Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35382e3232312e302f32342d3234203d3e203137363731.roa
File: 3230322e35382e3232312e302f32342d3234203d3e203137363731.roa (raw, json)
Hash identifier: LX+M4x5ZAAcGcx6iSKtBVtdRiCRevlZCyoITXnwRv8Y=
Subject key identifier: 63:67:16:4D:67:C5:95:EB:66:09:37:AA:6E:F7:13:F0:61:4C:7B:53
Certificate issuer: /CN=D0C90407CCD53717DFEA21D51A8921F20564AB25
Certificate serial: 6B41B89F9C7687EC1F919BA70752978521F527F3
Authority key identifier: D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35382e3232312e302f32342d3234203d3e203137363731.roa
Signing time: Sat 18 Apr 2026 12:02:49 +0000
ROA not before: Sat 18 Apr 2026 11:57:49 +0000
ROA not after: Sat 17 Apr 2027 12:02:49 +0000
asID: 17671
IP address blocks: 202.58.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:41:b8:9f:9c:76:87:ec:1f:91:9b:a7:07:52:97:85:21:f5:27:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D0C90407CCD53717DFEA21D51A8921F20564AB25
Validity
Not Before: Apr 18 11:57:49 2026 GMT
Not After : Apr 17 12:02:49 2027 GMT
Subject: CN=6367164D67C595EB660937AA6EF713F0614C7B53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a9:62:8e:69:03:36:f3:5f:3d:ec:98:98:60:
7b:6e:35:73:35:15:8e:a6:e5:c5:8c:00:ff:55:4b:
3a:9b:43:17:46:2c:2e:37:ef:c1:c2:2d:48:02:99:
cd:d5:07:83:a3:11:2f:79:96:08:99:fd:a1:2c:1f:
fa:c5:02:f4:d6:6c:b7:76:5f:e0:e9:75:70:ed:3f:
eb:0b:87:ef:b9:f8:0a:47:f3:35:b1:47:d0:32:a3:
77:bd:ab:74:ed:b0:c2:21:8a:96:be:86:f9:b6:30:
0e:e1:68:94:28:eb:e9:fe:be:5f:7e:d1:6e:6a:61:
2b:1a:80:9f:77:30:6a:c0:19:09:b7:c7:08:7d:cd:
22:1f:69:5f:78:8c:ae:3c:62:f4:af:74:c7:d4:61:
c0:04:5b:2b:47:83:fe:c6:2a:01:c6:2c:8e:c0:60:
5e:63:4d:47:fc:03:6a:22:3b:5e:72:a2:30:66:f6:
ca:4c:e7:20:12:d6:38:ea:8d:dd:29:45:7d:ab:8e:
09:40:48:15:2e:dc:65:05:73:92:8e:72:99:7a:51:
a6:ee:93:59:05:15:a9:da:a7:ae:33:56:84:3b:af:
e7:5d:93:b4:c9:6d:9d:4e:10:32:89:39:0b:9d:f8:
09:4d:ce:76:c3:b6:de:a6:bc:e8:43:e4:36:51:4d:
0f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:67:16:4D:67:C5:95:EB:66:09:37:AA:6E:F7:13:F0:61:4C:7B:53
X509v3 Authority Key Identifier:
keyid:D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/D0C90407CCD53717DFEA21D51A8921F20564AB25.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35382e3232312e302f32342d3234203d3e203137363731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.58.221.0/24
Signature Algorithm: sha256WithRSAEncryption
16:c0:f8:90:a6:48:cf:f5:4a:74:43:73:43:27:12:e4:e6:24:
ee:33:72:ff:2d:4e:d3:99:da:f4:59:98:9c:69:b2:6b:70:77:
92:e0:01:d5:d2:ea:87:cd:29:b3:67:c2:7b:80:21:3c:cf:b1:
2b:2a:4a:89:f7:e9:3b:fa:92:57:c3:0a:99:18:a1:b4:10:d2:
79:6d:83:a5:5b:71:df:86:12:d3:84:95:41:0d:9f:68:37:f6:
e9:86:56:01:10:e2:ab:98:40:6d:9e:78:bb:5e:26:14:ad:f7:
03:eb:89:9b:59:c8:ce:e8:e4:7d:c9:60:ca:a9:12:34:ce:ec:
71:a7:6c:5d:53:58:20:8c:0d:6a:a1:0f:9e:15:d8:aa:34:66:
1a:7f:17:9d:e5:ed:6f:6b:df:4d:69:de:bd:45:71:b7:a5:71:
00:52:dc:91:b1:fb:07:35:c4:c9:ad:30:c8:be:6c:0e:54:c8:
f1:5d:8b:d3:00:8b:cc:25:93:cd:13:84:47:b4:64:ef:85:26:
ac:c7:aa:e4:11:ff:af:ef:14:26:03:32:7d:0d:be:35:34:08:
7e:e8:4a:78:3b:cd:a7:09:1d:69:eb:5e:71:66:11:f7:bc:ae:
38:c0:d6:17:8b:b2:f8:a6:93:cc:ff:fb:7c:fa:5c:f5:65:9f:
34:21:b9:40
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUa0G4n5x2h+wfkZunB1KXhSH1J/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDBDOTA0MDdDQ0Q1MzcxN0RGRUEyMUQ1MUE4OTIxRjIw
NTY0QUIyNTAeFw0yNjA0MTgxMTU3NDlaFw0yNzA0MTcxMjAyNDlaMDMxMTAvBgNV
BAMTKDYzNjcxNjRENjdDNTk1RUI2NjA5MzdBQTZFRjcxM0YwNjE0QzdCNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1qWKOaQM281897JiYYHtuNXM1
FY6m5cWMAP9VSzqbQxdGLC4378HCLUgCmc3VB4OjES95lgiZ/aEsH/rFAvTWbLd2
X+DpdXDtP+sLh++5+ApH8zWxR9Ayo3e9q3TtsMIhipa+hvm2MA7haJQo6+n+vl9+
0W5qYSsagJ93MGrAGQm3xwh9zSIfaV94jK48YvSvdMfUYcAEWytHg/7GKgHGLI7A
YF5jTUf8A2oiO15yojBm9spM5yAS1jjqjd0pRX2rjglASBUu3GUFc5KOcpl6Uabu
k1kFFanap64zVoQ7r+ddk7TJbZ1OEDKJOQud+AlNznbDtt6mvOhD5DZRTQ8/AgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUY2cWTWfFletmCTeqbvcT8GFMe1MwHwYDVR0j
BBgwFoAU0MkEB8zVNxff6iHVGokh8gVkqyUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
Y2ViZjExNi1mZTJhLTQ5MWItYWFjOC0yMjBlYWQwYjU0ZTIvMC9EMEM5MDQwN0ND
RDUzNzE3REZFQTIxRDUxQTg5MjFGMjA1NjRBQjI1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDBDOTA0MDdDQ0Q1MzcxN0RGRUEyMUQ1MUE4OTIxRjIwNTY0
QUIyNS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhjZWJmMTE2LWZlMmEtNDkxYi1h
YWM4LTIyMGVhZDBiNTRlMi8wLzMyMzAzMjJlMzUzODJlMzIzMjMxMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNzM2MzczMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMo63TANBgkqhkiG
9w0BAQsFAAOCAQEAFsD4kKZIz/VKdENzQycS5OYk7jNy/y1O05na9FmYnGmya3B3
kuAB1dLqh80ps2fCe4AhPM+xKypKiffpO/qSV8MKmRihtBDSeW2DpVtx34YS04SV
QQ2faDf26YZWARDiq5hAbZ54u14mFK33A+uJm1nIzujkfclgyqkSNM7scadsXVNY
IIwNaqEPnhXYqjRmGn8XneXtb2vfTWnevUVxt6VxAFLckbH7BzXEya0wyL5sDlTI
8V2L0wCLzCWTzROER7Rk74UmrMeq5BH/r+8UJgMyfQ2+NTQIfuhKeDvNpwkdaete
cWYR97yuOMDWF4uy+KaTzP/7fPpc9WWfNCG5QA==
-----END CERTIFICATE-----
Generated at Wed Jun 3 04:35:16 2026 by rpki-client