Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/7229781a-8ac9-4452-b25f-54e7edf7d4a4/0/323430333a393063303a3a2f33322d3430203d3e20313430343037.roa
File: 323430333a393063303a3a2f33322d3430203d3e20313430343037.roa (raw, json)
Hash identifier: kc7B3wh0hvk2ybg4UMCIgW90oid7rWxcE2DbwuCC2HM=
Subject key identifier: B1:95:28:57:C0:04:D6:E1:70:F6:34:A0:B2:AD:11:C9:3C:90:F8:B0
Certificate issuer: /CN=491B0EA5440563BE9B0F167DA76C05E85A9D2F95
Certificate serial: 0CAC008288CB320FF7C45B2B027E63520C5DA294
Authority key identifier: 49:1B:0E:A5:44:05:63:BE:9B:0F:16:7D:A7:6C:05:E8:5A:9D:2F:95
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/491B0EA5440563BE9B0F167DA76C05E85A9D2F95.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/7229781a-8ac9-4452-b25f-54e7edf7d4a4/0/323430333a393063303a3a2f33322d3430203d3e20313430343037.roa
Signing time: Wed 22 Apr 2026 16:00:00 +0000
ROA not before: Wed 22 Apr 2026 15:55:00 +0000
ROA not after: Wed 21 Apr 2027 16:00:00 +0000
asID: 140407
IP address blocks: 2403:90c0::/32 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:ac:00:82:88:cb:32:0f:f7:c4:5b:2b:02:7e:63:52:0c:5d:a2:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=491B0EA5440563BE9B0F167DA76C05E85A9D2F95
Validity
Not Before: Apr 22 15:55:00 2026 GMT
Not After : Apr 21 16:00:00 2027 GMT
Subject: CN=B1952857C004D6E170F634A0B2AD11C93C90F8B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:df:3b:83:e5:d5:44:97:65:c9:20:5e:55:64:
96:01:69:e4:44:a3:fc:54:59:d6:db:ef:39:7c:9a:
ce:0a:7e:c7:c0:32:7b:63:9f:2f:0c:b4:df:d7:23:
a0:d5:c3:3d:38:47:fe:25:6b:1a:02:52:64:a1:43:
2a:31:d5:46:d0:64:56:29:78:31:0b:e3:7f:4a:28:
31:12:91:40:35:14:af:ff:d1:66:de:e3:93:ef:9b:
9b:9b:0d:65:e9:95:a6:3e:73:e9:66:ef:af:a1:57:
fa:88:95:92:c9:aa:c2:51:f7:e4:95:8b:a5:13:6e:
0d:4c:da:89:d7:dd:73:36:be:b1:22:8d:df:63:5a:
91:63:7d:59:4c:ac:9f:7d:fb:60:06:e3:93:2b:6a:
c6:0c:13:28:30:83:b5:ac:96:20:fb:a1:56:34:6a:
c2:0f:ec:05:23:1f:d4:67:4e:69:63:ff:d4:71:bd:
54:30:ba:31:44:1a:cf:98:c4:30:fe:6f:36:73:0e:
48:51:24:90:98:f0:b2:07:a2:eb:61:25:3d:4f:40:
43:3a:86:db:31:ec:5f:02:b6:c9:76:c3:5a:b7:a5:
5a:e3:86:7d:f8:89:53:d2:df:c5:03:50:a6:cc:98:
f9:8d:e3:07:a3:0c:e7:a5:4d:0e:d1:eb:8b:2c:25:
7f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:95:28:57:C0:04:D6:E1:70:F6:34:A0:B2:AD:11:C9:3C:90:F8:B0
X509v3 Authority Key Identifier:
keyid:49:1B:0E:A5:44:05:63:BE:9B:0F:16:7D:A7:6C:05:E8:5A:9D:2F:95
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/7229781a-8ac9-4452-b25f-54e7edf7d4a4/0/491B0EA5440563BE9B0F167DA76C05E85A9D2F95.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/491B0EA5440563BE9B0F167DA76C05E85A9D2F95.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7229781a-8ac9-4452-b25f-54e7edf7d4a4/0/323430333a393063303a3a2f33322d3430203d3e20313430343037.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2403:90c0::/32
Signature Algorithm: sha256WithRSAEncryption
32:44:4f:57:0c:8f:30:a7:c7:40:ea:77:1c:6e:b0:8d:dc:1c:
a0:b6:9e:96:da:38:81:95:9f:e3:2a:c1:39:6a:8a:43:57:13:
46:3a:d8:68:d7:98:b3:b0:80:68:01:14:ea:9f:a3:dc:8f:cc:
a4:48:b9:71:22:ff:83:cc:fa:22:c9:cf:f3:03:f9:51:2b:a5:
d8:0f:f9:97:f9:f4:a1:57:f8:78:94:6a:4d:95:c4:52:43:39:
6f:44:59:48:39:7e:07:f2:c2:58:32:c2:90:26:d6:03:b9:b4:
63:e2:08:3b:22:2c:c1:0c:28:93:e8:a1:c8:54:d9:85:5e:a3:
34:c8:a6:5d:b4:8b:1f:16:82:ce:76:31:72:5c:5e:e6:a8:c3:
81:f0:9c:42:fa:7e:04:c6:21:6e:36:ff:e4:4e:62:b1:2f:4a:
b3:57:83:81:6f:f3:c9:c7:09:c6:f3:75:90:d5:22:dc:59:ee:
63:6f:ab:56:79:52:b1:89:ff:f5:c9:5f:00:5f:1c:32:79:9c:
21:59:56:db:ea:b3:fb:e5:c4:98:a7:9d:04:45:1d:82:51:10:
6f:11:c6:92:1e:9b:2f:40:f3:be:3c:9a:c4:a6:22:bd:71:8c:
15:09:8b:05:92:84:e8:c1:2b:e3:e7:34:56:98:19:71:a7:ce:
d2:4f:a7:fc
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUDKwAgojLMg/3xFsrAn5jUgxdopQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDkxQjBFQTU0NDA1NjNCRTlCMEYxNjdEQTc2QzA1RTg1
QTlEMkY5NTAeFw0yNjA0MjIxNTU1MDBaFw0yNzA0MjExNjAwMDBaMDMxMTAvBgNV
BAMTKEIxOTUyODU3QzAwNEQ2RTE3MEY2MzRBMEIyQUQxMUM5M0M5MEY4QjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDw3zuD5dVEl2XJIF5VZJYBaeRE
o/xUWdbb7zl8ms4KfsfAMntjny8MtN/XI6DVwz04R/4laxoCUmShQyox1UbQZFYp
eDEL439KKDESkUA1FK//0Wbe45Pvm5ubDWXplaY+c+lm76+hV/qIlZLJqsJR9+SV
i6UTbg1M2onX3XM2vrEijd9jWpFjfVlMrJ99+2AG45MrasYMEygwg7WsliD7oVY0
asIP7AUjH9RnTmlj/9RxvVQwujFEGs+YxDD+bzZzDkhRJJCY8LIHouthJT1PQEM6
htsx7F8Ctsl2w1q3pVrjhn34iVPS38UDUKbMmPmN4wejDOelTQ7R64ssJX+JAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUsZUoV8AE1uFw9jSgsq0RyTyQ+LAwHwYDVR0j
BBgwFoAUSRsOpUQFY76bDxZ9p2wF6FqdL5UwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
MjI5NzgxYS04YWM5LTQ0NTItYjI1Zi01NGU3ZWRmN2Q0YTQvMC80OTFCMEVBNTQ0
MDU2M0JFOUIwRjE2N0RBNzZDMDVFODVBOUQyRjk1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDkxQjBFQTU0NDA1NjNCRTlCMEYxNjdEQTc2QzA1RTg1QTlE
MkY5NS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzcyMjk3ODFhLThhYzktNDQ1Mi1i
MjVmLTU0ZTdlZGY3ZDRhNC8wLzMyMzQzMDMzM2EzOTMwNjMzMDNhM2EyZjMzMzIy
ZDM0MzAyMDNkM2UyMDMxMzQzMDM0MzAzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQDkMAwDQYJKoZI
hvcNAQELBQADggEBADJET1cMjzCnx0DqdxxusI3cHKC2npbaOIGVn+MqwTlqikNX
E0Y62GjXmLOwgGgBFOqfo9yPzKRIuXEi/4PM+iLJz/MD+VErpdgP+Zf59KFX+HiU
ak2VxFJDOW9EWUg5fgfywlgywpAm1gO5tGPiCDsiLMEMKJPoochU2YVeozTIpl20
ix8Wgs52MXJcXuaow4HwnEL6fgTGIW42/+ROYrEvSrNXg4Fv88nHCcbzdZDVItxZ
7mNvq1Z5UrGJ//XJXwBfHDJ5nCFZVtvqs/vlxJinnQRFHYJREG8RxpIemy9A8748
msSmIr1xjBUJiwWShOjBK+PnNFaYGXGnztJPp/w=
-----END CERTIFICATE-----
Generated at Wed Jun 3 03:34:08 2026 by rpki-client