Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/32372e3133312e302e302f32342d3234203d3e203338373533.roa
File: 32372e3133312e302e302f32342d3234203d3e203338373533.roa (raw, json)
Hash identifier: +NmVBkl37Gik9YV1synuhiAHhYc5k2Sk6aqjOnlseNU=
Subject key identifier: 77:24:40:8D:03:13:A3:33:BB:5D:50:A9:A7:B9:C0:88:80:A1:F5:BE
Certificate issuer: /CN=11C9BA28534BA44999B4BA5D6B0F28E568DF6E14
Certificate serial: 1D3A1EC1C3B1E703284511F4789E45EF503C9E64
Authority key identifier: 11:C9:BA:28:53:4B:A4:49:99:B4:BA:5D:6B:0F:28:E5:68:DF:6E:14
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/32372e3133312e302e302f32342d3234203d3e203338373533.roa
Signing time: Tue 21 Apr 2026 03:00:01 +0000
ROA not before: Tue 21 Apr 2026 02:55:01 +0000
ROA not after: Tue 20 Apr 2027 03:00:01 +0000
asID: 38753
IP address blocks: 27.131.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:3a:1e:c1:c3:b1:e7:03:28:45:11:f4:78:9e:45:ef:50:3c:9e:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11C9BA28534BA44999B4BA5D6B0F28E568DF6E14
Validity
Not Before: Apr 21 02:55:01 2026 GMT
Not After : Apr 20 03:00:01 2027 GMT
Subject: CN=7724408D0313A333BB5D50A9A7B9C08880A1F5BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:91:d2:a1:99:5a:65:4b:0a:1e:07:e5:4b:79:
27:1e:98:fc:38:b7:75:dc:6e:18:d4:ff:d9:e6:2b:
d8:41:a4:63:f1:35:38:66:4e:70:f9:3d:8a:92:64:
30:c5:b6:18:11:8a:27:a3:be:a2:7c:e1:e6:ea:bf:
ea:89:90:97:1e:e1:86:f1:c2:60:8b:6f:a2:fe:36:
c4:77:68:bc:2e:e1:5c:89:a6:a2:ec:a3:9b:c8:89:
80:2f:7c:69:f1:d3:02:24:cb:c0:d5:36:a0:ef:30:
22:92:dd:78:1a:cd:e9:68:2a:a4:08:1d:fa:91:d7:
75:8c:be:80:7f:99:3f:b5:c2:36:70:6b:0f:ac:09:
d8:80:4a:3a:c2:f1:3d:78:ac:09:5a:22:cb:80:0e:
42:9c:16:6e:de:2d:ed:ac:83:c9:7d:93:3e:87:af:
23:e4:7d:a9:27:e1:a9:a1:aa:12:65:d6:aa:a9:ac:
e4:7e:83:54:8e:96:c3:50:57:83:8e:28:4c:97:0b:
6f:cc:09:22:ef:9a:8e:c2:7c:4f:27:5a:10:9e:5b:
73:a2:40:07:50:36:50:ca:c5:76:31:df:ba:fc:44:
b1:e0:0d:c6:0d:eb:5e:7e:41:ba:5c:de:fb:fa:16:
b9:bf:36:0e:56:9d:57:d5:08:b1:a2:a9:b0:14:82:
8d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:24:40:8D:03:13:A3:33:BB:5D:50:A9:A7:B9:C0:88:80:A1:F5:BE
X509v3 Authority Key Identifier:
keyid:11:C9:BA:28:53:4B:A4:49:99:B4:BA:5D:6B:0F:28:E5:68:DF:6E:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/32372e3133312e302e302f32342d3234203d3e203338373533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.131.0.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:50:ce:f4:46:72:b3:a7:c6:a6:c8:7f:9c:98:8b:19:0f:61:
83:58:11:ef:1d:ec:0c:95:2e:8e:c6:45:06:68:79:6d:cd:45:
70:23:9c:8b:30:49:ae:9e:ca:67:bf:97:b6:7b:05:97:6f:f8:
a2:76:93:0f:0d:13:87:8e:f3:67:a7:02:15:f3:16:a7:6f:b6:
ad:50:d8:ff:53:f6:1e:98:f2:ce:17:a4:af:0b:d8:28:d8:5c:
32:20:14:93:7e:81:84:1b:87:83:8d:fe:87:6a:2c:a4:59:4d:
32:dd:6d:63:39:d3:59:7a:d0:86:dc:d4:bd:fd:7d:e8:96:e0:
13:18:3c:9c:e6:14:fe:2f:1a:c3:55:1a:57:af:62:06:b2:ab:
68:04:34:e4:3a:c3:35:6a:09:64:23:ca:74:6f:bd:11:6b:27:
8f:5e:7c:f5:85:2a:55:1a:d1:1e:5c:3c:af:70:5d:ae:a8:94:
fb:18:b7:11:b8:de:af:98:65:14:8f:9e:aa:c9:62:cb:2c:63:
91:96:e3:cf:72:16:13:f6:b3:b7:e4:3d:a7:f4:70:6c:97:04:
30:1d:71:6c:56:60:c8:ea:bf:d9:c0:62:16:e4:e7:9d:84:c9:
0b:cd:78:52:e5:96:6c:23:0b:00:07:28:e3:5e:2e:9f:c4:df:
54:2b:09:dc
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUHToewcOx5wMoRRH0eJ5F71A8nmQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFDOUJBMjg1MzRCQTQ0OTk5QjRCQTVENkIwRjI4RTU2
OERGNkUxNDAeFw0yNjA0MjEwMjU1MDFaFw0yNzA0MjAwMzAwMDFaMDMxMTAvBgNV
BAMTKDc3MjQ0MDhEMDMxM0EzMzNCQjVENTBBOUE3QjlDMDg4ODBBMUY1QkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCikdKhmVplSwoeB+VLeScemPw4
t3XcbhjU/9nmK9hBpGPxNThmTnD5PYqSZDDFthgRiiejvqJ84ebqv+qJkJce4Ybx
wmCLb6L+NsR3aLwu4VyJpqLso5vIiYAvfGnx0wIky8DVNqDvMCKS3XgazeloKqQI
HfqR13WMvoB/mT+1wjZwaw+sCdiASjrC8T14rAlaIsuADkKcFm7eLe2sg8l9kz6H
ryPkfakn4amhqhJl1qqprOR+g1SOlsNQV4OOKEyXC2/MCSLvmo7CfE8nWhCeW3Oi
QAdQNlDKxXYx37r8RLHgDcYN615+Qbpc3vv6Frm/Ng5WnVfVCLGiqbAUgo3RAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUdyRAjQMTozO7XVCpp7nAiICh9b4wHwYDVR0j
BBgwFoAUEcm6KFNLpEmZtLpdaw8o5WjfbhQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
MDZiNjY3My00N2ExLTQ1ZTUtYjZjMi00MmFiOGI0NzYyNDkvMC8xMUM5QkEyODUz
NEJBNDQ5OTlCNEJBNUQ2QjBGMjhFNTY4REY2RTE0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTFDOUJBMjg1MzRCQTQ0OTk5QjRCQTVENkIwRjI4RTU2OERG
NkUxNC5jZXIwgZ0GCCsGAQUFBwELBIGQMIGNMIGKBggrBgEFBQcwC4Z+cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTA2YjY2NzMtNDdhMS00NWU1LWI2
YzItNDJhYjhiNDc2MjQ5LzAvMzIzNzJlMzEzMzMxMmUzMDJlMzAyZjMyMzQyZDMy
MzQyMDNkM2UyMDMzMzgzNzM1MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAbgwAwDQYJKoZIhvcNAQEL
BQADggEBAG9QzvRGcrOnxqbIf5yYixkPYYNYEe8d7AyVLo7GRQZoeW3NRXAjnIsw
Sa6eyme/l7Z7BZdv+KJ2kw8NE4eO82enAhXzFqdvtq1Q2P9T9h6Y8s4XpK8L2CjY
XDIgFJN+gYQbh4ON/odqLKRZTTLdbWM501l60Ibc1L39feiW4BMYPJzmFP4vGsNV
GlevYgayq2gENOQ6wzVqCWQjynRvvRFrJ49efPWFKlUa0R5cPK9wXa6olPsYtxG4
3q+YZRSPnqrJYsssY5GW489yFhP2s7fkPaf0cGyXBDAdcWxWYMjqv9nAYhbk552E
yQvNeFLllmwjCwAHKONeLp/E31QrCdw=
-----END CERTIFICATE-----
Generated at Wed Jun 3 03:18:13 2026 by rpki-client