Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/c2836763-12b6-4d8f-ad0b-4cd5b61959ef/0/3230322e34332e3137302e302f32342d3234203d3e203138303539.roa
File: 3230322e34332e3137302e302f32342d3234203d3e203138303539.roa (raw, json)
Hash identifier: EtGC1rPYOcL1Ht40P+dm6Pu0NSBh7wdEoRFI7CXPNPg=
Subject key identifier: 99:38:F6:1F:FD:19:B3:7E:CA:2B:26:78:2E:D6:51:C8:5B:1E:BC:D3
Certificate issuer: /CN=82884151A5283F43CA97CE1ACE95A51C6C8A1D8E
Certificate serial: 39FEC79BDAE24FDFC8AFC7731428FA9B18B46300
Authority key identifier: 82:88:41:51:A5:28:3F:43:CA:97:CE:1A:CE:95:A5:1C:6C:8A:1D:8E
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/82884151A5283F43CA97CE1ACE95A51C6C8A1D8E.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/c2836763-12b6-4d8f-ad0b-4cd5b61959ef/0/3230322e34332e3137302e302f32342d3234203d3e203138303539.roa
Signing time: Fri 25 Oct 2024 04:00:34 +0000
ROA not before: Fri 25 Oct 2024 03:55:34 +0000
ROA not after: Fri 24 Oct 2025 04:00:34 +0000
asID: 18059
IP address blocks: 202.43.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/c2836763-12b6-4d8f-ad0b-4cd5b61959ef/0/82884151A5283F43CA97CE1ACE95A51C6C8A1D8E.crl
rsync://repo-rpki.idnic.net/repo/c2836763-12b6-4d8f-ad0b-4cd5b61959ef/0/82884151A5283F43CA97CE1ACE95A51C6C8A1D8E.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/82884151A5283F43CA97CE1ACE95A51C6C8A1D8E.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 23:05:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:fe:c7:9b:da:e2:4f:df:c8:af:c7:73:14:28:fa:9b:18:b4:63:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82884151A5283F43CA97CE1ACE95A51C6C8A1D8E
Validity
Not Before: Oct 25 03:55:34 2024 GMT
Not After : Oct 24 04:00:34 2025 GMT
Subject: CN=9938F61FFD19B37ECA2B26782ED651C85B1EBCD3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5f:bb:21:c7:4a:94:86:7b:e2:3b:82:21:46:
9b:c3:9e:ec:70:f9:35:c6:19:30:59:c4:7b:92:e4:
df:f2:ec:cc:68:02:b5:92:3e:e5:1a:c9:a4:01:91:
a4:66:a4:0b:5f:36:9c:e7:65:28:f8:9c:60:f1:4f:
f2:92:16:0a:d7:f7:a3:2b:7c:37:66:25:07:ea:e6:
a0:12:03:2d:33:a3:a5:bd:a7:de:68:0b:c6:2c:86:
af:f8:89:66:b7:e5:9f:0e:83:06:90:eb:39:7d:f8:
9b:cc:f2:e1:c5:25:f9:f5:c9:58:8a:d9:b1:8e:e4:
c5:ec:2e:d6:13:80:24:e9:a9:cb:51:e0:33:86:df:
bf:e0:f8:7b:64:c6:2b:27:54:a1:8a:2c:97:2b:69:
ec:f2:3f:0d:81:25:26:8a:5d:4d:d5:27:5f:c9:0b:
a2:ef:3e:40:8c:7c:93:83:6a:c5:15:76:48:ef:a9:
53:b8:55:57:4c:6c:55:10:1e:0f:6d:64:a1:8d:dc:
7f:65:75:ae:a6:07:ec:50:82:ea:21:85:5e:53:28:
98:99:9d:78:1f:4f:29:bf:fa:e4:ce:dd:b2:bd:1c:
f8:0d:70:b1:32:58:ba:bf:52:cb:ba:fd:27:f9:e4:
3a:96:7e:29:d7:85:8c:c9:e9:8f:69:05:1f:76:0f:
4d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:38:F6:1F:FD:19:B3:7E:CA:2B:26:78:2E:D6:51:C8:5B:1E:BC:D3
X509v3 Authority Key Identifier:
keyid:82:88:41:51:A5:28:3F:43:CA:97:CE:1A:CE:95:A5:1C:6C:8A:1D:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/c2836763-12b6-4d8f-ad0b-4cd5b61959ef/0/82884151A5283F43CA97CE1ACE95A51C6C8A1D8E.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/82884151A5283F43CA97CE1ACE95A51C6C8A1D8E.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c2836763-12b6-4d8f-ad0b-4cd5b61959ef/0/3230322e34332e3137302e302f32342d3234203d3e203138303539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.43.170.0/24
Signature Algorithm: sha256WithRSAEncryption
37:c0:7c:c1:26:f7:fd:f5:d9:fc:3d:59:f6:57:b3:57:aa:ff:
e7:ff:dc:46:b6:4b:50:be:1a:7b:45:61:e7:8c:1e:53:87:74:
61:59:70:03:db:14:09:a3:20:0e:4d:2e:41:de:45:cd:f2:f0:
63:32:73:eb:6d:2b:30:16:f4:65:d1:74:9c:e7:ca:26:44:cc:
cd:81:36:95:57:90:bf:e2:be:df:e2:70:29:a1:57:44:e5:a4:
f3:be:6f:81:99:91:f3:90:aa:45:40:98:27:83:9f:2e:0f:36:
5f:c9:6b:9f:ca:bc:eb:58:09:48:06:00:a6:72:b0:92:a4:fc:
d0:e5:0d:7e:92:01:33:00:e8:0b:86:e3:1b:0c:f5:5f:31:3e:
ff:36:35:55:f3:e9:e9:93:2e:73:d3:cb:99:31:f8:f8:13:28:
7a:ca:1a:b6:96:0d:39:bc:9c:a2:4c:3c:0d:8a:68:b0:8c:e5:
56:01:50:20:ce:49:dd:54:48:91:fd:c0:dc:b7:3f:f4:14:98:
1e:02:79:cc:63:d7:37:1f:64:fd:3b:ef:ce:52:34:2c:75:1e:
27:fa:f3:3c:c9:74:a4:c4:57:fa:41:af:f2:1b:53:e6:4c:9d:
73:ab:71:01:f8:59:a8:7e:99:a6:86:cb:e0:3f:ae:99:a4:74:
ac:fa:b4:51
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUOf7Hm9riT9/Ir8dzFCj6mxi0YwAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODI4ODQxNTFBNTI4M0Y0M0NBOTdDRTFBQ0U5NUE1MUM2
QzhBMUQ4RTAeFw0yNDEwMjUwMzU1MzRaFw0yNTEwMjQwNDAwMzRaMDMxMTAvBgNV
BAMTKDk5MzhGNjFGRkQxOUIzN0VDQTJCMjY3ODJFRDY1MUM4NUIxRUJDRDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPX7shx0qUhnviO4IhRpvDnuxw
+TXGGTBZxHuS5N/y7MxoArWSPuUayaQBkaRmpAtfNpznZSj4nGDxT/KSFgrX96Mr
fDdmJQfq5qASAy0zo6W9p95oC8Yshq/4iWa35Z8OgwaQ6zl9+JvM8uHFJfn1yViK
2bGO5MXsLtYTgCTpqctR4DOG37/g+HtkxisnVKGKLJcraezyPw2BJSaKXU3VJ1/J
C6LvPkCMfJODasUVdkjvqVO4VVdMbFUQHg9tZKGN3H9lda6mB+xQguohhV5TKJiZ
nXgfTym/+uTO3bK9HPgNcLEyWLq/Usu6/Sf55DqWfinXhYzJ6Y9pBR92D01pAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUmTj2H/0Zs37KKyZ4LtZRyFsevNMwHwYDVR0j
BBgwFoAUgohBUaUoP0PKl84azpWlHGyKHY4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
MjgzNjc2My0xMmI2LTRkOGYtYWQwYi00Y2Q1YjYxOTU5ZWYvMC84Mjg4NDE1MUE1
MjgzRjQzQ0E5N0NFMUFDRTk1QTUxQzZDOEExRDhFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvODI4ODQxNTFBNTI4M0Y0M0NBOTdDRTFBQ0U5NUE1MUM2QzhB
MUQ4RS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2MyODM2NzYzLTEyYjYtNGQ4Zi1h
ZDBiLTRjZDViNjE5NTllZi8wLzMyMzAzMjJlMzQzMzJlMzEzNzMwMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzODMwMzUzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMorqjANBgkqhkiG
9w0BAQsFAAOCAQEAN8B8wSb3/fXZ/D1Z9lezV6r/5//cRrZLUL4ae0Vh54weU4d0
YVlwA9sUCaMgDk0uQd5FzfLwYzJz620rMBb0ZdF0nOfKJkTMzYE2lVeQv+K+3+Jw
KaFXROWk875vgZmR85CqRUCYJ4OfLg82X8lrn8q861gJSAYApnKwkqT80OUNfpIB
MwDoC4bjGwz1XzE+/zY1VfPp6ZMuc9PLmTH4+BMoesoatpYNObycokw8DYposIzl
VgFQIM5J3VRIkf3A3Lc/9BSYHgJ5zGPXNx9k/TvvzlI0LHUeJ/rzPMl0pMRX+kGv
8htT5kydc6txAfhZqH6ZpobL4D+umaR0rPq0UQ==
-----END CERTIFICATE-----
Generated at Wed Apr 9 12:26:16 2025 by rpki-client