Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/c6bec8e9-6568-478d-bd26-f6e777875511/0/3130332e32312e36352e302f32342d3234203d3e20313530393832.roa
File: 3130332e32312e36352e302f32342d3234203d3e20313530393832.roa (raw, json)
Hash identifier: G0udRvsXHRRhLNPplYWvznvJttNcudpbxgcRCTJoJEc=
Subject key identifier: C1:23:5D:86:36:44:CA:B4:95:FB:03:D4:FE:A4:66:FE:68:58:AB:CD
Certificate issuer: /CN=D456F5EAD8D734455DAEF896A9055409FF4A078F
Certificate serial: 33A2EF25BD9B7FC255ED05ACF45AD198B5B748B2
Authority key identifier: D4:56:F5:EA:D8:D7:34:45:5D:AE:F8:96:A9:05:54:09:FF:4A:07:8F
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D456F5EAD8D734455DAEF896A9055409FF4A078F.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/c6bec8e9-6568-478d-bd26-f6e777875511/0/3130332e32312e36352e302f32342d3234203d3e20313530393832.roa
Signing time: Sat 22 Mar 2025 15:00:00 +0000
ROA not before: Sat 22 Mar 2025 14:55:00 +0000
ROA not after: Sat 21 Mar 2026 15:00:00 +0000
asID: 150982
IP address blocks: 103.21.65.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:a2:ef:25:bd:9b:7f:c2:55:ed:05:ac:f4:5a:d1:98:b5:b7:48:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D456F5EAD8D734455DAEF896A9055409FF4A078F
Validity
Not Before: Mar 22 14:55:00 2025 GMT
Not After : Mar 21 15:00:00 2026 GMT
Subject: CN=C1235D863644CAB495FB03D4FEA466FE6858ABCD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:65:e1:8a:ad:4c:dc:a1:39:e4:53:cf:bd:90:
1b:0d:c0:e6:41:e4:ca:dc:14:38:78:b0:ec:5c:ba:
49:79:8f:d5:17:f8:17:b2:e8:96:21:5c:a3:e2:88:
e6:3f:ba:93:9c:c5:dd:4c:46:24:6f:c4:28:2d:5c:
d3:d4:e5:8d:98:5b:5a:cb:7f:0b:7e:81:bd:04:ff:
d5:ef:ce:e9:74:9b:96:75:0a:9d:9e:23:90:ef:74:
ac:00:be:9e:c6:49:f2:5d:a2:0f:d1:e7:29:5e:a6:
03:20:7c:eb:72:55:11:c4:37:7f:24:fa:45:59:1f:
79:a8:82:2b:cb:c0:d5:c5:15:9a:b2:ae:e8:2c:0e:
47:37:31:b2:4b:12:d6:17:2d:e1:89:8c:13:89:b9:
88:ba:f4:71:87:07:9a:03:e2:9b:cd:12:cd:f7:fe:
29:14:64:88:46:80:54:bf:0e:f7:70:75:e0:21:f9:
e6:1f:f2:c5:a8:ec:60:a0:2d:8b:6a:34:07:3e:e3:
1e:4d:a8:5a:2b:f0:34:b6:bf:04:84:c8:ff:bd:e5:
ac:62:b9:04:4c:48:e2:3a:7f:47:3c:77:74:ff:26:
a7:09:16:ba:0e:7d:d7:08:cf:5f:6f:ae:c3:11:44:
af:80:31:85:e2:35:f5:2a:09:5c:df:0b:d1:b7:b1:
af:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:23:5D:86:36:44:CA:B4:95:FB:03:D4:FE:A4:66:FE:68:58:AB:CD
X509v3 Authority Key Identifier:
keyid:D4:56:F5:EA:D8:D7:34:45:5D:AE:F8:96:A9:05:54:09:FF:4A:07:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/c6bec8e9-6568-478d-bd26-f6e777875511/0/D456F5EAD8D734455DAEF896A9055409FF4A078F.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D456F5EAD8D734455DAEF896A9055409FF4A078F.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c6bec8e9-6568-478d-bd26-f6e777875511/0/3130332e32312e36352e302f32342d3234203d3e20313530393832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.21.65.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:61:38:73:a1:97:2a:4d:01:23:3d:5f:4f:55:ee:c7:06:6c:
c1:b5:36:78:71:8b:70:94:6f:74:be:e8:7f:96:56:c8:e1:f6:
1a:47:20:06:93:c1:d7:aa:3b:fe:06:c8:de:d8:50:1b:c6:52:
c8:3b:3f:ac:a1:c5:00:d3:5e:2c:4d:95:18:2c:72:1f:78:bb:
9b:47:ec:8f:d0:cb:31:bb:83:25:ed:21:16:a0:66:3a:b4:13:
67:a0:f4:20:04:5b:25:81:f8:4a:e6:07:67:23:06:bc:32:7a:
e9:e0:c5:ac:9d:98:ea:e1:59:b1:10:81:d1:27:df:9d:5d:19:
0e:5d:96:bd:f4:2a:f4:74:9e:48:a3:8e:e5:23:c5:95:a1:0d:
40:62:da:c7:cc:92:66:40:66:13:84:1c:4c:83:f8:2b:86:b8:
08:c5:3c:77:45:21:26:0b:3f:cf:29:72:8a:04:2e:b0:19:1f:
6a:28:e3:5d:21:99:c2:de:e4:a2:b4:4f:2d:c3:01:79:8e:3b:
b3:46:69:9f:62:b6:39:68:71:d8:1f:a6:96:f4:50:ac:ec:04:
d5:2f:f3:41:3b:52:ee:f0:c2:f2:e5:72:60:fc:c6:ea:65:ca:
3a:16:8e:e5:f5:ec:b1:71:90:50:6c:c5:fd:cc:88:56:03:88:
13:29:c5:02
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUM6LvJb2bf8JV7QWs9FrRmLW3SLIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDQ1NkY1RUFEOEQ3MzQ0NTVEQUVGODk2QTkwNTU0MDlG
RjRBMDc4RjAeFw0yNTAzMjIxNDU1MDBaFw0yNjAzMjExNTAwMDBaMDMxMTAvBgNV
BAMTKEMxMjM1RDg2MzY0NENBQjQ5NUZCMDNENEZFQTQ2NkZFNjg1OEFCQ0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTZeGKrUzcoTnkU8+9kBsNwOZB
5MrcFDh4sOxcukl5j9UX+Bey6JYhXKPiiOY/upOcxd1MRiRvxCgtXNPU5Y2YW1rL
fwt+gb0E/9Xvzul0m5Z1Cp2eI5DvdKwAvp7GSfJdog/R5ylepgMgfOtyVRHEN38k
+kVZH3mogivLwNXFFZqyrugsDkc3MbJLEtYXLeGJjBOJuYi69HGHB5oD4pvNEs33
/ikUZIhGgFS/DvdwdeAh+eYf8sWo7GCgLYtqNAc+4x5NqFor8DS2vwSEyP+95axi
uQRMSOI6f0c8d3T/JqcJFroOfdcIz19vrsMRRK+AMYXiNfUqCVzfC9G3sa/tAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUwSNdhjZEyrSV+wPU/qRm/mhYq80wHwYDVR0j
BBgwFoAU1Fb16tjXNEVdrviWqQVUCf9KB48wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
NmJlYzhlOS02NTY4LTQ3OGQtYmQyNi1mNmU3Nzc4NzU1MTEvMC9ENDU2RjVFQUQ4
RDczNDQ1NURBRUY4OTZBOTA1NTQwOUZGNEEwNzhGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDQ1NkY1RUFEOEQ3MzQ0NTVEQUVGODk2QTkwNTU0MDlGRjRB
MDc4Ri5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2M2YmVjOGU5LTY1NjgtNDc4ZC1i
ZDI2LWY2ZTc3Nzg3NTUxMS8wLzMxMzAzMzJlMzIzMTJlMzYzNTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzUzMDM5MzgzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGcVQTANBgkqhkiG
9w0BAQsFAAOCAQEAt2E4c6GXKk0BIz1fT1XuxwZswbU2eHGLcJRvdL7of5ZWyOH2
GkcgBpPB16o7/gbI3thQG8ZSyDs/rKHFANNeLE2VGCxyH3i7m0fsj9DLMbuDJe0h
FqBmOrQTZ6D0IARbJYH4SuYHZyMGvDJ66eDFrJ2Y6uFZsRCB0SffnV0ZDl2WvfQq
9HSeSKOO5SPFlaENQGLax8ySZkBmE4QcTIP4K4a4CMU8d0UhJgs/zylyigQusBkf
aijjXSGZwt7korRPLcMBeY47s0Zpn2K2OWhx2B+mlvRQrOwE1S/zQTtS7vDC8uVy
YPzG6mXKOhaO5fXssXGQUGzF/cyIVgOIEynFAg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:35:26 2025 by rpki-client