Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/3130332e32382e3231382e302f32342d3234203d3e203538333835.roa
File: 3130332e32382e3231382e302f32342d3234203d3e203538333835.roa (raw, json)
Hash identifier: cMJACG+wJYTKnGt0rpeqO/b7Kbn+Qvg12TrUivh9cCk=
Subject key identifier: FB:5B:C0:08:75:AD:10:0E:87:37:19:DA:72:2D:17:6A:0B:4A:C3:97
Certificate issuer: /CN=B891A45840F824B9F116CBEAA3574A68343F5538
Certificate serial: 20A14ECA91FEFFE8860C18A47A8E18C0D31FBE2F
Authority key identifier: B8:91:A4:58:40:F8:24:B9:F1:16:CB:EA:A3:57:4A:68:34:3F:55:38
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B891A45840F824B9F116CBEAA3574A68343F5538.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/3130332e32382e3231382e302f32342d3234203d3e203538333835.roa
Signing time: Mon 23 Dec 2024 17:01:43 +0000
ROA not before: Mon 23 Dec 2024 16:56:43 +0000
ROA not after: Mon 22 Dec 2025 17:01:43 +0000
asID: 58385
IP address blocks: 103.28.218.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:a1:4e:ca:91:fe:ff:e8:86:0c:18:a4:7a:8e:18:c0:d3:1f:be:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B891A45840F824B9F116CBEAA3574A68343F5538
Validity
Not Before: Dec 23 16:56:43 2024 GMT
Not After : Dec 22 17:01:43 2025 GMT
Subject: CN=FB5BC00875AD100E873719DA722D176A0B4AC397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1c:2b:4b:b2:cd:9c:da:57:86:3d:f6:85:ca:
0a:48:25:42:a2:66:32:e6:5c:0f:38:b0:ab:bc:ad:
86:48:66:bb:f6:73:f4:08:8b:ea:11:e0:0a:a6:c6:
e2:06:81:02:9e:d6:de:9f:eb:4f:15:33:bf:8b:8c:
7c:79:25:e8:c1:3b:12:1d:9d:6a:d2:d7:e9:0c:45:
9d:73:49:4c:af:0c:b4:21:b7:10:87:cd:13:a7:a6:
7e:40:ed:fc:15:1d:5b:23:ab:1c:98:3c:5f:fe:ca:
09:de:a8:8d:ac:bd:63:a2:07:14:ee:51:6f:e2:30:
a0:cc:0f:1e:ca:b7:32:f9:2a:6d:ba:18:50:3f:bc:
c8:94:8f:c5:a8:4a:01:60:1c:9f:fe:fc:fb:4d:83:
cd:ab:01:e4:70:17:16:d8:50:30:03:5d:e4:12:40:
00:aa:b9:24:2c:3e:c6:74:95:0b:83:52:08:fa:84:
b1:40:be:e2:6f:9f:9c:0c:70:41:4e:5b:4c:df:e1:
21:6b:7c:d6:23:06:47:80:82:9b:86:b8:0d:20:cf:
42:96:0a:26:d5:66:e9:83:66:00:a6:5d:ea:4c:c4:
4d:a4:cb:8d:ee:07:e2:f6:4d:a3:b9:27:6b:03:0a:
77:ed:80:7d:e9:2f:4d:69:64:bc:93:73:ac:4e:3f:
3e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:5B:C0:08:75:AD:10:0E:87:37:19:DA:72:2D:17:6A:0B:4A:C3:97
X509v3 Authority Key Identifier:
keyid:B8:91:A4:58:40:F8:24:B9:F1:16:CB:EA:A3:57:4A:68:34:3F:55:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B891A45840F824B9F116CBEAA3574A68343F5538.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/3130332e32382e3231382e302f32342d3234203d3e203538333835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.28.218.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:d6:0c:44:2b:ad:ce:63:32:d7:96:8f:97:e9:f3:8b:21:65:
55:0d:02:6c:6f:4f:9a:e8:e4:0d:74:b4:11:e4:9b:0e:10:c7:
41:49:b8:b2:c5:f5:71:e3:33:99:25:22:c7:26:0b:06:f9:36:
2a:bc:72:31:43:1f:6d:73:65:0c:35:db:09:d5:dd:41:06:0d:
5f:b2:16:1c:67:dd:05:04:cc:17:12:5c:c7:8f:56:b6:0f:2c:
39:20:23:63:e4:9a:ad:0d:7e:8d:59:6f:90:f5:f8:d5:da:66:
d7:c9:5e:45:df:61:26:f5:2c:2b:d3:3f:00:05:2b:fb:08:13:
ea:e8:8d:fc:ab:22:02:d6:8e:ee:b3:ad:7c:11:6d:39:f0:56:
4d:be:c4:6c:91:f1:98:3a:d5:ae:b1:35:a3:c2:7f:4d:5c:c9:
54:ae:e5:d7:78:60:a2:37:0d:f7:8c:c7:1d:36:69:9c:5d:19:
90:62:87:df:18:d6:21:d4:9d:9e:ba:dd:01:46:57:7c:1e:dd:
4f:fe:40:cf:1e:a4:4d:ad:c3:fe:3c:71:bd:3c:fd:24:ff:5e:
58:36:4d:9f:5c:59:da:ae:a5:03:95:84:b2:d4:09:b7:aa:dd:
8d:b2:60:0e:28:94:f9:32:95:ea:63:aa:81:59:92:57:80:09:
b6:2e:ab:ac
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUIKFOypH+/+iGDBikeo4YwNMfvi8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjg5MUE0NTg0MEY4MjRCOUYxMTZDQkVBQTM1NzRBNjgz
NDNGNTUzODAeFw0yNDEyMjMxNjU2NDNaFw0yNTEyMjIxNzAxNDNaMDMxMTAvBgNV
BAMTKEZCNUJDMDA4NzVBRDEwMEU4NzM3MTlEQTcyMkQxNzZBMEI0QUMzOTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2HCtLss2c2leGPfaFygpIJUKi
ZjLmXA84sKu8rYZIZrv2c/QIi+oR4AqmxuIGgQKe1t6f608VM7+LjHx5JejBOxId
nWrS1+kMRZ1zSUyvDLQhtxCHzROnpn5A7fwVHVsjqxyYPF/+ygneqI2svWOiBxTu
UW/iMKDMDx7KtzL5Km26GFA/vMiUj8WoSgFgHJ/+/PtNg82rAeRwFxbYUDADXeQS
QACquSQsPsZ0lQuDUgj6hLFAvuJvn5wMcEFOW0zf4SFrfNYjBkeAgpuGuA0gz0KW
CibVZumDZgCmXepMxE2ky43uB+L2TaO5J2sDCnftgH3pL01pZLyTc6xOPz6DAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU+1vACHWtEA6HNxnaci0XagtKw5cwHwYDVR0j
BBgwFoAUuJGkWED4JLnxFsvqo1dKaDQ/VTgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
MzkyNTM4OC0zNWM2LTQxZDctOWRjNC1kYjRkMTE4ZDEzNWEvMC9CODkxQTQ1ODQw
RjgyNEI5RjExNkNCRUFBMzU3NEE2ODM0M0Y1NTM4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjg5MUE0NTg0MEY4MjRCOUYxMTZDQkVBQTM1NzRBNjgzNDNG
NTUzOC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2QzOTI1Mzg4LTM1YzYtNDFkNy05
ZGM0LWRiNGQxMThkMTM1YS8wLzMxMzAzMzJlMzIzODJlMzIzMTM4MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzUzODMzMzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGcc2jANBgkqhkiG
9w0BAQsFAAOCAQEAqdYMRCutzmMy15aPl+nziyFlVQ0CbG9PmujkDXS0EeSbDhDH
QUm4ssX1ceMzmSUixyYLBvk2KrxyMUMfbXNlDDXbCdXdQQYNX7IWHGfdBQTMFxJc
x49Wtg8sOSAjY+SarQ1+jVlvkPX41dpm18leRd9hJvUsK9M/AAUr+wgT6uiN/Ksi
AtaO7rOtfBFtOfBWTb7EbJHxmDrVrrE1o8J/TVzJVK7l13hgojcN94zHHTZpnF0Z
kGKH3xjWIdSdnrrdAUZXfB7dT/5Azx6kTa3D/jxxvTz9JP9eWDZNn1xZ2q6lA5WE
stQJt6rdjbJgDiiU+TKV6mOqgVmSV4AJti6rrA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:25:36 2025 by rpki-client