Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/d835cb4a-2fb9-40d7-b155-dcce7cb00293/0/3130332e3130392e32372e302f32342d3234203d3e20313337333131.roa
File: 3130332e3130392e32372e302f32342d3234203d3e20313337333131.roa (raw, json)
Hash identifier: r6XX55Z5GiGICbCeAD8AU4m9N2hnvF3QzH54gdTf7xc=
Subject key identifier: 31:75:59:8A:6E:DD:80:58:66:33:81:5C:CC:EC:07:DB:60:AA:76:53
Certificate issuer: /CN=A42F07BEA859C831526717AB1D092E11E7890BDD
Certificate serial: 3BD0F6B1696D7330BDDC00B65054E3FFBC656AF6
Authority key identifier: A4:2F:07:BE:A8:59:C8:31:52:67:17:AB:1D:09:2E:11:E7:89:0B:DD
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A42F07BEA859C831526717AB1D092E11E7890BDD.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/d835cb4a-2fb9-40d7-b155-dcce7cb00293/0/3130332e3130392e32372e302f32342d3234203d3e20313337333131.roa
Signing time: Mon 27 Jan 2025 09:00:00 +0000
ROA not before: Mon 27 Jan 2025 08:55:00 +0000
ROA not after: Mon 26 Jan 2026 09:00:00 +0000
asID: 137311
IP address blocks: 103.109.27.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:d0:f6:b1:69:6d:73:30:bd:dc:00:b6:50:54:e3:ff:bc:65:6a:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A42F07BEA859C831526717AB1D092E11E7890BDD
Validity
Not Before: Jan 27 08:55:00 2025 GMT
Not After : Jan 26 09:00:00 2026 GMT
Subject: CN=3175598A6EDD80586633815CCCEC07DB60AA7653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1e:37:cd:ec:cc:a2:c8:04:d1:c8:f4:17:13:
b6:10:06:19:0b:fe:9d:f4:9d:3f:3f:c4:e7:6d:15:
4e:86:14:89:ee:67:1f:2a:33:6c:e2:e9:18:46:90:
d4:14:31:f7:e1:6e:e0:aa:44:95:4b:5f:29:44:86:
db:4f:d2:c4:b4:8a:d0:f0:db:58:8e:5a:ec:8f:5e:
c6:8e:22:43:a4:b3:05:62:27:e8:58:fe:15:68:1e:
37:64:64:2b:da:e3:51:f0:e3:16:54:5a:36:57:9e:
ae:5a:7a:7a:65:66:c1:e8:11:88:46:0b:af:67:74:
70:88:79:fa:6c:78:4e:30:94:66:8c:45:27:f3:4a:
e4:66:5c:b5:0a:70:50:8d:d8:13:83:64:90:7d:5b:
01:1e:29:75:51:83:db:61:91:e9:59:be:09:49:28:
90:24:43:e1:79:eb:d4:ee:5f:b7:d5:ea:20:c4:4c:
20:be:b8:73:22:9e:5d:82:73:c8:25:88:ae:de:c1:
45:27:75:5c:75:3c:96:83:dc:0c:6d:09:7d:ba:b3:
c4:16:75:fe:fd:5e:27:66:c0:12:4a:36:13:ef:23:
02:0d:a9:d1:94:b6:3e:24:ad:8f:d3:62:94:97:1f:
d8:12:c0:04:1a:a4:99:2c:d2:98:82:00:91:84:25:
fb:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:75:59:8A:6E:DD:80:58:66:33:81:5C:CC:EC:07:DB:60:AA:76:53
X509v3 Authority Key Identifier:
keyid:A4:2F:07:BE:A8:59:C8:31:52:67:17:AB:1D:09:2E:11:E7:89:0B:DD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/d835cb4a-2fb9-40d7-b155-dcce7cb00293/0/A42F07BEA859C831526717AB1D092E11E7890BDD.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A42F07BEA859C831526717AB1D092E11E7890BDD.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d835cb4a-2fb9-40d7-b155-dcce7cb00293/0/3130332e3130392e32372e302f32342d3234203d3e20313337333131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.109.27.0/24
Signature Algorithm: sha256WithRSAEncryption
48:dd:9f:aa:b6:3c:8c:37:f2:9d:ff:f9:4c:d0:4b:1d:90:46:
56:d1:9b:45:71:25:d6:3f:1f:dd:9c:d6:84:65:06:f6:47:4b:
ed:26:ae:25:3d:2b:9d:52:bd:aa:d3:fd:60:d2:ff:8b:a1:c2:
a9:d7:4b:7d:fe:4f:b6:40:9e:64:2a:0e:c7:de:4d:5c:72:3b:
91:92:c2:26:21:c8:fd:7a:e6:a3:98:92:5e:40:db:24:f3:9a:
34:fe:d8:85:17:28:4e:a0:ac:55:34:7a:76:fb:81:47:48:29:
38:94:d1:35:03:ca:bc:fd:0d:3c:5a:22:7b:ee:cb:9b:57:93:
b3:d0:fb:ac:e4:e9:00:57:ee:16:29:a7:da:94:12:00:5a:4f:
aa:d1:be:ca:e4:1b:19:07:27:c5:71:7d:24:3f:cb:27:6d:4b:
ca:1d:48:8e:3f:34:06:96:de:3d:ad:99:d4:2f:50:26:29:a7:
36:cc:86:79:ee:44:74:a3:59:e5:a6:b6:c4:40:2a:29:78:59:
14:28:ff:fb:35:6a:02:fb:63:bb:0f:e0:6c:d2:69:d0:60:43:
0a:ce:10:ec:fd:48:87:c0:70:7d:78:1c:0a:08:69:5a:81:95:
22:42:6b:5e:18:c4:07:ae:bf:a4:c1:fc:b9:5f:9d:f8:2f:52:
9b:ef:3f:9b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUO9D2sWltczC93AC2UFTj/7xlavYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTQyRjA3QkVBODU5QzgzMTUyNjcxN0FCMUQwOTJFMTFF
Nzg5MEJERDAeFw0yNTAxMjcwODU1MDBaFw0yNjAxMjYwOTAwMDBaMDMxMTAvBgNV
BAMTKDMxNzU1OThBNkVERDgwNTg2NjMzODE1Q0NDRUMwN0RCNjBBQTc2NTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnHjfN7MyiyATRyPQXE7YQBhkL
/p30nT8/xOdtFU6GFInuZx8qM2zi6RhGkNQUMffhbuCqRJVLXylEhttP0sS0itDw
21iOWuyPXsaOIkOkswViJ+hY/hVoHjdkZCva41Hw4xZUWjZXnq5aenplZsHoEYhG
C69ndHCIefpseE4wlGaMRSfzSuRmXLUKcFCN2BODZJB9WwEeKXVRg9thkelZvglJ
KJAkQ+F569TuX7fV6iDETCC+uHMinl2Cc8gliK7ewUUndVx1PJaD3AxtCX26s8QW
df79XidmwBJKNhPvIwINqdGUtj4krY/TYpSXH9gSwAQapJks0piCAJGEJfsVAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUMXVZim7dgFhmM4FczOwH22CqdlMwHwYDVR0j
BBgwFoAUpC8HvqhZyDFSZxerHQkuEeeJC90wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
ODM1Y2I0YS0yZmI5LTQwZDctYjE1NS1kY2NlN2NiMDAyOTMvMC9BNDJGMDdCRUE4
NTlDODMxNTI2NzE3QUIxRDA5MkUxMUU3ODkwQkRELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQTQyRjA3QkVBODU5QzgzMTUyNjcxN0FCMUQwOTJFMTFFNzg5
MEJERC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2Q4MzVjYjRhLTJmYjktNDBkNy1i
MTU1LWRjY2U3Y2IwMDI5My8wLzMxMzAzMzJlMzEzMDM5MmUzMjM3MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzM3MzMzMTMxLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ20bMA0GCSqG
SIb3DQEBCwUAA4IBAQBI3Z+qtjyMN/Kd//lM0EsdkEZW0ZtFcSXWPx/dnNaEZQb2
R0vtJq4lPSudUr2q0/1g0v+LocKp10t9/k+2QJ5kKg7H3k1ccjuRksImIcj9euaj
mJJeQNsk85o0/tiFFyhOoKxVNHp2+4FHSCk4lNE1A8q8/Q08WiJ77subV5Oz0Pus
5OkAV+4WKafalBIAWk+q0b7K5BsZByfFcX0kP8snbUvKHUiOPzQGlt49rZnUL1Am
Kac2zIZ57kR0o1nlprbEQCopeFkUKP/7NWoC+2O7D+Bs0mnQYEMKzhDs/UiHwHB9
eBwKCGlagZUiQmteGMQHrr+kwfy5X534L1Kb7z+b
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:02:02 2025 by rpki-client