Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/f438c195-494a-46a2-b93c-8e15668f05b2/0/3130332e3231302e36382e302f32332d3234203d3e20313431313037.roa
File: 3130332e3231302e36382e302f32332d3234203d3e20313431313037.roa (raw, json)
Hash identifier: 1jGIsjnRWKAjYEK7TSFGcWeXONe75N1qbPc54plvXY4=
Subject key identifier: 45:82:AB:59:D7:65:F7:25:17:8B:FA:61:7D:DF:0F:20:ED:72:18:FC
Certificate issuer: /CN=358F4D417A1317CB220BBDC982D7F35D1540D51A
Certificate serial: 044683FA0FD60303EEB28C1057A3844CDED9DAC6
Authority key identifier: 35:8F:4D:41:7A:13:17:CB:22:0B:BD:C9:82:D7:F3:5D:15:40:D5:1A
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/358F4D417A1317CB220BBDC982D7F35D1540D51A.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/f438c195-494a-46a2-b93c-8e15668f05b2/0/3130332e3231302e36382e302f32332d3234203d3e20313431313037.roa
Signing time: Wed 13 Nov 2024 05:02:30 +0000
ROA not before: Wed 13 Nov 2024 04:57:30 +0000
ROA not after: Wed 12 Nov 2025 05:02:30 +0000
asID: 141107
IP address blocks: 103.210.68.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:46:83:fa:0f:d6:03:03:ee:b2:8c:10:57:a3:84:4c:de:d9:da:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=358F4D417A1317CB220BBDC982D7F35D1540D51A
Validity
Not Before: Nov 13 04:57:30 2024 GMT
Not After : Nov 12 05:02:30 2025 GMT
Subject: CN=4582AB59D765F725178BFA617DDF0F20ED7218FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e0:33:b2:ba:d5:e3:84:0a:84:a1:16:79:43:
17:43:23:d4:df:fd:d6:1c:8e:9a:ac:76:42:a9:20:
08:d1:4c:f9:07:aa:3d:e9:60:84:98:6a:28:b2:ea:
83:26:ef:6e:8b:0c:0d:28:df:8c:85:9a:bb:46:ea:
58:ac:cc:4b:6d:72:d4:44:10:35:2a:0f:92:22:d5:
27:89:09:c2:86:5f:20:93:34:b8:4e:30:13:3c:7e:
6e:49:8a:7d:d2:a5:eb:3e:df:ed:c6:7b:bf:c2:9e:
05:21:e3:ac:61:57:ba:dd:cd:54:33:bb:bd:87:83:
20:ad:12:73:fc:60:e3:ee:4c:57:1f:89:39:80:77:
83:9d:da:e8:a0:27:11:c6:b1:c1:18:ff:03:95:53:
de:23:2c:4b:fb:e9:b8:60:1e:38:67:69:ed:73:79:
39:a2:52:7d:4e:08:8d:14:30:30:24:bf:b3:c1:75:
b8:b1:67:02:2a:ee:b4:a5:43:d6:3a:03:5d:a9:3f:
98:f1:e7:28:1e:1e:3a:4a:17:b5:a5:48:71:0c:31:
2e:c8:2d:bc:a3:8d:d8:e0:12:72:60:89:b8:3d:d5:
f2:bc:2c:29:97:b4:d9:41:ef:01:a2:ab:57:c1:df:
47:74:42:5a:dc:5b:72:10:89:62:27:de:a3:39:19:
52:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:82:AB:59:D7:65:F7:25:17:8B:FA:61:7D:DF:0F:20:ED:72:18:FC
X509v3 Authority Key Identifier:
keyid:35:8F:4D:41:7A:13:17:CB:22:0B:BD:C9:82:D7:F3:5D:15:40:D5:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/f438c195-494a-46a2-b93c-8e15668f05b2/0/358F4D417A1317CB220BBDC982D7F35D1540D51A.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/358F4D417A1317CB220BBDC982D7F35D1540D51A.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f438c195-494a-46a2-b93c-8e15668f05b2/0/3130332e3231302e36382e302f32332d3234203d3e20313431313037.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.210.68.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:4a:2d:4b:22:2f:20:e7:a3:c7:bb:76:80:4e:c9:70:92:9d:
3f:d9:de:82:1a:d2:13:1b:e0:b8:a8:03:eb:af:91:e9:c2:5f:
58:6b:77:fb:5e:a8:c7:58:d3:9b:99:8e:95:13:a3:85:64:b3:
f0:ab:c0:92:61:38:6e:b3:dc:df:1b:a2:8f:98:ed:b7:85:9e:
bc:74:b6:06:29:7b:37:dd:59:b4:76:cc:75:5a:cf:80:c2:ca:
d8:f0:c1:26:6d:e5:27:c5:91:e1:d1:19:1f:ff:a1:ab:fb:f9:
13:a4:d6:aa:8d:1a:e5:f7:70:30:79:54:44:fb:b5:98:f6:db:
42:24:91:cb:50:bf:db:a3:35:11:5e:3a:a2:ce:d8:b1:46:fe:
7e:e3:4e:b2:54:09:b7:3a:3f:0a:48:7c:1b:a4:34:2e:a3:2f:
e5:37:fc:f6:fc:67:23:96:d8:bb:73:ff:42:29:75:d2:d3:13:
96:db:3f:98:83:26:ca:52:ca:9b:c7:4f:ae:d7:a3:2c:07:dd:
62:a2:e1:de:dd:00:c7:8d:4c:36:d0:53:09:a3:fb:02:37:2a:
c5:ae:0b:f4:a1:cb:88:9f:40:ae:1e:f2:aa:4f:53:89:e2:4b:
93:bc:e2:45:77:45:0b:61:e3:f6:74:1d:f3:75:b4:b8:c7:de:
c7:c3:2a:30
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUBEaD+g/WAwPusowQV6OETN7Z2sYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU4RjRENDE3QTEzMTdDQjIyMEJCREM5ODJEN0YzNUQx
NTQwRDUxQTAeFw0yNDExMTMwNDU3MzBaFw0yNTExMTIwNTAyMzBaMDMxMTAvBgNV
BAMTKDQ1ODJBQjU5RDc2NUY3MjUxNzhCRkE2MTdEREYwRjIwRUQ3MjE4RkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK4DOyutXjhAqEoRZ5QxdDI9Tf
/dYcjpqsdkKpIAjRTPkHqj3pYISYaiiy6oMm726LDA0o34yFmrtG6liszEttctRE
EDUqD5Ii1SeJCcKGXyCTNLhOMBM8fm5Jin3Spes+3+3Ge7/CngUh46xhV7rdzVQz
u72HgyCtEnP8YOPuTFcfiTmAd4Od2uigJxHGscEY/wOVU94jLEv76bhgHjhnae1z
eTmiUn1OCI0UMDAkv7PBdbixZwIq7rSlQ9Y6A12pP5jx5ygeHjpKF7WlSHEMMS7I
LbyjjdjgEnJgibg91fK8LCmXtNlB7wGiq1fB30d0QlrcW3IQiWIn3qM5GVKZAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQURYKrWddl9yUXi/phfd8PIO1yGPwwHwYDVR0j
BBgwFoAUNY9NQXoTF8siC73JgtfzXRVA1RowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m
NDM4YzE5NS00OTRhLTQ2YTItYjkzYy04ZTE1NjY4ZjA1YjIvMC8zNThGNEQ0MTdB
MTMxN0NCMjIwQkJEQzk4MkQ3RjM1RDE1NDBENTFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMzU4RjRENDE3QTEzMTdDQjIyMEJCREM5ODJEN0YzNUQxNTQw
RDUxQS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2Y0MzhjMTk1LTQ5NGEtNDZhMi1i
OTNjLThlMTU2NjhmMDViMi8wLzMxMzAzMzJlMzIzMTMwMmUzNjM4MmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzEzNDMxMzEzMDM3LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ9JEMA0GCSqG
SIb3DQEBCwUAA4IBAQBeSi1LIi8g56PHu3aATslwkp0/2d6CGtITG+C4qAPrr5Hp
wl9Ya3f7XqjHWNObmY6VE6OFZLPwq8CSYThus9zfG6KPmO23hZ68dLYGKXs33Vm0
dsx1Ws+AwsrY8MEmbeUnxZHh0Rkf/6Gr+/kTpNaqjRrl93AweVRE+7WY9ttCJJHL
UL/bozURXjqiztixRv5+406yVAm3Oj8KSHwbpDQuoy/lN/z2/Gcjlti7c/9CKXXS
0xOW2z+YgybKUsqbx0+u16MsB91iouHe3QDHjUw20FMJo/sCNyrFrgv0ocuIn0Cu
HvKqT1OJ4kuTvOJFd0ULYeP2dB3zdbS4x97Hwyow
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:55:16 2025 by rpki-client