Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/3230322e38312e36332e302f32342d3234203d3e20313432343031.roa
File: 3230322e38312e36332e302f32342d3234203d3e20313432343031.roa (raw, json)
Hash identifier: bLwap6tv0RDiI8/+IxcllflCCdmyQFUnkFFvRqZm/tw=
Subject key identifier: CF:02:3A:88:22:AA:C9:83:AD:63:C6:C0:7A:60:F6:D9:2F:59:A6:45
Certificate issuer: /CN=154EE03198467B96315FDB527FB3BBCCA0BFC441
Certificate serial: 193F81014B476754BE58BA5ABE10E47210A8F3E5
Authority key identifier: 15:4E:E0:31:98:46:7B:96:31:5F:DB:52:7F:B3:BB:CC:A0:BF:C4:41
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/154EE03198467B96315FDB527FB3BBCCA0BFC441.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/3230322e38312e36332e302f32342d3234203d3e20313432343031.roa
Signing time: Wed 26 Jun 2024 08:00:01 +0000
ROA not before: Wed 26 Jun 2024 07:55:01 +0000
ROA not after: Wed 25 Jun 2025 08:00:01 +0000
asID: 142401
IP address blocks: 202.81.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/154EE03198467B96315FDB527FB3BBCCA0BFC441.crl
rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/154EE03198467B96315FDB527FB3BBCCA0BFC441.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/154EE03198467B96315FDB527FB3BBCCA0BFC441.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 09 Apr 2025 22:45:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:3f:81:01:4b:47:67:54:be:58:ba:5a:be:10:e4:72:10:a8:f3:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=154EE03198467B96315FDB527FB3BBCCA0BFC441
Validity
Not Before: Jun 26 07:55:01 2024 GMT
Not After : Jun 25 08:00:01 2025 GMT
Subject: CN=CF023A8822AAC983AD63C6C07A60F6D92F59A645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1d:98:b4:0c:f6:e0:0c:89:c2:4b:6a:92:b3:
05:69:b4:5f:30:aa:cf:77:5b:9c:e4:80:64:1c:ed:
ce:d8:7c:c6:bc:ca:2e:0a:0c:8a:87:23:e1:ee:9b:
5a:7e:34:d1:34:fb:9a:07:a4:9c:07:33:9d:12:d2:
32:54:21:71:50:a8:6b:82:ba:46:57:24:ee:39:d9:
9b:f4:7b:26:db:37:56:e4:7d:80:f4:ab:56:92:79:
fd:40:1a:92:34:b5:65:95:cd:8e:0f:6e:38:c9:c9:
f7:97:67:1c:f8:e0:77:0f:01:9b:2f:c9:5c:33:0e:
dd:9d:22:38:da:3a:6d:6a:4d:1a:b2:5d:f1:ab:ef:
42:ad:21:62:76:81:7e:ef:22:a2:4d:a8:93:5c:ec:
ea:5e:ee:8d:47:fe:42:66:42:b0:8f:52:bf:40:00:
94:f8:b1:a8:3e:c2:e3:54:fe:31:79:0d:f5:29:1e:
ac:e3:57:9e:39:81:f7:03:7f:28:7b:1c:25:e4:a9:
43:23:74:5d:6e:eb:13:d9:96:b4:90:36:15:cc:71:
3d:92:c4:18:bb:97:23:7f:4d:66:45:eb:f1:67:fc:
5f:1d:02:27:86:93:c7:02:e8:9b:94:80:77:9c:26:
f7:04:5f:e6:4d:7d:3c:a8:a9:e9:02:a1:a4:fb:2b:
b6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:02:3A:88:22:AA:C9:83:AD:63:C6:C0:7A:60:F6:D9:2F:59:A6:45
X509v3 Authority Key Identifier:
keyid:15:4E:E0:31:98:46:7B:96:31:5F:DB:52:7F:B3:BB:CC:A0:BF:C4:41
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/154EE03198467B96315FDB527FB3BBCCA0BFC441.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/154EE03198467B96315FDB527FB3BBCCA0BFC441.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/3230322e38312e36332e302f32342d3234203d3e20313432343031.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.81.63.0/24
Signature Algorithm: sha256WithRSAEncryption
99:b3:8e:c5:07:b6:d6:73:e3:60:d5:5d:4d:5a:61:c3:14:4e:
f6:82:bf:75:fc:08:43:a0:f3:7c:16:a8:fc:ca:88:e2:ba:1d:
83:1c:b4:7c:6c:2b:b8:68:5b:2b:ff:44:94:37:7e:68:b0:45:
d2:9c:db:a4:19:8d:6a:51:b4:00:4f:65:30:7d:b5:88:b7:48:
c4:02:2e:89:27:71:11:d9:aa:7c:f6:40:23:87:c8:3f:ba:99:
6f:a2:43:80:7c:7b:b6:10:fb:5b:0b:b2:e2:45:e5:78:cb:54:
97:22:7e:74:1a:79:e1:71:5d:3c:e1:8f:98:55:13:50:4a:1c:
0e:01:c1:ca:74:44:33:b9:6d:3e:ee:e9:e5:88:bd:30:38:90:
64:00:fb:c1:93:be:ac:45:0c:5c:81:52:6f:e7:50:29:97:96:
43:4c:d2:79:31:c1:f7:c1:19:9d:33:11:a1:29:83:c8:27:4b:
75:a3:be:cc:e8:0e:41:12:99:68:1b:40:9b:12:5c:d5:dc:a9:
bb:b7:e2:cb:e4:d2:cc:2c:f9:37:f2:dd:22:05:16:f6:ab:e0:
82:e0:b9:61:57:46:18:52:ef:6d:4a:18:0e:4c:da:ed:d6:44:
3d:f1:fc:77:c2:3f:9f:7d:e9:2b:fa:00:4f:11:78:16:f8:e9:
d5:34:cc:39
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUGT+BAUtHZ1S+WLpavhDkchCo8+UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTU0RUUwMzE5ODQ2N0I5NjMxNUZEQjUyN0ZCM0JCQ0NB
MEJGQzQ0MTAeFw0yNDA2MjYwNzU1MDFaFw0yNTA2MjUwODAwMDFaMDMxMTAvBgNV
BAMTKENGMDIzQTg4MjJBQUM5ODNBRDYzQzZDMDdBNjBGNkQ5MkY1OUE2NDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4HZi0DPbgDInCS2qSswVptF8w
qs93W5zkgGQc7c7YfMa8yi4KDIqHI+Hum1p+NNE0+5oHpJwHM50S0jJUIXFQqGuC
ukZXJO452Zv0eybbN1bkfYD0q1aSef1AGpI0tWWVzY4PbjjJyfeXZxz44HcPAZsv
yVwzDt2dIjjaOm1qTRqyXfGr70KtIWJ2gX7vIqJNqJNc7Ope7o1H/kJmQrCPUr9A
AJT4sag+wuNU/jF5DfUpHqzjV545gfcDfyh7HCXkqUMjdF1u6xPZlrSQNhXMcT2S
xBi7lyN/TWZF6/Fn/F8dAieGk8cC6JuUgHecJvcEX+ZNfTyoqekCoaT7K7Z7AgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUzwI6iCKqyYOtY8bAemD22S9ZpkUwHwYDVR0j
BBgwFoAUFU7gMZhGe5YxX9tSf7O7zKC/xEEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
NjIxZjc1My1hODhlLTRlZGYtYTMwNi1iZDkzZDVhMzhmZWEvMC8xNTRFRTAzMTk4
NDY3Qjk2MzE1RkRCNTI3RkIzQkJDQ0EwQkZDNDQxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTU0RUUwMzE5ODQ2N0I5NjMxNUZEQjUyN0ZCM0JCQ0NBMEJG
QzQ0MS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2M2MjFmNzUzLWE4OGUtNGVkZi1h
MzA2LWJkOTNkNWEzOGZlYS8wLzMyMzAzMjJlMzgzMTJlMzYzMzJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzQzMjM0MzAzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMpRPzANBgkqhkiG
9w0BAQsFAAOCAQEAmbOOxQe21nPjYNVdTVphwxRO9oK/dfwIQ6DzfBao/MqI4rod
gxy0fGwruGhbK/9ElDd+aLBF0pzbpBmNalG0AE9lMH21iLdIxAIuiSdxEdmqfPZA
I4fIP7qZb6JDgHx7thD7Wwuy4kXleMtUlyJ+dBp54XFdPOGPmFUTUEocDgHBynRE
M7ltPu7p5Yi9MDiQZAD7wZO+rEUMXIFSb+dQKZeWQ0zSeTHB98EZnTMRoSmDyCdL
daO+zOgOQRKZaBtAmxJc1dypu7fiy+TSzCz5N/LdIgUW9qvgguC5YVdGGFLvbUoY
Dkza7dZEPfH8d8I/n33pK/oATxF4Fvjp1TTMOQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 20:45:57 2025 by rpki-client