Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35382e3232332e302f32342d3234203d3e203137363731.roa
File: 3230322e35382e3232332e302f32342d3234203d3e203137363731.roa (raw, json)
Hash identifier: /Jum2IbBe4HqwUMUlfLXvO/y1OOfzo03ZkmAslSK8io=
Subject key identifier: 00:37:5B:22:90:FA:87:43:9B:91:E8:B4:E3:1C:4C:67:EF:5D:CB:2A
Certificate issuer: /CN=D0C90407CCD53717DFEA21D51A8921F20564AB25
Certificate serial: 2DF45052A83F97FE0B4F693D20EC040065494A63
Authority key identifier: D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35382e3232332e302f32342d3234203d3e203137363731.roa
Signing time: Sat 18 Apr 2026 12:02:49 +0000
ROA not before: Sat 18 Apr 2026 11:57:49 +0000
ROA not after: Sat 17 Apr 2027 12:02:49 +0000
asID: 17671
IP address blocks: 202.58.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:f4:50:52:a8:3f:97:fe:0b:4f:69:3d:20:ec:04:00:65:49:4a:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D0C90407CCD53717DFEA21D51A8921F20564AB25
Validity
Not Before: Apr 18 11:57:49 2026 GMT
Not After : Apr 17 12:02:49 2027 GMT
Subject: CN=00375B2290FA87439B91E8B4E31C4C67EF5DCB2A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b5:78:74:a4:73:63:43:17:d7:c6:72:8e:c3:
5c:81:df:59:01:c7:c4:2c:2f:32:80:46:d3:db:34:
da:e2:b5:55:a7:12:4c:7c:04:2e:cb:a1:35:2e:39:
5c:72:30:a4:14:cd:04:f1:21:e1:41:29:d0:96:36:
aa:d1:ce:27:b4:ad:be:03:e4:5b:a7:ef:03:27:80:
62:76:d3:7d:e0:1b:5b:37:61:4b:c9:8f:44:b4:53:
49:25:80:7d:f3:3f:47:ee:d7:c4:9f:f8:f1:70:f2:
a3:f7:f1:ce:1b:34:d5:a9:2c:80:c5:38:f2:5b:57:
f8:78:99:b4:43:90:d4:19:d9:25:4d:79:4d:c2:72:
3a:20:f7:79:39:18:17:11:26:a3:2b:88:14:44:e2:
81:ce:b1:b4:eb:3e:b1:4f:df:69:fb:31:84:ef:17:
2a:a1:08:9d:28:34:7f:34:2e:8e:f0:47:b7:50:ce:
a6:f6:0c:c4:7a:ca:8b:78:b4:e9:40:e3:9f:29:e8:
82:fd:5d:f2:e0:2f:b0:a5:d3:41:d7:d7:f7:5e:15:
b3:08:2d:36:8f:1a:0d:90:32:b5:d4:e8:6f:96:6a:
47:12:a1:0a:48:ce:15:2a:11:a8:2a:12:51:b9:9f:
e1:24:34:70:44:64:5f:29:a0:74:f5:bd:ed:30:b2:
2e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:37:5B:22:90:FA:87:43:9B:91:E8:B4:E3:1C:4C:67:EF:5D:CB:2A
X509v3 Authority Key Identifier:
keyid:D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/D0C90407CCD53717DFEA21D51A8921F20564AB25.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35382e3232332e302f32342d3234203d3e203137363731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.58.223.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:00:ce:75:22:51:76:14:ec:09:56:e8:6e:a3:ca:3b:d4:a7:
ee:90:3f:75:2a:68:f1:f3:af:cf:f7:18:e9:4d:a0:ce:a6:ea:
dc:6c:d6:6c:b0:76:9b:a4:76:30:de:14:7d:58:9f:8d:f8:6a:
d9:0b:1d:6a:de:87:12:1f:6c:31:54:34:9d:b4:1a:b8:3d:9c:
7c:8f:48:72:71:88:dd:f8:94:d8:af:75:c0:2d:60:e0:3b:4e:
92:47:42:ed:5c:71:83:56:54:57:c7:ec:ed:cd:be:c5:41:96:
3c:ab:63:d2:11:24:9d:d5:ae:49:db:6f:33:07:45:01:f2:29:
09:a8:0d:a2:4c:19:f5:de:e8:0d:71:6b:58:1a:4d:b3:a0:2d:
b4:76:d9:ba:70:8d:5b:9f:db:bb:fb:fe:9a:9f:2e:9c:91:98:
88:73:c4:01:4c:4a:7e:d1:3c:5f:72:4e:f8:25:37:8f:de:71:
d7:c3:54:b0:6e:a7:58:a0:de:e1:61:01:4a:c0:87:61:49:ec:
60:75:cb:b0:82:2c:64:c3:54:ee:90:66:f7:b0:3e:35:79:96:
69:0b:11:ca:98:eb:82:15:1b:92:da:dd:2c:21:ab:ed:c0:50:
36:f8:3c:cd:5d:86:3f:22:00:cf:e2:bb:56:80:88:10:dc:4c:
74:d6:49:c6
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIULfRQUqg/l/4LT2k9IOwEAGVJSmMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDBDOTA0MDdDQ0Q1MzcxN0RGRUEyMUQ1MUE4OTIxRjIw
NTY0QUIyNTAeFw0yNjA0MTgxMTU3NDlaFw0yNzA0MTcxMjAyNDlaMDMxMTAvBgNV
BAMTKDAwMzc1QjIyOTBGQTg3NDM5QjkxRThCNEUzMUM0QzY3RUY1RENCMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJtXh0pHNjQxfXxnKOw1yB31kB
x8QsLzKARtPbNNritVWnEkx8BC7LoTUuOVxyMKQUzQTxIeFBKdCWNqrRzie0rb4D
5Fun7wMngGJ2033gG1s3YUvJj0S0U0klgH3zP0fu18Sf+PFw8qP38c4bNNWpLIDF
OPJbV/h4mbRDkNQZ2SVNeU3Ccjog93k5GBcRJqMriBRE4oHOsbTrPrFP32n7MYTv
FyqhCJ0oNH80Lo7wR7dQzqb2DMR6yot4tOlA458p6IL9XfLgL7Cl00HX1/deFbMI
LTaPGg2QMrXU6G+WakcSoQpIzhUqEagqElG5n+EkNHBEZF8poHT1ve0wsi7xAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUADdbIpD6h0Obkei04xxMZ+9dyyowHwYDVR0j
BBgwFoAU0MkEB8zVNxff6iHVGokh8gVkqyUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
Y2ViZjExNi1mZTJhLTQ5MWItYWFjOC0yMjBlYWQwYjU0ZTIvMC9EMEM5MDQwN0ND
RDUzNzE3REZFQTIxRDUxQTg5MjFGMjA1NjRBQjI1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDBDOTA0MDdDQ0Q1MzcxN0RGRUEyMUQ1MUE4OTIxRjIwNTY0
QUIyNS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhjZWJmMTE2LWZlMmEtNDkxYi1h
YWM4LTIyMGVhZDBiNTRlMi8wLzMyMzAzMjJlMzUzODJlMzIzMjMzMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNzM2MzczMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMo63zANBgkqhkiG
9w0BAQsFAAOCAQEASwDOdSJRdhTsCVbobqPKO9Sn7pA/dSpo8fOvz/cY6U2gzqbq
3GzWbLB2m6R2MN4UfVifjfhq2Qsdat6HEh9sMVQ0nbQauD2cfI9IcnGI3fiU2K91
wC1g4DtOkkdC7Vxxg1ZUV8fs7c2+xUGWPKtj0hEkndWuSdtvMwdFAfIpCagNokwZ
9d7oDXFrWBpNs6AttHbZunCNW5/bu/v+mp8unJGYiHPEAUxKftE8X3JO+CU3j95x
18NUsG6nWKDe4WEBSsCHYUnsYHXLsIIsZMNU7pBm97A+NXmWaQsRypjrghUbktrd
LCGr7cBQNvg8zV2GPyIAz+K7VoCIENxMdNZJxg==
-----END CERTIFICATE-----
Generated at Wed Jun 3 04:35:16 2026 by rpki-client