Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/c00ae0f1-b8c0-452f-8e89-1dfc3f594d4c/0/3230332e372e3137312e302f32342d3234203d3e203535363931.roa
File: 3230332e372e3137312e302f32342d3234203d3e203535363931.roa (raw, json)
Hash identifier: 6/BGm352ofBFwmMWeXlwLiQDWFsCjJihfEUy/SjVwOI=
Subject key identifier: 5B:56:0B:5D:51:C2:81:D8:0E:CC:43:AF:84:91:46:50:A0:40:AF:77
Certificate issuer: /CN=CE826E79683ED6E5CE61FEA244B6B79133E98EE3
Certificate serial: 477774A69B388BE0F2DC978412CC79FD2C666340
Authority key identifier: CE:82:6E:79:68:3E:D6:E5:CE:61:FE:A2:44:B6:B7:91:33:E9:8E:E3
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CE826E79683ED6E5CE61FEA244B6B79133E98EE3.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/c00ae0f1-b8c0-452f-8e89-1dfc3f594d4c/0/3230332e372e3137312e302f32342d3234203d3e203535363931.roa
Signing time: Mon 01 Jul 2024 01:04:39 +0000
ROA not before: Mon 01 Jul 2024 00:59:39 +0000
ROA not after: Mon 30 Jun 2025 01:04:39 +0000
asID: 55691
IP address blocks: 203.7.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/c00ae0f1-b8c0-452f-8e89-1dfc3f594d4c/0/CE826E79683ED6E5CE61FEA244B6B79133E98EE3.crl
rsync://repo-rpki.idnic.net/repo/c00ae0f1-b8c0-452f-8e89-1dfc3f594d4c/0/CE826E79683ED6E5CE61FEA244B6B79133E98EE3.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CE826E79683ED6E5CE61FEA244B6B79133E98EE3.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 00:51:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:77:74:a6:9b:38:8b:e0:f2:dc:97:84:12:cc:79:fd:2c:66:63:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CE826E79683ED6E5CE61FEA244B6B79133E98EE3
Validity
Not Before: Jul 1 00:59:39 2024 GMT
Not After : Jun 30 01:04:39 2025 GMT
Subject: CN=5B560B5D51C281D80ECC43AF84914650A040AF77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a2:e1:96:8e:e3:2e:6a:ca:ca:f5:71:9c:a6:
91:32:43:a5:d0:78:2e:38:8c:60:3b:83:c0:85:70:
25:28:a3:e0:82:73:43:b4:53:20:16:3b:15:29:fb:
7c:b8:24:45:7e:5b:a2:54:6b:87:c8:53:b1:15:d5:
bc:8c:5f:9f:0e:a8:f3:16:f4:0e:a7:c3:0f:51:1d:
2c:b5:1e:63:c4:18:76:11:1f:5a:8c:14:89:aa:c0:
03:ef:1e:00:62:b0:ce:cf:b0:e3:05:b4:89:7b:28:
7f:6e:2e:76:da:71:8d:85:0a:0b:9b:5e:44:32:22:
58:f4:29:75:7e:22:f3:8b:75:12:05:ce:a5:a1:08:
c6:35:33:23:fa:e2:92:da:72:71:39:08:38:5d:83:
81:16:57:d9:d6:8a:cb:32:59:25:1a:d9:ea:b4:57:
1c:90:d1:4b:bb:a8:ee:58:f6:c4:02:ed:b1:da:c8:
7f:40:40:a9:c9:5b:0f:4a:90:b2:9c:fe:df:83:b1:
2f:9d:62:a5:69:f2:63:99:04:d7:a7:7e:a7:19:12:
40:d5:78:ca:9d:fb:df:4b:93:d9:07:85:df:ef:ff:
4e:ee:7f:97:8e:20:06:67:48:d8:5c:94:7b:98:71:
d1:f9:8c:3b:35:79:54:4a:08:07:61:f1:82:4f:e0:
6e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:56:0B:5D:51:C2:81:D8:0E:CC:43:AF:84:91:46:50:A0:40:AF:77
X509v3 Authority Key Identifier:
keyid:CE:82:6E:79:68:3E:D6:E5:CE:61:FE:A2:44:B6:B7:91:33:E9:8E:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/c00ae0f1-b8c0-452f-8e89-1dfc3f594d4c/0/CE826E79683ED6E5CE61FEA244B6B79133E98EE3.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CE826E79683ED6E5CE61FEA244B6B79133E98EE3.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c00ae0f1-b8c0-452f-8e89-1dfc3f594d4c/0/3230332e372e3137312e302f32342d3234203d3e203535363931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.7.171.0/24
Signature Algorithm: sha256WithRSAEncryption
48:db:4d:17:23:9c:70:75:fa:00:71:1a:ff:95:4a:bb:e4:77:
76:19:59:3b:f0:7d:7b:50:1f:7e:a4:dc:bc:bf:46:96:37:e6:
b6:1f:32:62:4f:12:5c:79:37:41:80:84:c8:66:4f:67:87:78:
2e:30:e3:84:89:8e:14:fb:9f:7c:7f:e6:3e:00:50:1f:a6:d4:
8f:c3:7d:c3:2f:41:7a:9c:ef:e7:b2:c9:16:45:ae:26:b1:67:
43:0c:1a:0b:da:c5:b6:69:df:98:00:b5:c7:ee:e4:56:07:3e:
80:23:3e:da:02:60:a2:4a:00:cf:d3:7d:55:25:42:f8:53:ef:
00:4a:b9:8e:ed:b3:8a:43:2a:66:f8:f9:cd:d4:09:af:bc:c4:
8c:cc:03:cd:71:d1:24:9e:57:7a:8e:ca:11:d7:84:b3:46:18:
67:a3:a2:45:d5:10:37:e5:0b:f6:ba:97:07:74:26:be:d9:08:
d1:ec:0f:c5:8e:53:e4:04:00:31:41:1b:45:d7:88:36:4d:ea:
6f:f0:da:31:69:27:e8:8f:67:8e:90:d8:52:31:a6:b8:26:2e:
a3:86:cf:d6:17:9e:1f:fe:af:03:44:41:73:27:ca:6a:49:a3:
70:69:3d:fb:b6:f8:25:22:54:2d:83:60:a7:8b:17:7a:08:75:
4f:29:44:41
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUR3d0pps4i+Dy3JeEEsx5/SxmY0AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0U4MjZFNzk2ODNFRDZFNUNFNjFGRUEyNDRCNkI3OTEz
M0U5OEVFMzAeFw0yNDA3MDEwMDU5MzlaFw0yNTA2MzAwMTA0MzlaMDMxMTAvBgNV
BAMTKDVCNTYwQjVENTFDMjgxRDgwRUNDNDNBRjg0OTE0NjUwQTA0MEFGNzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChouGWjuMuasrK9XGcppEyQ6XQ
eC44jGA7g8CFcCUoo+CCc0O0UyAWOxUp+3y4JEV+W6JUa4fIU7EV1byMX58OqPMW
9A6nww9RHSy1HmPEGHYRH1qMFImqwAPvHgBisM7PsOMFtIl7KH9uLnbacY2FCgub
XkQyIlj0KXV+IvOLdRIFzqWhCMY1MyP64pLacnE5CDhdg4EWV9nWissyWSUa2eq0
VxyQ0Uu7qO5Y9sQC7bHayH9AQKnJWw9KkLKc/t+DsS+dYqVp8mOZBNenfqcZEkDV
eMqd+99Lk9kHhd/v/07uf5eOIAZnSNhclHuYcdH5jDs1eVRKCAdh8YJP4G7bAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUW1YLXVHCgdgOzEOvhJFGUKBAr3cwHwYDVR0j
BBgwFoAUzoJueWg+1uXOYf6iRLa3kTPpjuMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
MDBhZTBmMS1iOGMwLTQ1MmYtOGU4OS0xZGZjM2Y1OTRkNGMvMC9DRTgyNkU3OTY4
M0VENkU1Q0U2MUZFQTI0NEI2Qjc5MTMzRTk4RUUzLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQ0U4MjZFNzk2ODNFRDZFNUNFNjFGRUEyNDRCNkI3OTEzM0U5
OEVFMy5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2MwMGFlMGYxLWI4YzAtNDUyZi04
ZTg5LTFkZmMzZjU5NGQ0Yy8wLzMyMzAzMzJlMzcyZTMxMzczMTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDM1MzUzNjM5MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADLB6swDQYJKoZIhvcN
AQELBQADggEBAEjbTRcjnHB1+gBxGv+VSrvkd3YZWTvwfXtQH36k3Ly/RpY35rYf
MmJPElx5N0GAhMhmT2eHeC4w44SJjhT7n3x/5j4AUB+m1I/DfcMvQXqc7+eyyRZF
riaxZ0MMGgvaxbZp35gAtcfu5FYHPoAjPtoCYKJKAM/TfVUlQvhT7wBKuY7ts4pD
Kmb4+c3UCa+8xIzMA81x0SSeV3qOyhHXhLNGGGejokXVEDflC/a6lwd0Jr7ZCNHs
D8WOU+QEADFBG0XXiDZN6m/w2jFpJ+iPZ46Q2FIxprgmLqOGz9YXnh/+rwNEQXMn
ympJo3BpPfu2+CUiVC2DYKeLF3oIdU8pREE=
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:15:33 2025 by rpki-client