Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/af6d185e-d4f4-4820-b4b6-798c307ad7e5/0/3136302e32302e3232322e302f32342d3234203d3e20313338303737.roa
File: 3136302e32302e3232322e302f32342d3234203d3e20313338303737.roa (raw, json)
Hash identifier: Khtj9hE0U7S7GxsTQLAztRkAFMW84uHyWmMZ0EjXpnw=
Subject key identifier: A7:6D:A3:6B:9F:77:07:AC:09:60:20:BA:DF:B3:ED:BE:DE:EA:C7:2B
Certificate issuer: /CN=B877CD1C542C3DE2CBB8EF151F179B857E9376E4
Certificate serial: 64EAF419B55350FC2CED28D2CAA7A6D58323C813
Authority key identifier: B8:77:CD:1C:54:2C:3D:E2:CB:B8:EF:15:1F:17:9B:85:7E:93:76:E4
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B877CD1C542C3DE2CBB8EF151F179B857E9376E4.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/af6d185e-d4f4-4820-b4b6-798c307ad7e5/0/3136302e32302e3232322e302f32342d3234203d3e20313338303737.roa
Signing time: Thu 12 Dec 2024 07:00:01 +0000
ROA not before: Thu 12 Dec 2024 06:55:01 +0000
ROA not after: Thu 11 Dec 2025 07:00:01 +0000
asID: 138077
IP address blocks: 160.20.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:ea:f4:19:b5:53:50:fc:2c:ed:28:d2:ca:a7:a6:d5:83:23:c8:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B877CD1C542C3DE2CBB8EF151F179B857E9376E4
Validity
Not Before: Dec 12 06:55:01 2024 GMT
Not After : Dec 11 07:00:01 2025 GMT
Subject: CN=A76DA36B9F7707AC096020BADFB3EDBEDEEAC72B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:2a:59:fb:2e:48:15:d5:52:45:51:b1:89:22:
3a:82:9e:f5:20:36:3f:c9:a2:09:3f:d7:78:e4:ed:
2b:69:e3:7b:2d:7e:74:79:e7:62:ec:64:57:0c:f4:
5f:70:d8:26:d6:3a:8d:6d:fc:53:0a:f2:db:df:3e:
b1:85:a6:57:f8:0e:91:c6:1a:2c:c1:f6:a2:a9:4a:
b1:a7:cc:40:37:ba:bf:8f:12:24:ef:92:d1:9e:ea:
b7:c7:6f:4b:4a:3c:7b:63:f8:d4:8f:ac:2d:03:eb:
d9:09:f5:2a:df:7b:15:a9:95:ae:17:b2:25:4b:32:
72:dc:22:bc:6f:57:a1:a1:4a:d4:d4:3b:11:ba:9e:
e8:01:cb:44:6b:20:67:73:90:ff:9f:5c:c2:19:e9:
29:68:89:24:58:4f:48:22:a2:2c:e5:9f:49:50:b2:
80:d6:f4:21:1b:ae:9a:cb:ee:54:7a:a3:8c:4f:a7:
06:bf:30:00:ad:e4:04:ee:27:7f:37:e9:b1:8e:97:
e1:e8:94:60:41:77:2d:4d:a0:f6:4c:89:f7:31:3f:
4d:27:e9:bd:0c:cd:2f:30:7f:44:f6:f5:a6:1f:53:
d9:45:e0:fc:0b:6a:65:2a:9d:e8:ca:d2:11:aa:0c:
7e:48:ad:7e:29:a5:29:da:52:f0:c6:25:97:4d:01:
7e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:6D:A3:6B:9F:77:07:AC:09:60:20:BA:DF:B3:ED:BE:DE:EA:C7:2B
X509v3 Authority Key Identifier:
keyid:B8:77:CD:1C:54:2C:3D:E2:CB:B8:EF:15:1F:17:9B:85:7E:93:76:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/af6d185e-d4f4-4820-b4b6-798c307ad7e5/0/B877CD1C542C3DE2CBB8EF151F179B857E9376E4.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B877CD1C542C3DE2CBB8EF151F179B857E9376E4.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/af6d185e-d4f4-4820-b4b6-798c307ad7e5/0/3136302e32302e3232322e302f32342d3234203d3e20313338303737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.20.222.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:5b:47:57:15:92:93:12:b1:3e:de:e8:d9:d4:fe:c2:28:78:
3b:88:a8:fd:b8:05:b6:45:a1:8b:e6:ee:19:15:7d:ea:79:26:
ca:eb:bb:dc:d4:51:d6:71:82:27:d5:e0:fe:dc:b2:0a:87:63:
76:d3:98:0a:28:b7:7c:29:55:8a:e9:69:7e:3e:de:5d:10:3a:
d9:cf:e8:09:e8:44:c5:7c:24:79:b1:95:76:80:91:52:c2:00:
54:ca:3e:f6:8f:78:f7:74:49:a5:f8:0c:fd:d6:3c:73:a6:7e:
0e:05:9b:eb:07:cd:ba:cf:3e:03:fe:fb:61:62:c0:bb:73:ad:
14:d7:6a:a6:81:bd:65:03:44:31:c4:9c:7e:32:0b:e5:65:ff:
1e:fc:3b:1d:19:97:88:75:4f:40:ac:25:1a:98:37:95:5f:46:
4c:03:1a:e6:b6:f5:87:46:48:a9:ca:03:a7:42:04:68:9c:d6:
46:6b:6b:6c:18:c3:af:bb:2b:f2:dc:88:50:9b:a9:aa:59:49:
ca:c0:a2:39:11:b0:e8:b3:20:ca:08:ba:bd:49:6b:da:77:21:
37:0d:b5:42:be:3e:fc:13:01:87:d6:a0:58:cb:b3:bf:03:a9:
3a:fc:41:1f:78:92:30:f4:7d:71:cb:18:9d:08:9e:19:67:b5:
91:ff:e3:0f
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUZOr0GbVTUPws7SjSyqem1YMjyBMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjg3N0NEMUM1NDJDM0RFMkNCQjhFRjE1MUYxNzlCODU3
RTkzNzZFNDAeFw0yNDEyMTIwNjU1MDFaFw0yNTEyMTEwNzAwMDFaMDMxMTAvBgNV
BAMTKEE3NkRBMzZCOUY3NzA3QUMwOTYwMjBCQURGQjNFREJFREVFQUM3MkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmKln7LkgV1VJFUbGJIjqCnvUg
Nj/Jogk/13jk7Stp43stfnR552LsZFcM9F9w2CbWOo1t/FMK8tvfPrGFplf4DpHG
GizB9qKpSrGnzEA3ur+PEiTvktGe6rfHb0tKPHtj+NSPrC0D69kJ9SrfexWpla4X
siVLMnLcIrxvV6GhStTUOxG6nugBy0RrIGdzkP+fXMIZ6SloiSRYT0gioizln0lQ
soDW9CEbrprL7lR6o4xPpwa/MACt5ATuJ3836bGOl+HolGBBdy1NoPZMifcxP00n
6b0MzS8wf0T29aYfU9lF4PwLamUqnejK0hGqDH5IrX4ppSnaUvDGJZdNAX4fAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUp22ja593B6wJYCC637Ptvt7qxyswHwYDVR0j
BBgwFoAUuHfNHFQsPeLLuO8VHxebhX6TduQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ZjZkMTg1ZS1kNGY0LTQ4MjAtYjRiNi03OThjMzA3YWQ3ZTUvMC9CODc3Q0QxQzU0
MkMzREUyQ0JCOEVGMTUxRjE3OUI4NTdFOTM3NkU0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjg3N0NEMUM1NDJDM0RFMkNCQjhFRjE1MUYxNzlCODU3RTkz
NzZFNC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2FmNmQxODVlLWQ0ZjQtNDgyMC1i
NGI2LTc5OGMzMDdhZDdlNS8wLzMxMzYzMDJlMzIzMDJlMzIzMjMyMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzM4MzAzNzM3LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoBTeMA0GCSqG
SIb3DQEBCwUAA4IBAQCwW0dXFZKTErE+3ujZ1P7CKHg7iKj9uAW2RaGL5u4ZFX3q
eSbK67vc1FHWcYIn1eD+3LIKh2N205gKKLd8KVWK6Wl+Pt5dEDrZz+gJ6ETFfCR5
sZV2gJFSwgBUyj72j3j3dEml+Az91jxzpn4OBZvrB826zz4D/vthYsC7c60U12qm
gb1lA0QxxJx+MgvlZf8e/DsdGZeIdU9ArCUamDeVX0ZMAxrmtvWHRkipygOnQgRo
nNZGa2tsGMOvuyvy3IhQm6mqWUnKwKI5EbDosyDKCLq9SWvadyE3DbVCvj78EwGH
1qBYy7O/A6k6/EEfeJIw9H1xyxidCJ4ZZ7WR/+MP
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:19:44 2025 by rpki-client