Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35382e3231382e302f32342d3234203d3e203137363731.roa
File: 3230322e35382e3231382e302f32342d3234203d3e203137363731.roa (raw, json)
Hash identifier: zB0pBQEI4gDkf6jGhNP1mU46Lh2SFypVcAdIJR5M2xM=
Subject key identifier: 6F:72:FF:CE:F3:1D:2B:94:89:51:99:1D:59:89:AC:2F:4A:72:86:3A
Certificate issuer: /CN=D0C90407CCD53717DFEA21D51A8921F20564AB25
Certificate serial: 7957777238090550E6326CA8A9C417949889E84E
Authority key identifier: D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35382e3231382e302f32342d3234203d3e203137363731.roa
Signing time: Sat 18 Apr 2026 12:02:52 +0000
ROA not before: Sat 18 Apr 2026 11:57:52 +0000
ROA not after: Sat 17 Apr 2027 12:02:52 +0000
asID: 17671
IP address blocks: 202.58.218.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:57:77:72:38:09:05:50:e6:32:6c:a8:a9:c4:17:94:98:89:e8:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D0C90407CCD53717DFEA21D51A8921F20564AB25
Validity
Not Before: Apr 18 11:57:52 2026 GMT
Not After : Apr 17 12:02:52 2027 GMT
Subject: CN=6F72FFCEF31D2B948951991D5989AC2F4A72863A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:75:74:77:cd:fc:a6:8a:e9:a6:79:0b:63:1d:
46:da:66:bd:3b:97:a1:80:3f:c4:fb:1c:a7:b7:ab:
b8:b2:db:44:b3:a5:83:46:e6:7f:0c:0d:e2:78:77:
b3:dc:ab:ed:76:6a:51:e5:4d:6e:26:59:1c:a4:c1:
56:66:58:45:e3:f1:db:28:07:da:38:bb:3c:dc:c8:
b8:4b:43:30:e8:c3:68:eb:17:dd:e1:bd:a0:c8:93:
14:f7:30:3f:23:b5:aa:3b:5e:97:54:48:a2:cb:a8:
87:ec:d3:cc:e8:c9:b1:c7:d9:2e:d9:a6:74:b1:70:
3e:e2:48:a9:bf:47:15:48:1f:7f:30:db:bf:d5:73:
13:0d:17:0b:fc:08:7e:2d:27:e0:5c:67:01:0a:91:
80:30:6b:c3:17:f1:99:f5:45:b7:e1:07:df:52:37:
9d:85:eb:c1:a4:c9:16:47:85:35:e6:b4:01:4a:3e:
99:98:a1:0d:8d:78:ed:07:51:b5:68:db:84:fc:72:
83:b8:f2:53:8e:62:a3:78:1b:e5:ef:23:fc:89:62:
82:85:e4:1c:1d:0a:d4:02:a0:34:41:ec:97:10:79:
62:c0:15:7c:68:34:80:f5:60:41:db:90:44:eb:dc:
47:6c:8f:97:3b:df:79:1b:0a:77:2e:61:62:65:3d:
4c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:72:FF:CE:F3:1D:2B:94:89:51:99:1D:59:89:AC:2F:4A:72:86:3A
X509v3 Authority Key Identifier:
keyid:D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/D0C90407CCD53717DFEA21D51A8921F20564AB25.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35382e3231382e302f32342d3234203d3e203137363731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.58.218.0/24
Signature Algorithm: sha256WithRSAEncryption
18:07:09:73:12:ab:0d:bd:09:ad:d5:db:f7:e1:24:20:93:df:
93:8b:86:56:61:9f:a4:af:b5:4c:2c:77:bf:7f:4b:5d:af:43:
e9:64:f9:52:bc:90:e7:96:58:6f:04:12:98:0a:e2:4c:d9:61:
7b:86:5f:de:de:e1:9d:a8:97:b3:a7:54:89:63:ac:78:b2:8d:
bd:24:5e:f9:b7:4c:8b:a7:eb:2e:39:a7:bf:c6:38:76:26:3d:
5f:81:90:ab:61:7c:69:a8:b1:95:5f:50:79:27:0c:30:54:96:
53:29:fd:f1:50:18:a2:ff:9d:0b:eb:45:fc:5e:df:b0:6e:a1:
a2:9e:84:98:de:a5:b4:80:82:bc:0c:56:e4:d8:e6:6f:4f:18:
fa:8f:86:b0:3a:bf:c1:b9:72:7a:85:9d:a4:f0:24:1b:32:8d:
53:c6:78:9b:ee:06:c3:51:3b:c5:33:5f:2d:7d:5b:1c:e1:d6:
82:91:6e:62:88:77:ea:a4:4e:a4:3f:c6:4d:e9:c0:f2:9c:7a:
95:85:ca:ee:f0:2a:f4:10:45:42:ef:30:7a:93:5c:b5:4a:93:
32:0d:6a:6a:d8:ef:3d:f2:55:89:ae:fd:c6:8f:25:f9:87:56:
b1:4a:64:17:7d:ad:fa:42:53:57:36:10:dc:20:94:30:2e:70:
f1:21:4f:b8
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUeVd3cjgJBVDmMmyoqcQXlJiJ6E4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDBDOTA0MDdDQ0Q1MzcxN0RGRUEyMUQ1MUE4OTIxRjIw
NTY0QUIyNTAeFw0yNjA0MTgxMTU3NTJaFw0yNzA0MTcxMjAyNTJaMDMxMTAvBgNV
BAMTKDZGNzJGRkNFRjMxRDJCOTQ4OTUxOTkxRDU5ODlBQzJGNEE3Mjg2M0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6dXR3zfymiummeQtjHUbaZr07
l6GAP8T7HKe3q7iy20SzpYNG5n8MDeJ4d7Pcq+12alHlTW4mWRykwVZmWEXj8dso
B9o4uzzcyLhLQzDow2jrF93hvaDIkxT3MD8jtao7XpdUSKLLqIfs08zoybHH2S7Z
pnSxcD7iSKm/RxVIH38w27/VcxMNFwv8CH4tJ+BcZwEKkYAwa8MX8Zn1RbfhB99S
N52F68GkyRZHhTXmtAFKPpmYoQ2NeO0HUbVo24T8coO48lOOYqN4G+XvI/yJYoKF
5BwdCtQCoDRB7JcQeWLAFXxoNID1YEHbkETr3Edsj5c733kbCncuYWJlPUyLAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUb3L/zvMdK5SJUZkdWYmsL0pyhjowHwYDVR0j
BBgwFoAU0MkEB8zVNxff6iHVGokh8gVkqyUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
Y2ViZjExNi1mZTJhLTQ5MWItYWFjOC0yMjBlYWQwYjU0ZTIvMC9EMEM5MDQwN0ND
RDUzNzE3REZFQTIxRDUxQTg5MjFGMjA1NjRBQjI1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDBDOTA0MDdDQ0Q1MzcxN0RGRUEyMUQ1MUE4OTIxRjIwNTY0
QUIyNS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhjZWJmMTE2LWZlMmEtNDkxYi1h
YWM4LTIyMGVhZDBiNTRlMi8wLzMyMzAzMjJlMzUzODJlMzIzMTM4MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNzM2MzczMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMo62jANBgkqhkiG
9w0BAQsFAAOCAQEAGAcJcxKrDb0JrdXb9+EkIJPfk4uGVmGfpK+1TCx3v39LXa9D
6WT5UryQ55ZYbwQSmAriTNlhe4Zf3t7hnaiXs6dUiWOseLKNvSRe+bdMi6frLjmn
v8Y4diY9X4GQq2F8aaixlV9QeScMMFSWUyn98VAYov+dC+tF/F7fsG6hop6EmN6l
tICCvAxW5Njmb08Y+o+GsDq/wblyeoWdpPAkGzKNU8Z4m+4Gw1E7xTNfLX1bHOHW
gpFuYoh36qROpD/GTenA8px6lYXK7vAq9BBFQu8wepNctUqTMg1qatjvPfJVia79
xo8l+YdWsUpkF32t+kJTVzYQ3CCUMC5w8SFPuA==
-----END CERTIFICATE-----
Generated at Wed Jun 3 04:35:16 2026 by rpki-client