3mH1dcmnJUZwJ2GETiMyk
199vHSCNRBquypKQYfyVqyCn8+q0zEYfQJLHnkgEXB/BcBdluhnu6T97oN4ZUB6q
skzBuKCtV981SrFeABH/bbKFNrHp7X5TbRUFYrrG+Y+Wq7eCm/kipo+70KXHAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUf3uqy+HFaUE+wlAQAi9jow+9HLcwHwYDVR0j
BBgwFoAUPmta8jH9gJ+8jlmSFbFNNXrGaowwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i
ZTU0MDE2NC0zZDQ2LTQ3OTQtYmY1NS1iNmIxMzRkOWFiMTMvMC8zRTZCNUFGMjMx
RkQ4MDlGQkM4RTU5OTIxNUIxNEQzNTdBQzY2QThDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvM0U2QjVBRjIzMUZEODA5RkJDOEU1OTkyMTVCMTREMzU3QUM2
NkE4Qy5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JlNTQwMTY0LTNkNDYtNDc5NC1i
ZjU1LWI2YjEzNGQ5YWIxMy8wLzMyMzAzMjJlMzUzMTJlMzYzMTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMyMzAzMTMzMzQzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMozPTANBgkqhkiG
9w0BAQsFAAOCAQEAyD2Dd9cyn4dIGWE9E/lCbLolUmb08sMTC0ltJmEEtWzvMpsQ
I9SYmqHJSB1e7XHzbsfsmKFXwu3/0951UDBJBbUrAvl2HwSzfifEznCFzzEr3K6o
PkjOHlZA9O1H5jHCGXZitlUNgzYa7Z6rixHL7R/FCgMW2u9EdmAj8qNx5Su/cd8t
DpmRXW1+6fXBlDUUTyHIHuQNR/zTmEkoyQ0Irl/XYu124jILv3Dyf4ecFUlQAhWa
E9mIEcwnjgQYrHCGsve7kzYHA+kpF9TLq7rpf9j/tdzTzGda4LxIqUFlzukCOsx1
kJSCOOd3dYqp8ncxLsgamGgikCB861G3E/zEkA==
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:52:53 2025 by rpki-client