Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/c846f422-c302-4462-b584-700e9346ca09/0/3130332e32332e39382e302f32342d3234203d3e20313530323435.roa
File: 3130332e32332e39382e302f32342d3234203d3e20313530323435.roa (raw, json)
Hash identifier: zfWwMyIyfYFsLYce6cLTwp+3PWwf0vu9ehqN4lOZ8SU=
Subject key identifier: 3D:76:9F:AD:B0:8D:EE:55:93:8E:81:22:61:0F:0D:DC:10:30:C9:DC
Certificate issuer: /CN=B2B2F42BF1978AD094186480A7DA0086FD7C2919
Certificate serial: 01D7A9A01E19DAC47210617DC3A89B28296B3A38
Authority key identifier: B2:B2:F4:2B:F1:97:8A:D0:94:18:64:80:A7:DA:00:86:FD:7C:29:19
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B2B2F42BF1978AD094186480A7DA0086FD7C2919.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/c846f422-c302-4462-b584-700e9346ca09/0/3130332e32332e39382e302f32342d3234203d3e20313530323435.roa
Signing time: Sat 15 Feb 2025 07:00:01 +0000
ROA not before: Sat 15 Feb 2025 06:55:01 +0000
ROA not after: Sat 14 Feb 2026 07:00:01 +0000
asID: 150245
IP address blocks: 103.23.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/c846f422-c302-4462-b584-700e9346ca09/0/B2B2F42BF1978AD094186480A7DA0086FD7C2919.crl
rsync://repo-rpki.idnic.net/repo/c846f422-c302-4462-b584-700e9346ca09/0/B2B2F42BF1978AD094186480A7DA0086FD7C2919.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B2B2F42BF1978AD094186480A7DA0086FD7C2919.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 12 Apr 2025 07:43:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:d7:a9:a0:1e:19:da:c4:72:10:61:7d:c3:a8:9b:28:29:6b:3a:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B2B2F42BF1978AD094186480A7DA0086FD7C2919
Validity
Not Before: Feb 15 06:55:01 2025 GMT
Not After : Feb 14 07:00:01 2026 GMT
Subject: CN=3D769FADB08DEE55938E8122610F0DDC1030C9DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:6d:a1:2d:93:cb:64:e9:9d:2c:3a:64:00:65:
a1:15:a3:93:12:4b:33:e2:fc:18:db:78:39:73:06:
d5:de:ad:42:7e:64:d8:e6:21:a4:1e:26:bf:37:df:
b2:19:b0:c9:05:a4:77:14:d7:43:74:36:c6:e6:e3:
ca:c2:c4:89:cc:04:b5:df:c5:0c:03:b0:34:69:ea:
04:76:ff:71:ea:17:2c:ce:0f:bf:0e:41:3c:48:ca:
1f:56:71:64:05:99:ae:1f:c0:a1:e9:10:dc:74:2f:
12:90:23:41:f6:ed:45:5a:8c:b4:43:23:dd:6c:d5:
55:ba:b0:a9:e3:82:40:41:b6:84:95:54:9b:75:6c:
b1:f7:a0:d1:43:70:18:05:c1:3f:f9:cc:51:c5:b5:
87:47:df:e0:67:7d:c1:b8:92:fb:51:a0:96:64:c9:
4f:6f:74:ad:46:44:15:9e:46:fd:a2:65:2c:2d:ba:
42:32:90:f6:b5:db:86:43:5d:13:4c:23:bb:3a:7a:
2b:ac:e4:c2:41:4d:3c:50:61:e3:b9:b8:c7:17:d4:
a9:c5:91:15:1f:e2:6c:54:64:9d:1d:ff:22:1a:6f:
f9:9b:1d:24:ff:9b:9c:a5:d5:54:11:cb:30:97:fc:
b9:95:ea:22:41:5b:72:30:31:4a:13:bf:c2:40:38:
9d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:76:9F:AD:B0:8D:EE:55:93:8E:81:22:61:0F:0D:DC:10:30:C9:DC
X509v3 Authority Key Identifier:
keyid:B2:B2:F4:2B:F1:97:8A:D0:94:18:64:80:A7:DA:00:86:FD:7C:29:19
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/c846f422-c302-4462-b584-700e9346ca09/0/B2B2F42BF1978AD094186480A7DA0086FD7C2919.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B2B2F42BF1978AD094186480A7DA0086FD7C2919.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c846f422-c302-4462-b584-700e9346ca09/0/3130332e32332e39382e302f32342d3234203d3e20313530323435.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.23.98.0/24
Signature Algorithm: sha256WithRSAEncryption
58:14:92:7d:a7:67:68:ed:03:4c:77:de:68:65:b6:6c:78:f0:
68:33:0e:ac:d2:9d:89:b3:c1:20:af:76:cb:b9:00:62:56:65:
32:ec:f2:e6:1c:8b:ce:02:86:b2:e8:43:5c:42:b1:c8:c5:1f:
16:64:7c:07:62:1e:89:15:88:e6:73:69:b6:03:5f:41:8e:6c:
a3:30:7e:78:e4:1b:ce:62:49:67:43:6d:bc:7a:8f:e7:b7:96:
fb:09:63:7c:2b:b5:3e:d0:c7:fe:86:3f:cb:ce:71:78:42:22:
16:af:9d:69:56:50:e6:bf:72:65:10:a4:7b:20:a8:02:31:13:
64:e1:7e:f2:49:ed:b1:4c:8d:e4:34:c5:aa:d1:6a:35:1a:58:
27:70:86:f1:83:58:8d:fd:e1:0c:44:90:db:b8:7d:08:30:a7:
45:cc:60:94:d5:9e:c1:66:1e:11:b9:37:b4:f0:ab:c2:d0:91:
9c:34:7a:3a:da:cd:82:72:2c:9d:81:c3:7c:33:32:25:be:3e:
d9:6c:30:dc:3b:d6:46:2e:94:be:d2:53:20:04:61:27:35:80:
54:e5:92:91:2c:dc:c0:b3:13:8d:76:ff:b7:76:83:06:52:64:
b6:f7:f7:41:da:d6:f2:49:a5:d2:17:9f:32:b5:62:f3:6c:1c:
60:bf:a4:75
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUAdepoB4Z2sRyEGF9w6ibKClrOjgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjJCMkY0MkJGMTk3OEFEMDk0MTg2NDgwQTdEQTAwODZG
RDdDMjkxOTAeFw0yNTAyMTUwNjU1MDFaFw0yNjAyMTQwNzAwMDFaMDMxMTAvBgNV
BAMTKDNENzY5RkFEQjA4REVFNTU5MzhFODEyMjYxMEYwRERDMTAzMEM5REMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHbaEtk8tk6Z0sOmQAZaEVo5MS
SzPi/BjbeDlzBtXerUJ+ZNjmIaQeJr8337IZsMkFpHcU10N0Nsbm48rCxInMBLXf
xQwDsDRp6gR2/3HqFyzOD78OQTxIyh9WcWQFma4fwKHpENx0LxKQI0H27UVajLRD
I91s1VW6sKnjgkBBtoSVVJt1bLH3oNFDcBgFwT/5zFHFtYdH3+BnfcG4kvtRoJZk
yU9vdK1GRBWeRv2iZSwtukIykPa124ZDXRNMI7s6eius5MJBTTxQYeO5uMcX1KnF
kRUf4mxUZJ0d/yIab/mbHST/m5yl1VQRyzCX/LmV6iJBW3IwMUoTv8JAOJ03AgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUPXafrbCN7lWTjoEiYQ8N3BAwydwwHwYDVR0j
BBgwFoAUsrL0K/GXitCUGGSAp9oAhv18KRkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
ODQ2ZjQyMi1jMzAyLTQ0NjItYjU4NC03MDBlOTM0NmNhMDkvMC9CMkIyRjQyQkYx
OTc4QUQwOTQxODY0ODBBN0RBMDA4NkZEN0MyOTE5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjJCMkY0MkJGMTk3OEFEMDk0MTg2NDgwQTdEQTAwODZGRDdD
MjkxOS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2M4NDZmNDIyLWMzMDItNDQ2Mi1i
NTg0LTcwMGU5MzQ2Y2EwOS8wLzMxMzAzMzJlMzIzMzJlMzkzODJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzUzMDMyMzQzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGcXYjANBgkqhkiG
9w0BAQsFAAOCAQEAWBSSfadnaO0DTHfeaGW2bHjwaDMOrNKdibPBIK92y7kAYlZl
Muzy5hyLzgKGsuhDXEKxyMUfFmR8B2IeiRWI5nNptgNfQY5sozB+eOQbzmJJZ0Nt
vHqP57eW+wljfCu1PtDH/oY/y85xeEIiFq+daVZQ5r9yZRCkeyCoAjETZOF+8knt
sUyN5DTFqtFqNRpYJ3CG8YNYjf3hDESQ27h9CDCnRcxglNWewWYeEbk3tPCrwtCR
nDR6OtrNgnIsnYHDfDMyJb4+2Www3DvWRi6UvtJTIARhJzWAVOWSkSzcwLMTjXb/
t3aDBlJktvf3QdrW8kml0hefMrVi82wcYL+kdQ==
-----END CERTIFICATE-----
Generated at Thu Apr 10 14:08:55 2025 by rpki-client