Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/29ab60b1-a244-4a78-b31b-feca3d14ed9f/0/3230322e39312e32392e302f32342d3234203d3e203234353238.roa
File: 3230322e39312e32392e302f32342d3234203d3e203234353238.roa (raw, json)
Hash identifier: +YDF0vguAy/o9dmYdumsZUDLxOFnmWqX0c3sKQszlSU=
Subject key identifier: F1:65:34:CE:61:96:4B:2B:AB:AA:4D:CC:2C:14:EE:07:8A:05:27:16
Certificate issuer: /CN=F1853A1C5C1ECAFE1076F94A61FA7796DD3C671A
Certificate serial: 1948F2471C9A5D75F5FDD91A946B867F10534A8A
Authority key identifier: F1:85:3A:1C:5C:1E:CA:FE:10:76:F9:4A:61:FA:77:96:DD:3C:67:1A
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F1853A1C5C1ECAFE1076F94A61FA7796DD3C671A.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/29ab60b1-a244-4a78-b31b-feca3d14ed9f/0/3230322e39312e32392e302f32342d3234203d3e203234353238.roa
Signing time: Sun 19 Apr 2026 04:00:00 +0000
ROA not before: Sun 19 Apr 2026 03:55:00 +0000
ROA not after: Sun 18 Apr 2027 04:00:00 +0000
asID: 24528
IP address blocks: 202.91.29.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:48:f2:47:1c:9a:5d:75:f5:fd:d9:1a:94:6b:86:7f:10:53:4a:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F1853A1C5C1ECAFE1076F94A61FA7796DD3C671A
Validity
Not Before: Apr 19 03:55:00 2026 GMT
Not After : Apr 18 04:00:00 2027 GMT
Subject: CN=F16534CE61964B2BABAA4DCC2C14EE078A052716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ef:bc:57:8f:2b:37:8d:bc:80:1c:0e:c2:40:
63:46:ed:bf:ee:28:4d:85:a7:ca:49:dd:82:d5:e9:
d0:17:53:eb:66:aa:1c:78:41:21:f8:72:49:c0:bf:
d0:10:b8:f8:0c:d5:4c:2b:51:15:33:e8:15:18:2b:
31:48:84:7c:f8:2a:55:f3:d2:b9:ec:40:11:e9:3d:
01:ba:d8:b0:0e:d0:71:29:eb:19:0f:f1:15:ea:c9:
55:61:9c:12:10:4f:c7:1f:da:09:f8:9d:43:51:0d:
cc:a6:6d:6d:fe:f5:30:27:7e:6f:5d:09:38:c1:8b:
fd:f9:54:6f:5e:e8:e6:22:41:a5:6d:e4:c3:43:cf:
af:59:58:29:41:a6:ca:81:82:59:ac:35:48:f0:87:
b4:bd:ea:2c:79:1c:d8:ba:4a:13:65:da:4b:1a:7f:
5d:26:ac:d0:76:61:e6:f9:78:6f:88:c0:f9:1b:1e:
ad:16:d0:4d:4c:9a:a2:13:93:1c:a9:60:8d:6b:14:
5e:cf:46:39:5d:26:84:52:be:47:e9:5a:83:81:01:
ff:c0:e7:d1:53:60:e8:c6:a2:f0:49:59:b6:d7:48:
b7:5c:bc:a7:33:21:b9:5d:a2:22:7a:dd:ad:cb:c3:
84:07:7f:cf:b8:77:d6:45:a8:ab:0a:1f:e6:15:06:
73:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:65:34:CE:61:96:4B:2B:AB:AA:4D:CC:2C:14:EE:07:8A:05:27:16
X509v3 Authority Key Identifier:
keyid:F1:85:3A:1C:5C:1E:CA:FE:10:76:F9:4A:61:FA:77:96:DD:3C:67:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/29ab60b1-a244-4a78-b31b-feca3d14ed9f/0/F1853A1C5C1ECAFE1076F94A61FA7796DD3C671A.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F1853A1C5C1ECAFE1076F94A61FA7796DD3C671A.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/29ab60b1-a244-4a78-b31b-feca3d14ed9f/0/3230322e39312e32392e302f32342d3234203d3e203234353238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.91.29.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:9d:03:91:a1:22:ba:e3:a5:24:d0:68:32:63:90:e7:f2:d1:
72:d2:51:23:5c:e2:46:2f:29:3d:25:a9:51:6d:f0:bd:7d:6f:
63:4d:86:0d:43:1c:7c:b9:12:ff:d3:84:b8:91:a4:b2:6e:fb:
5c:cc:20:ae:b4:ac:52:e9:f7:a8:d7:1e:bc:d2:a3:35:87:b3:
08:eb:d9:8e:2f:6f:c5:36:84:d5:f6:1c:a8:fe:b1:f3:36:11:
c6:5a:15:b4:d1:64:bd:47:f1:93:91:b1:79:17:fb:eb:e3:54:
ce:51:86:bd:d0:ff:9e:6f:72:49:f3:62:2e:ab:81:11:4e:9f:
2a:e4:40:df:b1:79:f9:3a:6e:a9:dc:2f:6f:f8:3e:f0:b3:ea:
02:e9:76:0c:f8:5c:9f:55:05:0a:2b:f9:85:50:4a:49:ee:cd:
15:31:92:2b:82:09:13:9c:5a:1d:29:8a:04:1f:c5:39:bc:97:
29:23:c0:fc:26:e5:11:70:2f:5d:85:2a:de:36:20:f3:7e:9c:
7e:fc:1e:6c:5f:60:a6:ae:94:c4:f3:5a:97:03:84:fe:af:35:
fa:09:9f:05:bd:95:d4:de:ae:ff:56:dc:92:b2:f5:e1:9a:f5:
8d:0e:be:fb:67:d4:c5:3b:3d:68:97:7f:b6:a5:a8:cd:9e:cf:
6a:e1:84:93
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUGUjyRxyaXXX1/dkalGuGfxBTSoowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjE4NTNBMUM1QzFFQ0FGRTEwNzZGOTRBNjFGQTc3OTZE
RDNDNjcxQTAeFw0yNjA0MTkwMzU1MDBaFw0yNzA0MTgwNDAwMDBaMDMxMTAvBgNV
BAMTKEYxNjUzNENFNjE5NjRCMkJBQkFBNERDQzJDMTRFRTA3OEEwNTI3MTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC177xXjys3jbyAHA7CQGNG7b/u
KE2Fp8pJ3YLV6dAXU+tmqhx4QSH4cknAv9AQuPgM1UwrURUz6BUYKzFIhHz4KlXz
0rnsQBHpPQG62LAO0HEp6xkP8RXqyVVhnBIQT8cf2gn4nUNRDcymbW3+9TAnfm9d
CTjBi/35VG9e6OYiQaVt5MNDz69ZWClBpsqBglmsNUjwh7S96ix5HNi6ShNl2ksa
f10mrNB2Yeb5eG+IwPkbHq0W0E1MmqITkxypYI1rFF7PRjldJoRSvkfpWoOBAf/A
59FTYOjGovBJWbbXSLdcvKczIbldoiJ63a3Lw4QHf8+4d9ZFqKsKH+YVBnPLAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQU8WU0zmGWSyurqk3MLBTuB4oFJxYwHwYDVR0j
BBgwFoAU8YU6HFweyv4QdvlKYfp3lt08ZxowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
OWFiNjBiMS1hMjQ0LTRhNzgtYjMxYi1mZWNhM2QxNGVkOWYvMC9GMTg1M0ExQzVD
MUVDQUZFMTA3NkY5NEE2MUZBNzc5NkREM0M2NzFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRjE4NTNBMUM1QzFFQ0FGRTEwNzZGOTRBNjFGQTc3OTZERDND
NjcxQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzI5YWI2MGIxLWEyNDQtNGE3OC1i
MzFiLWZlY2EzZDE0ZWQ5Zi8wLzMyMzAzMjJlMzkzMTJlMzIzOTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMyMzQzNTMyMzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKWx0wDQYJKoZIhvcN
AQELBQADggEBABydA5GhIrrjpSTQaDJjkOfy0XLSUSNc4kYvKT0lqVFt8L19b2NN
hg1DHHy5Ev/ThLiRpLJu+1zMIK60rFLp96jXHrzSozWHswjr2Y4vb8U2hNX2HKj+
sfM2EcZaFbTRZL1H8ZORsXkX++vjVM5Rhr3Q/55vcknzYi6rgRFOnyrkQN+xefk6
bqncL2/4PvCz6gLpdgz4XJ9VBQor+YVQSknuzRUxkiuCCROcWh0pigQfxTm8lykj
wPwm5RFwL12FKt42IPN+nH78HmxfYKaulMTzWpcDhP6vNfoJnwW9ldTerv9W3JKy
9eGa9Y0Ovvtn1MU7PWiXf7alqM2ez2rhhJM=
-----END CERTIFICATE-----
Generated at Wed Jun 3 03:16:03 2026 by rpki-client