Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35382e3231362e302f32342d3234203d3e203137363731.roa
File: 3230322e35382e3231362e302f32342d3234203d3e203137363731.roa (raw, json)
Hash identifier: MBqCGdWWkl0unkE4OgZaxjWBTDgyK+Bw0Ymlk8/jEes=
Subject key identifier: 3D:51:2C:F8:43:2C:DB:EA:A0:E8:71:ED:E3:DA:BA:6F:69:40:43:DD
Certificate issuer: /CN=D0C90407CCD53717DFEA21D51A8921F20564AB25
Certificate serial: 550B5ECF0CC5BB6690E89FD11E5DA04AEE4574B8
Authority key identifier: D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35382e3231362e302f32342d3234203d3e203137363731.roa
Signing time: Sat 18 Apr 2026 12:02:53 +0000
ROA not before: Sat 18 Apr 2026 11:57:53 +0000
ROA not after: Sat 17 Apr 2027 12:02:53 +0000
asID: 17671
IP address blocks: 202.58.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:0b:5e:cf:0c:c5:bb:66:90:e8:9f:d1:1e:5d:a0:4a:ee:45:74:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D0C90407CCD53717DFEA21D51A8921F20564AB25
Validity
Not Before: Apr 18 11:57:53 2026 GMT
Not After : Apr 17 12:02:53 2027 GMT
Subject: CN=3D512CF8432CDBEAA0E871EDE3DABA6F694043DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e2:49:69:93:e6:7d:83:1f:aa:75:ba:29:1a:
38:05:99:12:55:7c:0f:04:cf:cf:bf:1a:35:3d:eb:
a8:cd:d6:09:c5:59:05:f0:6d:80:33:2b:2c:4a:a7:
01:7c:2c:80:1b:a9:3c:d1:e4:37:1c:fc:e5:ba:c4:
31:18:8a:a3:4d:3a:9f:3d:d8:c8:a5:0b:b1:44:c2:
ef:f3:cf:a7:02:d6:ee:d4:52:90:4e:50:80:11:9b:
2a:68:76:be:87:56:33:c5:7d:4f:ea:30:5c:4d:bb:
da:9b:36:77:2d:29:53:d2:83:65:d1:24:b3:ff:1f:
92:1e:0e:66:53:48:38:d7:0a:25:04:24:5a:ba:79:
68:9c:aa:8a:f2:00:a5:b3:da:d3:f3:10:e3:12:7e:
af:b9:8b:ab:01:8b:f2:ad:a1:32:67:9e:9e:9f:15:
52:d3:79:2f:80:a8:5c:de:49:aa:4d:be:54:21:e8:
ee:a8:2a:d3:75:6f:99:f0:e4:84:fe:93:d8:ef:0f:
0d:94:9d:2c:30:4e:b2:59:80:21:21:e1:7f:49:b8:
51:f9:ea:4e:29:ea:be:86:ac:45:f4:2b:05:3a:55:
5e:02:77:ad:ae:75:6d:f0:89:0c:1a:a4:dd:f3:eb:
56:32:d7:bf:c6:27:66:4e:96:51:71:11:fc:bf:8e:
f2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:51:2C:F8:43:2C:DB:EA:A0:E8:71:ED:E3:DA:BA:6F:69:40:43:DD
X509v3 Authority Key Identifier:
keyid:D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/D0C90407CCD53717DFEA21D51A8921F20564AB25.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35382e3231362e302f32342d3234203d3e203137363731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.58.216.0/24
Signature Algorithm: sha256WithRSAEncryption
60:94:e0:19:66:c1:78:0b:df:8d:6e:c3:e3:39:99:55:1b:8f:
e0:74:0c:df:40:b4:f1:50:8a:ac:d5:ef:d8:99:b4:4b:f1:be:
3a:28:37:5c:d7:6c:e9:b8:60:41:cc:20:f2:12:e0:ff:67:19:
7a:0d:70:ab:2a:98:ec:8c:93:24:a6:37:8d:6e:88:ff:c9:86:
d1:0c:f6:ec:4f:3a:dc:5a:f7:58:58:67:83:d6:4f:cf:7b:b1:
cf:88:b0:dd:e4:be:d9:bb:3a:67:d3:84:e2:4a:01:52:ad:ca:
c1:3b:f6:e2:5c:14:cb:1f:1f:cc:01:ec:06:a0:5b:d0:54:8b:
fb:8c:d0:e4:b6:b7:59:74:c5:28:22:32:c2:ef:ac:36:8d:d4:
5c:14:39:c3:0b:e8:12:59:01:d4:1d:da:8f:5d:26:a3:fc:3b:
4f:fd:2f:7c:2c:02:2a:46:c8:f1:75:3b:5e:fb:ed:3d:b6:fd:
03:4b:e4:51:1f:71:a4:98:44:36:e1:ce:44:b9:61:5e:b9:fc:
c8:03:a3:6b:da:3c:ff:09:31:8c:15:8e:60:5d:0d:49:82:d0:
3f:6f:ad:56:e7:42:51:ab:7f:51:59:df:ef:a4:06:48:03:5b:
8c:2a:2f:34:ac:f0:95:b3:fc:1c:6d:fa:1f:6b:a6:01:2f:c8:
3f:a3:0d:3f
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUVQtezwzFu2aQ6J/RHl2gSu5FdLgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDBDOTA0MDdDQ0Q1MzcxN0RGRUEyMUQ1MUE4OTIxRjIw
NTY0QUIyNTAeFw0yNjA0MTgxMTU3NTNaFw0yNzA0MTcxMjAyNTNaMDMxMTAvBgNV
BAMTKDNENTEyQ0Y4NDMyQ0RCRUFBMEU4NzFFREUzREFCQTZGNjk0MDQzREQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt4klpk+Z9gx+qdbopGjgFmRJV
fA8Ez8+/GjU966jN1gnFWQXwbYAzKyxKpwF8LIAbqTzR5Dcc/OW6xDEYiqNNOp89
2MilC7FEwu/zz6cC1u7UUpBOUIARmypodr6HVjPFfU/qMFxNu9qbNnctKVPSg2XR
JLP/H5IeDmZTSDjXCiUEJFq6eWicqoryAKWz2tPzEOMSfq+5i6sBi/KtoTJnnp6f
FVLTeS+AqFzeSapNvlQh6O6oKtN1b5nw5IT+k9jvDw2UnSwwTrJZgCEh4X9JuFH5
6k4p6r6GrEX0KwU6VV4Cd62udW3wiQwapN3z61Yy17/GJ2ZOllFxEfy/jvLPAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUPVEs+EMs2+qg6HHt49q6b2lAQ90wHwYDVR0j
BBgwFoAU0MkEB8zVNxff6iHVGokh8gVkqyUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
Y2ViZjExNi1mZTJhLTQ5MWItYWFjOC0yMjBlYWQwYjU0ZTIvMC9EMEM5MDQwN0ND
RDUzNzE3REZFQTIxRDUxQTg5MjFGMjA1NjRBQjI1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDBDOTA0MDdDQ0Q1MzcxN0RGRUEyMUQ1MUE4OTIxRjIwNTY0
QUIyNS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhjZWJmMTE2LWZlMmEtNDkxYi1h
YWM4LTIyMGVhZDBiNTRlMi8wLzMyMzAzMjJlMzUzODJlMzIzMTM2MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNzM2MzczMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMo62DANBgkqhkiG
9w0BAQsFAAOCAQEAYJTgGWbBeAvfjW7D4zmZVRuP4HQM30C08VCKrNXv2Jm0S/G+
Oig3XNds6bhgQcwg8hLg/2cZeg1wqyqY7IyTJKY3jW6I/8mG0Qz27E863Fr3WFhn
g9ZPz3uxz4iw3eS+2bs6Z9OE4koBUq3KwTv24lwUyx8fzAHsBqBb0FSL+4zQ5La3
WXTFKCIywu+sNo3UXBQ5wwvoElkB1B3aj10mo/w7T/0vfCwCKkbI8XU7XvvtPbb9
A0vkUR9xpJhENuHORLlhXrn8yAOja9o8/wkxjBWOYF0NSYLQP2+tVudCUat/UVnf
76QGSANbjCovNKzwlbP8HG36H2umAS/IP6MNPw==
-----END CERTIFICATE-----
Generated at Wed Jun 3 04:35:15 2026 by rpki-client