Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/c6bec8e9-6568-478d-bd26-f6e777875511/0/3130332e32312e36342e302f32342d3234203d3e20313530393832.roa
File: 3130332e32312e36342e302f32342d3234203d3e20313530393832.roa (raw, json)
Hash identifier: yEfEIfYRzsgFdTFRadWVOvqbZaRYioWNk9NlZG+miqI=
Subject key identifier: EF:0E:70:57:07:15:81:A4:3E:6A:0C:A7:62:69:FC:94:5E:B4:69:83
Certificate issuer: /CN=D456F5EAD8D734455DAEF896A9055409FF4A078F
Certificate serial: 2884ACC582C291F1377FD795BA109876EFEE2115
Authority key identifier: D4:56:F5:EA:D8:D7:34:45:5D:AE:F8:96:A9:05:54:09:FF:4A:07:8F
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D456F5EAD8D734455DAEF896A9055409FF4A078F.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/c6bec8e9-6568-478d-bd26-f6e777875511/0/3130332e32312e36342e302f32342d3234203d3e20313530393832.roa
Signing time: Sat 22 Mar 2025 15:00:00 +0000
ROA not before: Sat 22 Mar 2025 14:55:00 +0000
ROA not after: Sat 21 Mar 2026 15:00:00 +0000
asID: 150982
IP address blocks: 103.21.64.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:84:ac:c5:82:c2:91:f1:37:7f:d7:95:ba:10:98:76:ef:ee:21:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D456F5EAD8D734455DAEF896A9055409FF4A078F
Validity
Not Before: Mar 22 14:55:00 2025 GMT
Not After : Mar 21 15:00:00 2026 GMT
Subject: CN=EF0E7057071581A43E6A0CA76269FC945EB46983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:9a:53:70:ee:a4:5c:e2:52:40:b5:b6:c0:4f:
c1:ad:d1:eb:24:c9:66:d0:a1:21:29:ec:71:c3:47:
fc:86:25:68:d5:69:57:c1:0b:af:9f:2c:6f:20:99:
f0:ba:50:ea:19:5c:48:ab:0c:dd:37:09:3b:37:d5:
72:3c:87:75:16:c4:a6:ca:09:55:3d:25:1a:01:7b:
e8:fc:e4:66:db:df:f9:05:50:08:6a:86:e0:08:3e:
04:c6:c3:9d:43:b7:69:5b:9b:51:1a:61:5f:17:11:
21:93:d5:90:ba:83:7d:0c:c9:c8:e8:ad:b0:af:65:
1f:39:30:97:53:ef:ec:8c:72:0b:f7:b7:44:e8:8b:
57:b8:30:21:f6:ae:a2:6f:0d:61:f1:f1:69:a5:50:
54:f3:56:7e:1e:78:76:9f:69:c3:dd:4f:6f:aa:d8:
3f:69:f4:a8:6e:d1:b4:c1:90:51:fd:94:1f:53:58:
ac:1f:f2:e6:9a:9f:56:67:25:8b:50:81:f4:e6:19:
e5:ed:09:4d:f5:fb:ba:b0:71:26:b1:da:1c:ff:08:
cd:bb:cc:12:0e:4d:f4:c8:4d:63:10:d6:08:9f:ac:
65:b6:c6:3f:7d:44:fd:d9:53:8e:dd:a8:52:52:9b:
e5:04:93:48:e5:ee:a0:76:ee:ef:e8:6a:f4:a3:be:
8b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:0E:70:57:07:15:81:A4:3E:6A:0C:A7:62:69:FC:94:5E:B4:69:83
X509v3 Authority Key Identifier:
keyid:D4:56:F5:EA:D8:D7:34:45:5D:AE:F8:96:A9:05:54:09:FF:4A:07:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/c6bec8e9-6568-478d-bd26-f6e777875511/0/D456F5EAD8D734455DAEF896A9055409FF4A078F.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D456F5EAD8D734455DAEF896A9055409FF4A078F.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c6bec8e9-6568-478d-bd26-f6e777875511/0/3130332e32312e36342e302f32342d3234203d3e20313530393832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.21.64.0/24
Signature Algorithm: sha256WithRSAEncryption
00:87:a4:05:ed:71:24:f3:56:ec:28:32:b6:2b:1a:f3:45:7f:
48:4c:5b:5e:4f:d7:7e:d7:d3:6d:b3:7a:e2:2d:91:a9:c4:52:
0a:3a:d3:ae:39:3e:8a:20:7b:b0:73:a8:b9:bd:92:6e:3a:7a:
db:f0:b4:ff:e4:71:f1:5f:0a:70:46:6f:9a:79:c7:dc:36:56:
ee:bf:66:cf:4d:1b:38:d4:d2:9a:f5:ad:52:1c:fa:a5:c1:84:
61:c5:b3:96:d0:a6:f3:ff:c0:cf:fd:f8:a6:c0:65:cc:bf:53:
5a:f0:6e:c2:92:fd:53:c1:23:a4:bd:ba:08:95:f2:51:29:7e:
b4:aa:12:c5:cc:89:79:35:24:ea:a6:2c:e4:5c:4e:fe:22:79:
3e:cf:b3:09:05:56:14:72:d8:8e:aa:b4:f0:a0:4b:32:a1:f9:
b2:a1:12:e3:db:53:dd:f0:94:8b:43:08:e7:5c:09:a4:7d:18:
5a:e9:05:a7:d4:97:9e:a4:d6:75:1e:7f:9e:ab:c9:2e:c5:be:
cc:ab:f1:74:ac:5d:0d:99:a9:9f:8c:e9:05:bf:a7:58:ff:3f:
e3:6a:50:7f:f1:a1:e2:a4:36:20:b8:f1:f2:f9:4f:a2:d1:d1:
b7:78:62:77:5d:bf:c1:e9:6c:cf:37:a7:d4:11:f8:a1:da:25:
9a:62:dd:bf
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUKISsxYLCkfE3f9eVuhCYdu/uIRUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDQ1NkY1RUFEOEQ3MzQ0NTVEQUVGODk2QTkwNTU0MDlG
RjRBMDc4RjAeFw0yNTAzMjIxNDU1MDBaFw0yNjAzMjExNTAwMDBaMDMxMTAvBgNV
BAMTKEVGMEU3MDU3MDcxNTgxQTQzRTZBMENBNzYyNjlGQzk0NUVCNDY5ODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCemlNw7qRc4lJAtbbAT8Gt0esk
yWbQoSEp7HHDR/yGJWjVaVfBC6+fLG8gmfC6UOoZXEirDN03CTs31XI8h3UWxKbK
CVU9JRoBe+j85Gbb3/kFUAhqhuAIPgTGw51Dt2lbm1EaYV8XESGT1ZC6g30Mycjo
rbCvZR85MJdT7+yMcgv3t0Toi1e4MCH2rqJvDWHx8WmlUFTzVn4eeHafacPdT2+q
2D9p9Khu0bTBkFH9lB9TWKwf8uaan1ZnJYtQgfTmGeXtCU31+7qwcSax2hz/CM27
zBIOTfTITWMQ1gifrGW2xj99RP3ZU47dqFJSm+UEk0jl7qB27u/oavSjvosFAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU7w5wVwcVgaQ+agynYmn8lF60aYMwHwYDVR0j
BBgwFoAU1Fb16tjXNEVdrviWqQVUCf9KB48wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
NmJlYzhlOS02NTY4LTQ3OGQtYmQyNi1mNmU3Nzc4NzU1MTEvMC9ENDU2RjVFQUQ4
RDczNDQ1NURBRUY4OTZBOTA1NTQwOUZGNEEwNzhGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDQ1NkY1RUFEOEQ3MzQ0NTVEQUVGODk2QTkwNTU0MDlGRjRB
MDc4Ri5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2M2YmVjOGU5LTY1NjgtNDc4ZC1i
ZDI2LWY2ZTc3Nzg3NTUxMS8wLzMxMzAzMzJlMzIzMTJlMzYzNDJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzUzMDM5MzgzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGcVQDANBgkqhkiG
9w0BAQsFAAOCAQEAAIekBe1xJPNW7Cgytisa80V/SExbXk/XftfTbbN64i2RqcRS
CjrTrjk+iiB7sHOoub2Sbjp62/C0/+Rx8V8KcEZvmnnH3DZW7r9mz00bONTSmvWt
Uhz6pcGEYcWzltCm8//Az/34psBlzL9TWvBuwpL9U8EjpL26CJXyUSl+tKoSxcyJ
eTUk6qYs5FxO/iJ5Ps+zCQVWFHLYjqq08KBLMqH5sqES49tT3fCUi0MI51wJpH0Y
WukFp9SXnqTWdR5/nqvJLsW+zKvxdKxdDZmpn4zpBb+nWP8/42pQf/Gh4qQ2ILjx
8vlPotHRt3hid12/welszzen1BH4odolmmLdvw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:30:47 2025 by rpki-client