Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/dacb7187-7a5f-4e23-be94-593a0c288cb9/0/3130332e31302e37302e302f32342d3234203d3e20313530323130.roa
File: 3130332e31302e37302e302f32342d3234203d3e20313530323130.roa (raw, json)
Hash identifier: 5JDd/HA007WXvt9HRMOrUb4bJ8L4vCr7oaVmKSZ2Ddg=
Subject key identifier: A8:C4:17:8A:EC:ED:44:C8:95:C2:AE:71:CA:43:99:27:D5:31:3F:61
Certificate issuer: /CN=8C6B9FE80EF1DA40B964D4429F78785ADDD29EFB
Certificate serial: 3AF6262547FC5E7A121E4B890C39A642633F3952
Authority key identifier: 8C:6B:9F:E8:0E:F1:DA:40:B9:64:D4:42:9F:78:78:5A:DD:D2:9E:FB
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8C6B9FE80EF1DA40B964D4429F78785ADDD29EFB.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/dacb7187-7a5f-4e23-be94-593a0c288cb9/0/3130332e31302e37302e302f32342d3234203d3e20313530323130.roa
Signing time: Tue 14 Jan 2025 12:00:01 +0000
ROA not before: Tue 14 Jan 2025 11:55:01 +0000
ROA not after: Tue 13 Jan 2026 12:00:01 +0000
asID: 150210
IP address blocks: 103.10.70.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:f6:26:25:47:fc:5e:7a:12:1e:4b:89:0c:39:a6:42:63:3f:39:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8C6B9FE80EF1DA40B964D4429F78785ADDD29EFB
Validity
Not Before: Jan 14 11:55:01 2025 GMT
Not After : Jan 13 12:00:01 2026 GMT
Subject: CN=A8C4178AECED44C895C2AE71CA439927D5313F61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:95:d2:9e:d9:99:1d:7d:13:43:ab:1e:88:95:
9c:73:bf:1e:ec:4f:a4:ab:10:63:bc:75:08:e9:bc:
a5:70:05:d4:be:fc:a0:6e:f3:e2:15:65:9e:0a:41:
89:1f:b3:fc:c7:a7:38:7c:f0:e0:d8:cb:52:a7:b7:
68:2f:29:89:8b:13:8d:42:b7:6c:58:a2:2a:fd:a6:
27:6f:a5:5e:c4:cb:c7:23:82:83:f9:ae:e8:17:60:
78:f5:6b:f0:68:51:18:f8:3d:a9:0e:ff:98:55:c6:
4c:f0:c7:2b:f6:c6:bf:6f:de:1d:34:b5:b1:d2:ef:
22:ad:66:36:a1:f9:61:51:35:3a:c3:cc:ba:bf:f7:
f4:bf:9e:43:cc:69:21:c7:9f:19:c4:23:2a:8d:d0:
28:a4:33:26:ee:c8:a7:59:f9:cf:26:b4:e9:54:ad:
ea:30:07:8f:7a:ef:39:64:a4:0c:84:dd:52:43:ad:
bf:e6:74:3c:dd:a4:2a:d2:8a:4c:00:04:8f:01:20:
ce:36:a3:bb:52:8a:49:67:89:4b:8c:a7:db:e0:29:
1f:0b:e2:bc:ea:f3:64:b5:40:09:51:bd:45:0a:c1:
df:45:c1:a0:a5:14:61:d0:a1:2b:7b:60:c9:82:03:
a0:1b:dc:6b:97:bd:5c:e7:cf:ec:cb:54:99:08:38:
b8:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C4:17:8A:EC:ED:44:C8:95:C2:AE:71:CA:43:99:27:D5:31:3F:61
X509v3 Authority Key Identifier:
keyid:8C:6B:9F:E8:0E:F1:DA:40:B9:64:D4:42:9F:78:78:5A:DD:D2:9E:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/dacb7187-7a5f-4e23-be94-593a0c288cb9/0/8C6B9FE80EF1DA40B964D4429F78785ADDD29EFB.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8C6B9FE80EF1DA40B964D4429F78785ADDD29EFB.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/dacb7187-7a5f-4e23-be94-593a0c288cb9/0/3130332e31302e37302e302f32342d3234203d3e20313530323130.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.10.70.0/24
Signature Algorithm: sha256WithRSAEncryption
60:29:52:2e:fb:4a:15:12:8f:d9:71:2a:96:b4:74:ac:4b:e5:
31:aa:94:2e:c9:3e:44:be:d4:79:e5:10:79:1c:10:65:79:cd:
94:36:dd:65:a9:95:ff:7b:f1:1d:17:c9:bc:12:dc:29:12:fb:
95:02:5a:cd:08:bc:a8:c4:f2:7f:42:38:8f:7d:77:f1:3b:e8:
15:8f:c1:39:94:f8:0b:54:4a:45:53:50:a6:0c:ba:c4:3b:ba:
c4:a5:3e:12:7d:6a:9c:84:e4:f5:4d:31:e8:d0:f8:f4:a9:a3:
fc:79:4e:ae:e4:a1:ae:cf:e9:6a:77:b5:03:99:d3:fa:da:e4:
3d:f0:f7:09:d5:8e:a2:43:e5:53:fa:15:91:a7:ed:e6:8a:a2:
50:f6:02:da:ea:9a:ab:ab:32:0f:88:43:88:27:b5:9b:08:76:
35:68:4a:63:40:52:f6:dd:77:2e:3b:d2:f3:94:4f:a8:a0:ad:
5d:41:ae:fe:62:9f:b2:5d:e2:55:2a:1c:e7:5e:be:00:4a:36:
9e:1d:78:be:d0:49:ea:ae:ca:7d:b1:a5:f2:65:93:1c:09:0f:
95:65:91:56:c3:a0:8e:cd:7a:21:b5:c0:f6:b1:6f:cb:c0:fe:
78:af:25:99:50:4f:95:9d:5e:ac:33:7f:04:1d:2c:20:fc:38:
df:cb:51:b3
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUOvYmJUf8XnoSHkuJDDmmQmM/OVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEM2QjlGRTgwRUYxREE0MEI5NjRENDQyOUY3ODc4NUFE
REQyOUVGQjAeFw0yNTAxMTQxMTU1MDFaFw0yNjAxMTMxMjAwMDFaMDMxMTAvBgNV
BAMTKEE4QzQxNzhBRUNFRDQ0Qzg5NUMyQUU3MUNBNDM5OTI3RDUzMTNGNjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcldKe2ZkdfRNDqx6IlZxzvx7s
T6SrEGO8dQjpvKVwBdS+/KBu8+IVZZ4KQYkfs/zHpzh88ODYy1Knt2gvKYmLE41C
t2xYoir9pidvpV7Ey8cjgoP5rugXYHj1a/BoURj4PakO/5hVxkzwxyv2xr9v3h00
tbHS7yKtZjah+WFRNTrDzLq/9/S/nkPMaSHHnxnEIyqN0CikMybuyKdZ+c8mtOlU
reowB4967zlkpAyE3VJDrb/mdDzdpCrSikwABI8BIM42o7tSiklniUuMp9vgKR8L
4rzq82S1QAlRvUUKwd9FwaClFGHQoSt7YMmCA6Ab3GuXvVznz+zLVJkIOLhDAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUqMQXiuztRMiVwq5xykOZJ9UxP2EwHwYDVR0j
BBgwFoAUjGuf6A7x2kC5ZNRCn3h4Wt3SnvswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
YWNiNzE4Ny03YTVmLTRlMjMtYmU5NC01OTNhMGMyODhjYjkvMC84QzZCOUZFODBF
RjFEQTQwQjk2NEQ0NDI5Rjc4Nzg1QURERDI5RUZCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOEM2QjlGRTgwRUYxREE0MEI5NjRENDQyOUY3ODc4NUFEREQy
OUVGQi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2RhY2I3MTg3LTdhNWYtNGUyMy1i
ZTk0LTU5M2EwYzI4OGNiOS8wLzMxMzAzMzJlMzEzMDJlMzczMDJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzUzMDMyMzEzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGcKRjANBgkqhkiG
9w0BAQsFAAOCAQEAYClSLvtKFRKP2XEqlrR0rEvlMaqULsk+RL7UeeUQeRwQZXnN
lDbdZamV/3vxHRfJvBLcKRL7lQJazQi8qMTyf0I4j3138TvoFY/BOZT4C1RKRVNQ
pgy6xDu6xKU+En1qnITk9U0x6ND49Kmj/HlOruShrs/pane1A5nT+trkPfD3CdWO
okPlU/oVkaft5oqiUPYC2uqaq6syD4hDiCe1mwh2NWhKY0BS9t13LjvS85RPqKCt
XUGu/mKfsl3iVSoc516+AEo2nh14vtBJ6q7KfbGl8mWTHAkPlWWRVsOgjs16IbXA
9rFvy8D+eK8lmVBPlZ1erDN/BB0sIPw438tRsw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:08:33 2025 by rpki-client