Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/c97465e3-78a0-4965-ae14-e4cb4d0fc185/0/3130332e3235342e3132362e302f32332d3234203d3e203535363533.roa
File: 3130332e3235342e3132362e302f32332d3234203d3e203535363533.roa (raw, json)
Hash identifier: NPccw/uPbjU6Ng0Kv+MnSicLOTD8CXxnBeD+TitCSK4=
Subject key identifier: 19:CF:A3:54:E4:B9:4C:CC:0D:F3:AB:F1:CA:0A:A6:67:8B:88:29:18
Certificate issuer: /CN=FC646066A689B77054AF95653FA324395357E6A3
Certificate serial: 7028FBB3951AAFFACF9C3D32A2D5559F34148E01
Authority key identifier: FC:64:60:66:A6:89:B7:70:54:AF:95:65:3F:A3:24:39:53:57:E6:A3
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FC646066A689B77054AF95653FA324395357E6A3.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/c97465e3-78a0-4965-ae14-e4cb4d0fc185/0/3130332e3235342e3132362e302f32332d3234203d3e203535363533.roa
Signing time: Fri 26 Jul 2024 00:00:01 +0000
ROA not before: Thu 25 Jul 2024 23:55:01 +0000
ROA not after: Fri 25 Jul 2025 00:00:01 +0000
asID: 55653
IP address blocks: 103.254.126.0/23 maxlen: 24
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/c97465e3-78a0-4965-ae14-e4cb4d0fc185/0/FC646066A689B77054AF95653FA324395357E6A3.crl
rsync://repo-rpki.idnic.net/repo/c97465e3-78a0-4965-ae14-e4cb4d0fc185/0/FC646066A689B77054AF95653FA324395357E6A3.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FC646066A689B77054AF95653FA324395357E6A3.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 14:36:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:28:fb:b3:95:1a:af:fa:cf:9c:3d:32:a2:d5:55:9f:34:14:8e:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FC646066A689B77054AF95653FA324395357E6A3
Validity
Not Before: Jul 25 23:55:01 2024 GMT
Not After : Jul 25 00:00:01 2025 GMT
Subject: CN=19CFA354E4B94CCC0DF3ABF1CA0AA6678B882918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:06:cc:27:33:4d:a3:ff:c6:fb:e2:dd:78:b2:
74:47:a0:34:bc:dd:73:04:e8:55:ca:f2:0c:27:5e:
38:84:38:ae:09:df:7d:93:df:7b:fd:07:57:96:b2:
d0:99:55:df:ef:34:3b:24:e0:d6:cc:d6:14:3a:ef:
2c:22:d4:a8:80:4e:dd:6e:ab:d9:bb:bc:84:1e:c1:
5c:ed:a1:0e:d8:b4:02:8a:e1:88:50:29:a7:63:38:
a3:ec:fd:43:3d:4c:89:39:2d:40:62:ea:6b:e0:3d:
90:f0:bb:8f:a2:07:68:d2:b3:8c:fc:3b:b6:f3:37:
eb:8b:41:df:6f:c2:19:52:43:91:a0:48:a3:51:62:
7c:70:5e:e1:19:6b:83:2a:76:01:5d:c1:87:ff:ba:
c7:aa:1f:bb:cc:de:ff:9a:86:9a:41:bc:19:bb:55:
14:1f:71:43:41:0c:86:4f:0e:a1:fa:60:76:bb:a9:
c7:79:c6:df:bd:63:55:50:dd:57:7c:9c:2d:f8:03:
6f:d1:de:aa:6c:d5:c8:83:95:fa:e5:82:d8:45:79:
78:e0:1c:78:11:29:59:90:9f:1b:8f:b3:66:be:b1:
38:11:38:75:ca:a9:7e:5e:5d:7e:de:4b:9c:22:1c:
3a:38:2b:a0:32:dd:ae:a8:ed:49:a9:6e:a3:18:68:
87:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:CF:A3:54:E4:B9:4C:CC:0D:F3:AB:F1:CA:0A:A6:67:8B:88:29:18
X509v3 Authority Key Identifier:
keyid:FC:64:60:66:A6:89:B7:70:54:AF:95:65:3F:A3:24:39:53:57:E6:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/c97465e3-78a0-4965-ae14-e4cb4d0fc185/0/FC646066A689B77054AF95653FA324395357E6A3.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FC646066A689B77054AF95653FA324395357E6A3.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c97465e3-78a0-4965-ae14-e4cb4d0fc185/0/3130332e3235342e3132362e302f32332d3234203d3e203535363533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.254.126.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:3a:4a:35:d2:c2:72:66:4d:21:a7:a8:37:06:88:cd:9d:87:
3f:b8:65:21:3f:35:63:55:a7:91:57:17:08:69:70:85:1b:f2:
71:c3:fc:8d:22:fe:52:e3:42:bb:64:9f:d2:b7:83:9e:c8:1a:
f7:d1:f3:67:49:71:14:4c:35:40:ca:ff:db:cf:ef:f5:bf:d7:
c3:99:cc:7d:16:08:6d:48:9b:41:be:85:28:75:0b:43:a3:24:
b9:0b:2c:d2:14:6f:f0:b2:22:23:e7:58:54:7e:ef:bd:b3:4b:
ef:fb:b7:a7:dc:92:bd:e1:d8:6e:ed:78:53:ee:f9:09:f1:6e:
99:89:85:2d:54:13:58:ff:7f:88:da:ab:da:33:48:7a:a4:5d:
72:a5:7f:ab:7f:cc:36:f2:f3:c3:8e:35:a9:14:f2:8d:e2:07:
d7:ae:49:ff:c4:f2:ae:a9:e7:93:37:86:99:38:89:a5:ce:0c:
64:46:dd:86:a8:ee:79:06:34:70:db:31:c0:9f:fc:ed:f6:38:
bb:e6:3b:e6:b6:53:7c:2e:b9:0f:ea:6e:4c:d3:e6:57:12:70:
f9:a9:72:4d:6c:a2:bc:14:f5:83:d5:33:9d:a3:a4:81:14:52:
56:ef:11:47:e7:dd:2e:35:09:d9:0d:ac:4e:ae:c0:6d:60:d0:
b3:40:50:d1
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUcCj7s5Uar/rPnD0yotVVnzQUjgEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkM2NDYwNjZBNjg5Qjc3MDU0QUY5NTY1M0ZBMzI0Mzk1
MzU3RTZBMzAeFw0yNDA3MjUyMzU1MDFaFw0yNTA3MjUwMDAwMDFaMDMxMTAvBgNV
BAMTKDE5Q0ZBMzU0RTRCOTRDQ0MwREYzQUJGMUNBMEFBNjY3OEI4ODI5MTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEBswnM02j/8b74t14snRHoDS8
3XME6FXK8gwnXjiEOK4J332T33v9B1eWstCZVd/vNDsk4NbM1hQ67ywi1KiATt1u
q9m7vIQewVztoQ7YtAKK4YhQKadjOKPs/UM9TIk5LUBi6mvgPZDwu4+iB2jSs4z8
O7bzN+uLQd9vwhlSQ5GgSKNRYnxwXuEZa4MqdgFdwYf/useqH7vM3v+ahppBvBm7
VRQfcUNBDIZPDqH6YHa7qcd5xt+9Y1VQ3Vd8nC34A2/R3qps1ciDlfrlgthFeXjg
HHgRKVmQnxuPs2a+sTgROHXKqX5eXX7eS5wiHDo4K6Ay3a6o7UmpbqMYaIcLAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUGc+jVOS5TMwN86vxygqmZ4uIKRgwHwYDVR0j
BBgwFoAU/GRgZqaJt3BUr5VlP6MkOVNX5qMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
OTc0NjVlMy03OGEwLTQ5NjUtYWUxNC1lNGNiNGQwZmMxODUvMC9GQzY0NjA2NkE2
ODlCNzcwNTRBRjk1NjUzRkEzMjQzOTUzNTdFNkEzLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRkM2NDYwNjZBNjg5Qjc3MDU0QUY5NTY1M0ZBMzI0Mzk1MzU3
RTZBMy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2M5NzQ2NWUzLTc4YTAtNDk2NS1h
ZTE0LWU0Y2I0ZDBmYzE4NS8wLzMxMzAzMzJlMzIzNTM0MmUzMTMyMzYyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzNTM1MzYzNTMzLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ/5+MA0GCSqG
SIb3DQEBCwUAA4IBAQAKOko10sJyZk0hp6g3BojNnYc/uGUhPzVjVaeRVxcIaXCF
G/Jxw/yNIv5S40K7ZJ/St4OeyBr30fNnSXEUTDVAyv/bz+/1v9fDmcx9FghtSJtB
voUodQtDoyS5CyzSFG/wsiIj51hUfu+9s0vv+7en3JK94dhu7XhT7vkJ8W6ZiYUt
VBNY/3+I2qvaM0h6pF1ypX+rf8w28vPDjjWpFPKN4gfXrkn/xPKuqeeTN4aZOIml
zgxkRt2GqO55BjRw2zHAn/zt9ji75jvmtlN8LrkP6m5M0+ZXEnD5qXJNbKK8FPWD
1TOdo6SBFFJW7xFH590uNQnZDaxOrsBtYNCzQFDR
-----END CERTIFICATE-----
Generated at Wed Apr 9 11:46:24 2025 by rpki-client