Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e34372e36362e302f32342d3234203d3e203137363731.roa
File: 3230322e34372e36362e302f32342d3234203d3e203137363731.roa (raw, json)
Hash identifier: UO+EqW2eYDBB7rTISW4HrfK4WiaxGICEHGb5QrJXkZM=
Subject key identifier: 70:8C:A8:00:0A:DC:EC:DF:BD:7D:25:22:23:5E:9C:CE:E4:98:CF:19
Certificate issuer: /CN=D0C90407CCD53717DFEA21D51A8921F20564AB25
Certificate serial: 799181FAF9C1213BA6E53F5B508BA775F1DDC943
Authority key identifier: D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e34372e36362e302f32342d3234203d3e203137363731.roa
Signing time: Sat 18 Apr 2026 12:02:47 +0000
ROA not before: Sat 18 Apr 2026 11:57:47 +0000
ROA not after: Sat 17 Apr 2027 12:02:47 +0000
asID: 17671
IP address blocks: 202.47.66.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:91:81:fa:f9:c1:21:3b:a6:e5:3f:5b:50:8b:a7:75:f1:dd:c9:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D0C90407CCD53717DFEA21D51A8921F20564AB25
Validity
Not Before: Apr 18 11:57:47 2026 GMT
Not After : Apr 17 12:02:47 2027 GMT
Subject: CN=708CA8000ADCECDFBD7D2522235E9CCEE498CF19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:88:15:cc:8a:1a:c7:9a:cc:d0:57:d1:a6:ed:
29:c8:a0:6c:46:eb:5a:e7:e6:e1:0d:81:ca:00:c8:
de:a3:fd:d2:f6:f4:6e:ba:79:73:58:14:17:8c:0d:
a7:73:61:ba:fb:16:24:d0:fa:9e:e4:3d:3a:28:6d:
dc:12:31:30:1e:e8:c8:56:62:34:b9:e9:06:bc:63:
d8:33:76:3c:98:68:15:94:e3:ca:fb:72:a4:c2:b2:
80:07:06:30:10:10:3f:2f:40:69:ce:09:41:9b:08:
fa:b5:db:d2:00:db:4c:8d:52:b0:18:e5:c8:dc:00:
4f:ba:1e:09:90:34:bf:db:b2:73:cd:b4:3e:ba:b1:
2f:25:e9:33:cb:19:4f:94:6e:50:33:83:d7:e8:d6:
28:eb:9d:d6:e2:a3:a5:4e:59:d9:db:ba:ba:26:59:
99:b7:9b:34:6c:c2:d9:77:cd:95:41:54:66:10:7c:
40:0b:15:08:12:b0:a0:95:42:18:e4:0b:56:f7:f8:
f5:f8:28:eb:e0:a4:75:cf:c0:b1:48:31:fc:2e:c7:
6c:1c:86:1a:6a:ad:97:ce:4b:60:16:a6:fe:d4:23:
18:e5:7a:b7:2b:90:fb:24:96:32:b2:c0:62:d3:f7:
b0:82:93:2e:56:b3:4d:18:35:3d:58:94:d6:5f:79:
39:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:8C:A8:00:0A:DC:EC:DF:BD:7D:25:22:23:5E:9C:CE:E4:98:CF:19
X509v3 Authority Key Identifier:
keyid:D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/D0C90407CCD53717DFEA21D51A8921F20564AB25.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e34372e36362e302f32342d3234203d3e203137363731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.47.66.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:fe:6f:ec:9d:86:f8:0e:8e:f0:f9:08:b7:5d:2b:40:a3:31:
bf:4c:3d:eb:d3:a9:0e:e3:eb:fe:b0:a5:e2:76:ca:e2:85:65:
73:d2:04:ea:d5:3a:01:9f:6b:10:e6:83:42:92:8d:f4:43:8b:
f4:d5:7f:a5:db:f6:ec:2f:7b:56:23:3c:0f:36:4a:ff:01:f6:
80:51:96:79:9d:b1:54:f0:99:f4:7d:3e:e8:bb:f9:92:5a:8b:
81:bb:36:5b:9c:14:12:61:94:7f:97:08:42:ae:b1:46:38:ae:
03:6f:5f:87:00:12:99:74:8f:35:75:ff:1b:79:7a:ba:b6:50:
30:77:7e:b7:de:06:02:ba:23:82:c9:22:56:4e:2c:48:9c:37:
8d:f0:e3:49:ea:2f:d4:35:81:de:96:86:5f:ed:c3:18:c5:02:
07:b8:50:d1:3e:96:97:bf:e3:2b:9a:30:00:1a:1b:0b:16:c1:
f5:1c:76:fd:2b:e6:79:f4:0f:95:15:2c:02:6c:8b:5a:9f:30:
69:e1:1e:d4:78:ae:a7:d5:2e:3d:c1:3a:7f:55:18:2d:fe:3a:
3d:ad:ab:f3:b8:9e:c1:43:95:18:99:cb:ff:0c:41:ef:93:b5:
50:6a:3f:a0:65:9a:27:a1:50:a6:a2:12:52:3f:b9:5e:48:b0:
c9:af:a9:80
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUeZGB+vnBITum5T9bUIundfHdyUMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDBDOTA0MDdDQ0Q1MzcxN0RGRUEyMUQ1MUE4OTIxRjIw
NTY0QUIyNTAeFw0yNjA0MTgxMTU3NDdaFw0yNzA0MTcxMjAyNDdaMDMxMTAvBgNV
BAMTKDcwOENBODAwMEFEQ0VDREZCRDdEMjUyMjIzNUU5Q0NFRTQ5OENGMTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4iBXMihrHmszQV9Gm7SnIoGxG
61rn5uENgcoAyN6j/dL29G66eXNYFBeMDadzYbr7FiTQ+p7kPToobdwSMTAe6MhW
YjS56Qa8Y9gzdjyYaBWU48r7cqTCsoAHBjAQED8vQGnOCUGbCPq129IA20yNUrAY
5cjcAE+6HgmQNL/bsnPNtD66sS8l6TPLGU+UblAzg9fo1ijrndbio6VOWdnburom
WZm3mzRswtl3zZVBVGYQfEALFQgSsKCVQhjkC1b3+PX4KOvgpHXPwLFIMfwux2wc
hhpqrZfOS2AWpv7UIxjlercrkPskljKywGLT97CCky5Ws00YNT1YlNZfeTlPAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUcIyoAArc7N+9fSUiI16czuSYzxkwHwYDVR0j
BBgwFoAU0MkEB8zVNxff6iHVGokh8gVkqyUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
Y2ViZjExNi1mZTJhLTQ5MWItYWFjOC0yMjBlYWQwYjU0ZTIvMC9EMEM5MDQwN0ND
RDUzNzE3REZFQTIxRDUxQTg5MjFGMjA1NjRBQjI1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDBDOTA0MDdDQ0Q1MzcxN0RGRUEyMUQ1MUE4OTIxRjIwNTY0
QUIyNS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhjZWJmMTE2LWZlMmEtNDkxYi1h
YWM4LTIyMGVhZDBiNTRlMi8wLzMyMzAzMjJlMzQzNzJlMzYzNjJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczNjM3MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKL0IwDQYJKoZIhvcN
AQELBQADggEBAKH+b+ydhvgOjvD5CLddK0CjMb9MPevTqQ7j6/6wpeJ2yuKFZXPS
BOrVOgGfaxDmg0KSjfRDi/TVf6Xb9uwve1YjPA82Sv8B9oBRlnmdsVTwmfR9Pui7
+ZJai4G7NlucFBJhlH+XCEKusUY4rgNvX4cAEpl0jzV1/xt5erq2UDB3frfeBgK6
I4LJIlZOLEicN43w40nqL9Q1gd6Whl/twxjFAge4UNE+lpe/4yuaMAAaGwsWwfUc
dv0r5nn0D5UVLAJsi1qfMGnhHtR4rqfVLj3BOn9VGC3+Oj2tq/O4nsFDlRiZy/8M
Qe+TtVBqP6BlmiehUKaiElI/uV5IsMmvqYA=
-----END CERTIFICATE-----
Generated at Wed Jun 3 04:35:19 2026 by rpki-client