Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/3232302e3234372e3136382e302f32312d3234203d3e2039333431.roa
File: 3232302e3234372e3136382e302f32312d3234203d3e2039333431.roa (raw, json)
Hash identifier: H2zr1p0lZFCmpSXA93040+aOymtZYDVYief3ym4Hza0=
Subject key identifier: 6A:28:BA:A6:10:F3:0F:14:1C:94:64:3A:BC:B8:7E:CF:33:D6:F3:FF
Certificate issuer: /CN=61566F205F7037962069571320603B274357CC6D
Certificate serial: 5DA85C3F14CA274AEE635CE1EB68B061ADEE2D0A
Authority key identifier: 61:56:6F:20:5F:70:37:96:20:69:57:13:20:60:3B:27:43:57:CC:6D
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/61566F205F7037962069571320603B274357CC6D.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/3232302e3234372e3136382e302f32312d3234203d3e2039333431.roa
Signing time: Tue 25 Mar 2025 04:00:01 +0000
ROA not before: Tue 25 Mar 2025 03:55:01 +0000
ROA not after: Tue 24 Mar 2026 04:00:01 +0000
asID: 9341
IP address blocks: 220.247.168.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:a8:5c:3f:14:ca:27:4a:ee:63:5c:e1:eb:68:b0:61:ad:ee:2d:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61566F205F7037962069571320603B274357CC6D
Validity
Not Before: Mar 25 03:55:01 2025 GMT
Not After : Mar 24 04:00:01 2026 GMT
Subject: CN=6A28BAA610F30F141C94643ABCB87ECF33D6F3FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:cc:c4:6e:ac:e2:12:b0:42:fe:19:7e:bf:62:
eb:6f:9f:49:6f:d4:d9:13:04:d6:97:4a:46:7a:dd:
8f:40:cb:d0:0e:1c:d5:01:e3:70:22:3e:72:23:20:
d8:f1:47:e2:90:b0:cc:52:0c:05:7a:fa:a4:3f:22:
db:a5:13:a9:76:65:52:e3:fb:12:bd:88:7e:cb:03:
fc:8b:a6:71:fb:07:99:4e:04:0d:76:85:aa:02:d2:
dd:63:6d:a5:43:b9:f4:75:ec:5d:c1:01:c0:41:64:
be:6d:e0:c3:40:e3:be:d4:80:4e:2e:9a:d2:b0:13:
24:c5:6d:3f:96:fe:47:5d:51:e9:48:af:0b:60:e3:
ae:b3:08:0b:1f:19:0d:b6:df:ef:e8:88:36:16:5c:
3b:05:c0:14:7a:6c:8a:5b:9f:88:c5:d3:93:d9:bf:
b1:01:7e:11:08:86:93:e5:f6:2e:7a:66:ab:19:a2:
67:8d:94:e4:10:fc:e0:7d:c1:15:be:32:13:c1:bd:
15:82:c3:ec:5d:5b:b9:2c:ed:b1:f5:f2:1d:a1:b1:
34:a1:e0:16:b7:89:5b:cf:7d:cf:ea:29:ae:0a:f6:
2e:92:60:66:16:57:9a:cf:f5:cd:55:9b:c2:bf:a7:
b7:05:7b:b7:67:52:12:3c:32:77:92:83:28:67:d2:
89:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:28:BA:A6:10:F3:0F:14:1C:94:64:3A:BC:B8:7E:CF:33:D6:F3:FF
X509v3 Authority Key Identifier:
keyid:61:56:6F:20:5F:70:37:96:20:69:57:13:20:60:3B:27:43:57:CC:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/61566F205F7037962069571320603B274357CC6D.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/61566F205F7037962069571320603B274357CC6D.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/3232302e3234372e3136382e302f32312d3234203d3e2039333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
220.247.168.0/21
Signature Algorithm: sha256WithRSAEncryption
78:69:28:a1:25:99:a6:42:6f:95:67:13:8a:0e:22:29:f5:f6:
24:17:3d:85:cc:b8:0d:1f:df:7d:4a:de:3c:c4:c9:0b:46:86:
33:46:8f:97:c0:40:00:5d:02:14:b1:ae:2e:ec:6e:db:5e:4c:
90:23:c3:b3:03:8c:96:f0:3a:f8:72:b2:4e:5c:1f:ec:ef:13:
83:24:de:03:d1:24:5b:b8:60:d0:68:f9:1c:44:59:1e:00:84:
f9:36:0d:ae:f2:42:f4:27:f5:0d:21:3a:08:21:ed:6f:35:25:
33:27:5c:62:ac:1b:fc:32:b5:97:50:f8:1e:19:ee:9f:3a:64:
9a:d0:c8:42:09:60:a6:49:b5:c2:48:0a:52:16:e4:ba:cd:79:
cb:2f:1b:29:07:3e:d3:c0:f0:3d:03:5d:6d:18:da:3f:a0:68:
77:7c:50:97:55:92:4d:55:51:37:02:61:ab:23:bf:c0:fc:5a:
3a:3d:ea:0a:52:a2:47:45:4f:5f:50:4f:19:b1:83:11:26:01:
b8:70:24:f4:1f:b7:71:c7:b9:45:5c:48:0e:ca:51:60:10:2a:
e7:f6:0a:8e:9d:a5:39:41:5b:4b:41:c3:ea:e9:32:24:d5:33:
6b:97:10:da:19:17:6e:bb:2a:fd:58:9c:8e:52:f0:cf:d3:b1:
2c:cd:d0:38
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUXahcPxTKJ0ruY1zh62iwYa3uLQowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjE1NjZGMjA1RjcwMzc5NjIwNjk1NzEzMjA2MDNCMjc0
MzU3Q0M2RDAeFw0yNTAzMjUwMzU1MDFaFw0yNjAzMjQwNDAwMDFaMDMxMTAvBgNV
BAMTKDZBMjhCQUE2MTBGMzBGMTQxQzk0NjQzQUJDQjg3RUNGMzNENkYzRkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXzMRurOISsEL+GX6/Yutvn0lv
1NkTBNaXSkZ63Y9Ay9AOHNUB43AiPnIjINjxR+KQsMxSDAV6+qQ/ItulE6l2ZVLj
+xK9iH7LA/yLpnH7B5lOBA12haoC0t1jbaVDufR17F3BAcBBZL5t4MNA477UgE4u
mtKwEyTFbT+W/kddUelIrwtg466zCAsfGQ223+/oiDYWXDsFwBR6bIpbn4jF05PZ
v7EBfhEIhpPl9i56ZqsZomeNlOQQ/OB9wRW+MhPBvRWCw+xdW7ks7bH18h2hsTSh
4Ba3iVvPfc/qKa4K9i6SYGYWV5rP9c1Vm8K/p7cFe7dnUhI8MneSgyhn0omtAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUaii6phDzDxQclGQ6vLh+zzPW8/8wHwYDVR0j
BBgwFoAUYVZvIF9wN5YgaVcTIGA7J0NXzG0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
M2JkY2JhZS0yZTlkLTRmM2YtOGFiOS0zNDI0ZTQ0ODQ4NGUvMC82MTU2NkYyMDVG
NzAzNzk2MjA2OTU3MTMyMDYwM0IyNzQzNTdDQzZELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjE1NjZGMjA1RjcwMzc5NjIwNjk1NzEzMjA2MDNCMjc0MzU3
Q0M2RC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzczYmRjYmFlLTJlOWQtNGYzZi04
YWI5LTM0MjRlNDQ4NDg0ZS8wLzMyMzIzMDJlMzIzNDM3MmUzMTM2MzgyZTMwMmYz
MjMxMmQzMjM0MjAzZDNlMjAzOTMzMzQzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9z3qDANBgkqhkiG
9w0BAQsFAAOCAQEAeGkooSWZpkJvlWcTig4iKfX2JBc9hcy4DR/ffUrePMTJC0aG
M0aPl8BAAF0CFLGuLuxu215MkCPDswOMlvA6+HKyTlwf7O8TgyTeA9EkW7hg0Gj5
HERZHgCE+TYNrvJC9Cf1DSE6CCHtbzUlMydcYqwb/DK1l1D4HhnunzpkmtDIQglg
pkm1wkgKUhbkus15yy8bKQc+08DwPQNdbRjaP6Bod3xQl1WSTVVRNwJhqyO/wPxa
Oj3qClKiR0VPX1BPGbGDESYBuHAk9B+3cce5RVxIDspRYBAq5/YKjp2lOUFbS0HD
6ukyJNUza5cQ2hkXbrsq/VicjlLwz9OxLM3QOA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:42:38 2025 by rpki-client