Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/fd2b4f77-74d0-4797-aee0-9ea907654730/0/3130332e3132332e38352e302f32342d3234203d3e20313530343939.roa
File: 3130332e3132332e38352e302f32342d3234203d3e20313530343939.roa (raw, json)
Hash identifier: eyJ4EDaG/HHNCoBUT9JYVkheds3R4k5CGBTlZLCH7uE=
Subject key identifier: D3:79:17:F3:BF:38:EB:60:60:89:BB:8A:1D:2B:6F:D5:0F:0E:6F:29
Certificate issuer: /CN=9CD5DECA8E146A0231AE872283EA0F93B5784114
Certificate serial: 0CAA018DB7EBF92C86873A0D511EF85A4627800C
Authority key identifier: 9C:D5:DE:CA:8E:14:6A:02:31:AE:87:22:83:EA:0F:93:B5:78:41:14
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9CD5DECA8E146A0231AE872283EA0F93B5784114.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/fd2b4f77-74d0-4797-aee0-9ea907654730/0/3130332e3132332e38352e302f32342d3234203d3e20313530343939.roa
Signing time: Mon 20 Jan 2025 08:00:01 +0000
ROA not before: Mon 20 Jan 2025 07:55:01 +0000
ROA not after: Mon 19 Jan 2026 08:00:01 +0000
asID: 150499
IP address blocks: 103.123.85.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:aa:01:8d:b7:eb:f9:2c:86:87:3a:0d:51:1e:f8:5a:46:27:80:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9CD5DECA8E146A0231AE872283EA0F93B5784114
Validity
Not Before: Jan 20 07:55:01 2025 GMT
Not After : Jan 19 08:00:01 2026 GMT
Subject: CN=D37917F3BF38EB606089BB8A1D2B6FD50F0E6F29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:67:1b:c4:92:0a:40:aa:25:8e:47:27:ca:0b:
6f:8a:58:a2:cc:48:2c:35:38:8f:47:6a:b9:6c:cd:
3f:dc:87:b2:85:95:09:9d:a6:19:2f:57:04:41:36:
61:c3:93:b0:b2:9f:13:44:d5:44:85:98:85:01:8e:
61:8b:2a:d2:9c:24:be:e1:e6:cd:4b:f9:38:11:f9:
b0:95:e2:a6:30:02:8a:9b:e2:65:f7:4b:d3:a9:e4:
8e:5f:de:60:0b:d4:1c:65:91:e7:21:48:ba:42:96:
82:e6:b4:45:9d:f3:c2:0b:21:3d:1c:67:5a:f3:e7:
d3:24:28:0a:b5:78:8d:0f:54:c6:4f:2a:e4:62:91:
41:77:48:63:76:56:86:62:1b:c6:7f:8f:af:f9:7e:
42:6a:16:df:2e:4a:41:62:2f:d9:72:d0:4b:07:b0:
9a:fd:6b:aa:5f:c2:12:be:ba:eb:56:18:56:57:e3:
1d:dc:d5:40:55:5f:a8:ca:19:ef:88:b7:59:d7:d5:
2e:5e:a3:96:c6:b5:66:94:0d:60:a7:a0:af:6d:fc:
6e:e1:c3:b9:3c:c1:30:fa:93:41:12:69:c6:76:36:
57:1e:ed:a3:4f:0a:24:d7:a5:e5:9e:9c:ec:ee:e1:
c6:bc:f1:ed:4f:21:5f:d5:a3:7c:09:67:1b:09:eb:
f5:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:79:17:F3:BF:38:EB:60:60:89:BB:8A:1D:2B:6F:D5:0F:0E:6F:29
X509v3 Authority Key Identifier:
keyid:9C:D5:DE:CA:8E:14:6A:02:31:AE:87:22:83:EA:0F:93:B5:78:41:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/fd2b4f77-74d0-4797-aee0-9ea907654730/0/9CD5DECA8E146A0231AE872283EA0F93B5784114.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9CD5DECA8E146A0231AE872283EA0F93B5784114.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/fd2b4f77-74d0-4797-aee0-9ea907654730/0/3130332e3132332e38352e302f32342d3234203d3e20313530343939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.123.85.0/24
Signature Algorithm: sha256WithRSAEncryption
20:65:26:10:bb:14:6e:94:18:bd:40:2c:85:31:55:76:af:04:
82:56:51:80:63:ae:4c:44:0f:47:ab:06:37:20:44:79:f5:f4:
bf:47:d7:05:d2:42:7e:df:60:ae:46:2c:a2:8b:c8:8a:7f:75:
16:67:e0:8a:ae:f4:5e:8a:85:c5:4b:ec:9c:7e:bc:20:38:52:
71:58:ee:72:32:6b:6e:a3:91:54:70:79:76:f8:6c:89:83:e1:
36:12:5e:92:ed:70:7e:46:71:6d:a4:98:27:4e:cf:84:79:70:
5e:3e:87:2e:7f:ee:ef:f4:b1:a6:1e:99:62:20:bd:63:a4:04:
e7:9a:ba:cb:3b:57:a7:de:f4:b1:fd:44:38:e1:66:0d:66:ad:
ce:11:4d:73:63:01:53:45:21:4f:d0:8f:19:3d:dd:67:dd:34:
21:f3:ee:99:a3:19:de:14:46:a8:a2:11:f3:45:6f:c5:79:c7:
00:29:1c:ed:2e:61:e7:a0:d5:d8:a5:c5:67:da:69:fe:3c:62:
3a:ad:1f:ad:90:71:1a:f0:1b:49:2c:47:e0:d6:ed:36:9f:fd:
ac:4f:22:53:c2:b4:80:b6:19:21:b0:4c:85:22:52:35:be:55:
02:5b:2b:6d:97:df:37:b8:c4:da:d4:13:28:fe:32:a3:60:73:
d6:e1:02:bd
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUDKoBjbfr+SyGhzoNUR74WkYngAwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUNENURFQ0E4RTE0NkEwMjMxQUU4NzIyODNFQTBGOTNC
NTc4NDExNDAeFw0yNTAxMjAwNzU1MDFaFw0yNjAxMTkwODAwMDFaMDMxMTAvBgNV
BAMTKEQzNzkxN0YzQkYzOEVCNjA2MDg5QkI4QTFEMkI2RkQ1MEYwRTZGMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/ZxvEkgpAqiWORyfKC2+KWKLM
SCw1OI9HarlszT/ch7KFlQmdphkvVwRBNmHDk7CynxNE1USFmIUBjmGLKtKcJL7h
5s1L+TgR+bCV4qYwAoqb4mX3S9Op5I5f3mAL1BxlkechSLpCloLmtEWd88ILIT0c
Z1rz59MkKAq1eI0PVMZPKuRikUF3SGN2VoZiG8Z/j6/5fkJqFt8uSkFiL9ly0EsH
sJr9a6pfwhK+uutWGFZX4x3c1UBVX6jKGe+It1nX1S5eo5bGtWaUDWCnoK9t/G7h
w7k8wTD6k0ESacZ2Nlce7aNPCiTXpeWenOzu4ca88e1PIV/Vo3wJZxsJ6/XxAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU03kX878462BgibuKHStv1Q8ObykwHwYDVR0j
BBgwFoAUnNXeyo4UagIxrocig+oPk7V4QRQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m
ZDJiNGY3Ny03NGQwLTQ3OTctYWVlMC05ZWE5MDc2NTQ3MzAvMC85Q0Q1REVDQThF
MTQ2QTAyMzFBRTg3MjI4M0VBMEY5M0I1Nzg0MTE0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOUNENURFQ0E4RTE0NkEwMjMxQUU4NzIyODNFQTBGOTNCNTc4
NDExNC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2ZkMmI0Zjc3LTc0ZDAtNDc5Ny1h
ZWUwLTllYTkwNzY1NDczMC8wLzMxMzAzMzJlMzEzMjMzMmUzODM1MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNTMwMzQzOTM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ3tVMA0GCSqG
SIb3DQEBCwUAA4IBAQAgZSYQuxRulBi9QCyFMVV2rwSCVlGAY65MRA9HqwY3IER5
9fS/R9cF0kJ+32CuRiyii8iKf3UWZ+CKrvReioXFS+ycfrwgOFJxWO5yMmtuo5FU
cHl2+GyJg+E2El6S7XB+RnFtpJgnTs+EeXBePocuf+7v9LGmHpliIL1jpATnmrrL
O1en3vSx/UQ44WYNZq3OEU1zYwFTRSFP0I8ZPd1n3TQh8+6ZoxneFEaoohHzRW/F
eccAKRztLmHnoNXYpcVn2mn+PGI6rR+tkHEa8BtJLEfg1u02n/2sTyJTwrSAthkh
sEyFIlI1vlUCWyttl983uMTa1BMo/jKjYHPW4QK9
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:39:30 2025 by rpki-client