Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35382e3232302e302f32342d3234203d3e203137363731.roa
File: 3230322e35382e3232302e302f32342d3234203d3e203137363731.roa (raw, json)
Hash identifier: GJMP2g9tufGJ1xN1l8f2eE/HZsGZD6+ZRbcxcwjEuyA=
Subject key identifier: 73:25:FD:C6:4D:21:90:82:CC:12:82:74:1B:C2:13:32:D6:94:16:89
Certificate issuer: /CN=D0C90407CCD53717DFEA21D51A8921F20564AB25
Certificate serial: 316714C8E093A37915D1A425FB859801461916F9
Authority key identifier: D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35382e3232302e302f32342d3234203d3e203137363731.roa
Signing time: Sat 18 Apr 2026 12:02:51 +0000
ROA not before: Sat 18 Apr 2026 11:57:51 +0000
ROA not after: Sat 17 Apr 2027 12:02:51 +0000
asID: 17671
IP address blocks: 202.58.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:67:14:c8:e0:93:a3:79:15:d1:a4:25:fb:85:98:01:46:19:16:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D0C90407CCD53717DFEA21D51A8921F20564AB25
Validity
Not Before: Apr 18 11:57:51 2026 GMT
Not After : Apr 17 12:02:51 2027 GMT
Subject: CN=7325FDC64D219082CC1282741BC21332D6941689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:02:29:c1:08:93:3a:60:85:6b:0e:5a:ea:fe:
ec:f5:c4:f3:05:d7:59:f6:e4:96:3d:7b:c3:2e:04:
67:fc:61:a3:48:9d:03:54:fa:9a:ea:c5:17:93:9b:
1f:86:85:a6:cd:4d:7f:98:b2:96:84:28:3e:03:ec:
3a:80:3f:17:2a:5e:a1:75:7a:98:44:77:f5:04:5a:
36:34:36:ce:59:51:da:b7:c0:66:d5:9d:e2:3d:9d:
62:e1:fa:77:3f:2a:d6:eb:dd:92:04:7e:bb:7b:13:
0a:3f:d7:03:94:6b:93:33:d6:db:98:39:81:f4:30:
c0:83:43:3f:f4:0a:73:9f:9e:a4:19:63:83:10:60:
4c:c3:75:02:f2:83:85:ae:2e:95:c5:0a:91:70:e7:
3c:26:5e:d3:c7:95:8b:96:48:06:23:c6:d0:e5:18:
d7:a6:04:63:4e:9c:b5:23:a6:96:2d:48:84:b7:4d:
5c:39:15:47:c0:44:95:70:c3:f7:7e:7a:3b:ce:2f:
18:20:77:a9:d1:35:93:64:ce:12:da:ec:c6:a2:1a:
d8:4b:d5:72:d2:93:af:68:4f:1c:7c:6d:8c:f8:02:
99:1e:38:e1:d8:6d:6c:3d:07:ba:53:58:aa:73:02:
93:df:9c:c1:37:35:93:21:3a:d0:23:25:82:7c:8c:
07:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:25:FD:C6:4D:21:90:82:CC:12:82:74:1B:C2:13:32:D6:94:16:89
X509v3 Authority Key Identifier:
keyid:D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/D0C90407CCD53717DFEA21D51A8921F20564AB25.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35382e3232302e302f32342d3234203d3e203137363731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.58.220.0/24
Signature Algorithm: sha256WithRSAEncryption
62:4f:49:e5:3a:ca:cd:2f:e0:3e:c8:e8:46:31:3e:79:2f:3e:
40:8b:a4:75:96:39:6d:89:b7:0e:c7:dc:1d:00:36:63:9f:4d:
09:62:06:cb:2c:ef:8a:97:57:f6:1e:87:01:75:19:70:16:8d:
34:07:d7:96:38:bb:7c:76:7a:dc:e0:c1:d0:64:86:78:78:5b:
57:ae:c1:75:d4:4c:28:d8:db:50:34:ae:d8:08:85:85:ce:19:
3e:09:27:18:c4:45:4f:cc:1f:3a:59:d6:b1:b3:0f:57:a6:fc:
3e:e2:4a:50:08:bc:1e:91:15:a0:b0:84:2d:e2:51:62:07:65:
4a:db:6d:37:4a:6b:72:0d:c9:42:6e:f6:d4:3d:33:ab:9e:08:
48:e1:f2:62:4c:34:7c:20:5d:17:8e:b5:24:41:19:6f:77:62:
6b:7f:f5:46:5a:aa:a1:4b:6e:fb:63:28:81:6f:d4:c5:56:11:
ce:e6:14:2d:93:c7:29:71:4e:95:27:7a:ac:00:7d:48:89:74:
02:85:6d:e0:2f:7a:fd:0b:15:fc:fc:87:f9:ec:81:08:6d:54:
af:ed:c3:1a:ca:90:78:19:f5:7d:f3:7e:e8:a8:06:de:8e:ca:
4b:32:b5:1d:66:53:d7:0a:8e:e2:48:a8:20:4d:be:5c:9c:a2:
96:bb:4a:03
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUMWcUyOCTo3kV0aQl+4WYAUYZFvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDBDOTA0MDdDQ0Q1MzcxN0RGRUEyMUQ1MUE4OTIxRjIw
NTY0QUIyNTAeFw0yNjA0MTgxMTU3NTFaFw0yNzA0MTcxMjAyNTFaMDMxMTAvBgNV
BAMTKDczMjVGREM2NEQyMTkwODJDQzEyODI3NDFCQzIxMzMyRDY5NDE2ODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdAinBCJM6YIVrDlrq/uz1xPMF
11n25JY9e8MuBGf8YaNInQNU+prqxReTmx+GhabNTX+YspaEKD4D7DqAPxcqXqF1
ephEd/UEWjY0Ns5ZUdq3wGbVneI9nWLh+nc/Ktbr3ZIEfrt7Ewo/1wOUa5Mz1tuY
OYH0MMCDQz/0CnOfnqQZY4MQYEzDdQLyg4WuLpXFCpFw5zwmXtPHlYuWSAYjxtDl
GNemBGNOnLUjppYtSIS3TVw5FUfARJVww/d+ejvOLxggd6nRNZNkzhLa7MaiGthL
1XLSk69oTxx8bYz4ApkeOOHYbWw9B7pTWKpzApPfnME3NZMhOtAjJYJ8jAdrAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUcyX9xk0hkILMEoJ0G8ITMtaUFokwHwYDVR0j
BBgwFoAU0MkEB8zVNxff6iHVGokh8gVkqyUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
Y2ViZjExNi1mZTJhLTQ5MWItYWFjOC0yMjBlYWQwYjU0ZTIvMC9EMEM5MDQwN0ND
RDUzNzE3REZFQTIxRDUxQTg5MjFGMjA1NjRBQjI1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDBDOTA0MDdDQ0Q1MzcxN0RGRUEyMUQ1MUE4OTIxRjIwNTY0
QUIyNS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhjZWJmMTE2LWZlMmEtNDkxYi1h
YWM4LTIyMGVhZDBiNTRlMi8wLzMyMzAzMjJlMzUzODJlMzIzMjMwMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNzM2MzczMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMo63DANBgkqhkiG
9w0BAQsFAAOCAQEAYk9J5TrKzS/gPsjoRjE+eS8+QIukdZY5bYm3DsfcHQA2Y59N
CWIGyyzvipdX9h6HAXUZcBaNNAfXlji7fHZ63ODB0GSGeHhbV67BddRMKNjbUDSu
2AiFhc4ZPgknGMRFT8wfOlnWsbMPV6b8PuJKUAi8HpEVoLCELeJRYgdlStttN0pr
cg3JQm721D0zq54ISOHyYkw0fCBdF461JEEZb3dia3/1RlqqoUtu+2MogW/UxVYR
zuYULZPHKXFOlSd6rAB9SIl0AoVt4C96/QsV/PyH+eyBCG1Ur+3DGsqQeBn1ffN+
6KgG3o7KSzK1HWZT1wqO4kioIE2+XJyilrtKAw==
-----END CERTIFICATE-----
Generated at Wed Jun 3 04:35:16 2026 by rpki-client