Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/c6bec8e9-6568-478d-bd26-f6e777875511/0/3130332e32312e36342e302f32332d3233203d3e20313530393832.roa
File: 3130332e32312e36342e302f32332d3233203d3e20313530393832.roa (raw, json)
Hash identifier: mrSmw0lReummAnMj3GqGpFEiphyO6pKxSdT7HNPj4CY=
Subject key identifier: 29:BA:5F:E7:6E:5A:E9:FD:46:8B:0F:B5:D2:07:7E:53:A7:9B:1E:30
Certificate issuer: /CN=D456F5EAD8D734455DAEF896A9055409FF4A078F
Certificate serial: 29220ACAE51E2F112BB3FB84E3BDA25598F751EB
Authority key identifier: D4:56:F5:EA:D8:D7:34:45:5D:AE:F8:96:A9:05:54:09:FF:4A:07:8F
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D456F5EAD8D734455DAEF896A9055409FF4A078F.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/c6bec8e9-6568-478d-bd26-f6e777875511/0/3130332e32312e36342e302f32332d3233203d3e20313530393832.roa
Signing time: Fri 21 Mar 2025 07:00:00 +0000
ROA not before: Fri 21 Mar 2025 06:55:00 +0000
ROA not after: Fri 20 Mar 2026 07:00:00 +0000
asID: 150982
IP address blocks: 103.21.64.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:22:0a:ca:e5:1e:2f:11:2b:b3:fb:84:e3:bd:a2:55:98:f7:51:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D456F5EAD8D734455DAEF896A9055409FF4A078F
Validity
Not Before: Mar 21 06:55:00 2025 GMT
Not After : Mar 20 07:00:00 2026 GMT
Subject: CN=29BA5FE76E5AE9FD468B0FB5D2077E53A79B1E30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:1c:aa:97:b4:95:96:d0:5e:b5:55:8d:85:8a:
d6:e4:0c:87:0b:2b:06:a1:b4:2e:78:86:a0:f5:c8:
fb:9c:50:8d:18:12:4a:4a:d8:93:c4:71:65:d8:de:
87:c8:76:29:8c:dd:59:ec:43:56:33:92:60:72:53:
64:0f:84:17:23:c3:97:3a:f1:77:33:d1:ff:80:35:
c9:b3:61:81:98:eb:6a:9c:14:e2:9b:fd:62:93:86:
4f:57:89:cd:05:20:32:5a:56:56:10:fc:9e:ee:7a:
96:11:37:1d:33:d6:32:6b:f5:40:5b:eb:c2:95:19:
e3:78:01:e4:c1:91:00:6a:e3:9c:9f:e5:41:9d:e2:
9c:33:cb:ce:97:9d:7e:c2:4b:9b:e1:4d:83:d8:98:
ce:8b:e2:7e:9f:46:34:a5:a0:35:38:14:10:20:5a:
92:bc:c0:ab:d2:ce:6f:2a:48:2c:7c:43:a3:b3:82:
1b:5a:55:b3:76:bd:1d:90:3d:b4:d7:1b:13:5f:45:
e2:a3:84:b4:49:d4:f3:8b:8a:72:88:2b:07:4c:84:
47:39:0f:db:a7:40:46:65:d1:c9:8d:96:f1:f2:ae:
e5:03:16:16:c3:e0:e9:e3:76:51:f9:54:75:20:3c:
df:74:0e:d5:16:c1:38:48:ed:3f:df:0c:6a:a9:e1:
4d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:BA:5F:E7:6E:5A:E9:FD:46:8B:0F:B5:D2:07:7E:53:A7:9B:1E:30
X509v3 Authority Key Identifier:
keyid:D4:56:F5:EA:D8:D7:34:45:5D:AE:F8:96:A9:05:54:09:FF:4A:07:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/c6bec8e9-6568-478d-bd26-f6e777875511/0/D456F5EAD8D734455DAEF896A9055409FF4A078F.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D456F5EAD8D734455DAEF896A9055409FF4A078F.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c6bec8e9-6568-478d-bd26-f6e777875511/0/3130332e32312e36342e302f32332d3233203d3e20313530393832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.21.64.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:a1:3e:0d:9e:04:14:91:94:ae:02:19:15:53:23:88:73:c6:
e3:6d:f9:84:99:7c:1d:f7:90:34:2c:65:7c:d8:c0:55:39:89:
6b:4a:ab:b5:14:8e:0e:ca:2e:8f:d5:e9:51:bc:40:75:88:d1:
7d:38:b5:7b:6c:9c:1b:39:9f:95:aa:9c:8f:86:3e:27:a2:3e:
1b:bb:8b:18:cc:78:89:33:67:85:da:c4:87:80:9b:12:48:18:
66:fe:ae:5d:bf:ed:4a:d7:42:30:8e:62:2d:88:72:44:9c:e9:
9a:71:30:d0:c8:d7:aa:df:99:7d:0a:c9:8b:38:0b:7f:0d:29:
72:d0:21:9d:d5:f7:52:ab:ab:35:7a:2e:51:cb:4d:86:00:66:
df:c6:77:46:7b:d0:53:8f:03:b0:1f:da:9c:23:14:69:c4:3e:
b8:ef:cf:ee:c9:8c:12:a8:42:84:6c:93:25:f2:03:64:2a:d0:
74:0d:a9:10:00:6d:81:f0:0b:85:f5:a5:37:0b:e1:69:6b:d7:
c1:51:ff:0e:57:d2:8a:86:fb:33:b4:0d:79:6d:18:f0:0f:a1:
77:49:5f:d9:37:89:9b:98:58:ff:f8:30:58:71:60:1b:dc:6d:
30:ff:f2:52:58:1b:14:61:31:79:41:38:6c:a6:0c:e3:df:74:
ec:75:60:68
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUKSIKyuUeLxErs/uE472iVZj3UeswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDQ1NkY1RUFEOEQ3MzQ0NTVEQUVGODk2QTkwNTU0MDlG
RjRBMDc4RjAeFw0yNTAzMjEwNjU1MDBaFw0yNjAzMjAwNzAwMDBaMDMxMTAvBgNV
BAMTKDI5QkE1RkU3NkU1QUU5RkQ0NjhCMEZCNUQyMDc3RTUzQTc5QjFFMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLHKqXtJWW0F61VY2FitbkDIcL
KwahtC54hqD1yPucUI0YEkpK2JPEcWXY3ofIdimM3VnsQ1YzkmByU2QPhBcjw5c6
8Xcz0f+ANcmzYYGY62qcFOKb/WKThk9Xic0FIDJaVlYQ/J7uepYRNx0z1jJr9UBb
68KVGeN4AeTBkQBq45yf5UGd4pwzy86XnX7CS5vhTYPYmM6L4n6fRjSloDU4FBAg
WpK8wKvSzm8qSCx8Q6OzghtaVbN2vR2QPbTXGxNfReKjhLRJ1POLinKIKwdMhEc5
D9unQEZl0cmNlvHyruUDFhbD4OnjdlH5VHUgPN90DtUWwThI7T/fDGqp4U23AgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUKbpf525a6f1Giw+10gd+U6ebHjAwHwYDVR0j
BBgwFoAU1Fb16tjXNEVdrviWqQVUCf9KB48wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
NmJlYzhlOS02NTY4LTQ3OGQtYmQyNi1mNmU3Nzc4NzU1MTEvMC9ENDU2RjVFQUQ4
RDczNDQ1NURBRUY4OTZBOTA1NTQwOUZGNEEwNzhGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDQ1NkY1RUFEOEQ3MzQ0NTVEQUVGODk2QTkwNTU0MDlGRjRB
MDc4Ri5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2M2YmVjOGU5LTY1NjgtNDc4ZC1i
ZDI2LWY2ZTc3Nzg3NTUxMS8wLzMxMzAzMzJlMzIzMTJlMzYzNDJlMzAyZjMyMzMy
ZDMyMzMyMDNkM2UyMDMxMzUzMDM5MzgzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWcVQDANBgkqhkiG
9w0BAQsFAAOCAQEAm6E+DZ4EFJGUrgIZFVMjiHPG4235hJl8HfeQNCxlfNjAVTmJ
a0qrtRSODsouj9XpUbxAdYjRfTi1e2ycGzmflaqcj4Y+J6I+G7uLGMx4iTNnhdrE
h4CbEkgYZv6uXb/tStdCMI5iLYhyRJzpmnEw0MjXqt+ZfQrJizgLfw0pctAhndX3
UqurNXouUctNhgBm38Z3RnvQU48DsB/anCMUacQ+uO/P7smMEqhChGyTJfIDZCrQ
dA2pEABtgfALhfWlNwvhaWvXwVH/DlfSiob7M7QNeW0Y8A+hd0lf2TeJm5hY//gw
WHFgG9xtMP/yUlgbFGExeUE4bKYM49907HVgaA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:25:36 2025 by rpki-client