Route Origin Authorization
$ rpki-client -vvf ca.nat.moe/repo/NATOLAB/2/32332e3234372e3133362e302f32322d3332203d3e2031303239.roa
File: 32332e3234372e3133362e302f32322d3332203d3e2031303239.roa (raw, json)
Hash identifier: B1msDnRAaXdpKjTlc3QpgiqfSBivcVNT7D7j0ZgNZCw=
Subject key identifier: F6:DA:2E:40:1D:4B:B5:08:6B:60:9F:96:9F:9B:04:39:EC:02:5D:D8
Certificate issuer: /CN=5093cbb46f69901c119a2be1083df2aa2b433bba3f960fbc18
Certificate serial: 2C47DD3F8A5698796A14BD9EAE940EB0212EB1FE
Authority key identifier: 16:25:7C:19:66:8C:67:13:C4:01:2B:10:1E:64:62:66:CD:77:B5:0D
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/04c12c6c-ab0e-4d03-b9c8-6c3592368c77/5093cbb46f69901c119a2be1083df2aa2b433bba3f960fbc18.cer
Subject info access: rsync://ca.nat.moe/repo/NATOLAB/2/32332e3234372e3133362e302f32322d3332203d3e2031303239.roa
Signing time: Sat 15 Mar 2025 16:51:53 +0000
ROA not before: Sat 15 Mar 2025 16:46:53 +0000
ROA not after: Sat 14 Mar 2026 16:51:53 +0000
asID: 1029
IP address blocks: 23.247.136.0/22 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:47:dd:3f:8a:56:98:79:6a:14:bd:9e:ae:94:0e:b0:21:2e:b1:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5093cbb46f69901c119a2be1083df2aa2b433bba3f960fbc18
Validity
Not Before: Mar 15 16:46:53 2025 GMT
Not After : Mar 14 16:51:53 2026 GMT
Subject: CN=F6DA2E401D4BB5086B609F969F9B0439EC025DD8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ac:5a:2f:79:78:38:37:0e:97:d3:a4:7d:77:
41:43:d9:e8:26:59:b5:80:d8:5b:bc:54:58:44:98:
85:d2:c6:4c:fe:9a:4e:d9:02:94:c2:e5:7b:6e:66:
75:87:9d:c8:b7:38:c9:4b:e9:4d:82:4b:19:4d:5b:
f8:7a:c2:24:34:72:6d:a3:81:9a:94:dc:3d:69:ee:
55:ed:b0:f3:8d:0a:1c:c1:e8:d6:71:26:45:0e:32:
0a:53:81:1d:ce:e9:d2:53:b2:6a:fc:a2:58:c7:34:
89:d1:d0:56:8c:27:a0:e1:0a:84:8c:67:a2:ac:f8:
7a:7f:11:8f:d9:42:20:e8:36:7b:13:88:19:ca:ca:
7c:e8:e2:7d:8e:b0:2d:ad:67:ac:7c:3f:0d:18:43:
8f:00:1c:c2:55:f3:3b:b3:b4:ff:5b:ea:74:cc:7a:
fa:45:2b:07:f5:d6:47:5b:31:25:c9:6a:9e:e2:42:
b3:1b:63:5d:8a:2e:68:3b:6c:db:98:33:98:6e:29:
28:b8:32:65:31:f6:b5:17:52:f4:c7:52:6a:30:6c:
a9:a2:8a:84:22:7f:1c:1a:22:ac:23:02:7a:16:aa:
8b:68:50:67:bb:30:90:51:a4:ba:dd:53:6a:77:b8:
ee:c5:6a:ba:97:99:01:83:0a:5a:0f:70:c3:c5:8a:
c4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:DA:2E:40:1D:4B:B5:08:6B:60:9F:96:9F:9B:04:39:EC:02:5D:D8
X509v3 Authority Key Identifier:
keyid:16:25:7C:19:66:8C:67:13:C4:01:2B:10:1E:64:62:66:CD:77:B5:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.nat.moe/repo/NATOLAB/2/16257C19668C6713C4012B101E646266CD77B50D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/04c12c6c-ab0e-4d03-b9c8-6c3592368c77/5093cbb46f69901c119a2be1083df2aa2b433bba3f960fbc18.cer
Subject Information Access:
Signed Object - URI:rsync://ca.nat.moe/repo/NATOLAB/2/32332e3234372e3133362e302f32322d3332203d3e2031303239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.247.136.0/22
Signature Algorithm: sha256WithRSAEncryption
13:3a:dc:59:8f:67:b6:ec:d6:3b:50:55:c9:8f:70:87:d6:63:
41:1f:10:77:8c:ff:a4:c6:21:f6:13:b4:67:d1:6b:ba:67:eb:
87:61:01:91:47:1c:c8:32:1a:f6:5a:ac:7f:c5:20:10:7e:58:
88:20:bc:ea:44:b2:36:2e:5b:ce:ca:0c:e1:1a:ea:e6:cf:8d:
f9:2e:44:4b:1f:72:3d:b1:d9:8e:63:97:61:a8:42:39:ff:08:
e3:18:94:51:2a:0f:57:fd:d8:73:9e:c1:11:89:56:11:67:e4:
4c:47:a6:c7:aa:90:87:5c:f7:7b:7c:cf:c3:7e:85:f6:5d:91:
02:65:36:24:20:a6:60:c1:7c:a9:63:68:40:9b:9c:1e:74:76:
41:7f:3b:00:4d:ec:f3:e1:3e:ce:a8:b2:08:c8:e9:4c:cb:54:
33:9d:c5:bf:25:fd:d5:40:f9:6c:1f:61:dc:1a:61:e6:d8:cd:
c2:9f:cb:f5:64:62:77:9e:f7:3c:b5:3e:69:b7:44:c6:37:23:
e1:45:b1:4c:98:6a:aa:83:77:5d:4d:ae:3c:2b:4b:d4:57:8b:
41:30:08:a5:12:4c:a2:ac:cf:6b:0f:c7:61:8e:5d:b2:15:47:
f7:1f:93:1b:b0:fe:3d:c0:30:23:b4:f9:23:19:de:4e:73:27:
15:46:08:29
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULEfdP4pWmHlqFL2erpQOsCEusf4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTA5M2NiYjQ2ZjY5OTAxYzExOWEyYmUxMDgzZGYyYWEy
YjQzM2JiYTNmOTYwZmJjMTgwHhcNMjUwMzE1MTY0NjUzWhcNMjYwMzE0MTY1MTUz
WjAzMTEwLwYDVQQDEyhGNkRBMkU0MDFENEJCNTA4NkI2MDlGOTY5RjlCMDQzOUVD
MDI1REQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qxaL3l4ODcO
l9OkfXdBQ9noJlm1gNhbvFRYRJiF0sZM/ppO2QKUwuV7bmZ1h53ItzjJS+lNgksZ
TVv4esIkNHJto4GalNw9ae5V7bDzjQocwejWcSZFDjIKU4EdzunSU7Jq/KJYxzSJ
0dBWjCeg4QqEjGeirPh6fxGP2UIg6DZ7E4gZysp86OJ9jrAtrWesfD8NGEOPABzC
VfM7s7T/W+p0zHr6RSsH9dZHWzElyWqe4kKzG2Ndii5oO2zbmDOYbikouDJlMfa1
F1L0x1JqMGypooqEIn8cGiKsIwJ6FqqLaFBnuzCQUaS63VNqd7juxWq6l5kBgwpa
D3DDxYrE7QIDAQABo4ICXjCCAlowHQYDVR0OBBYEFPbaLkAdS7UIa2Cflp+bBDns
Al3YMB8GA1UdIwQYMBaAFBYlfBlmjGcTxAErEB5kYmbNd7UNMA4GA1UdDwEB/wQE
AwIHgDBfBgNVHR8EWDBWMFSgUqBQhk5yc3luYzovL2NhLm5hdC5tb2UvcmVwby9O
QVRPTEFCLzIvMTYyNTdDMTk2NjhDNjcxM0M0MDEyQjEwMUU2NDYyNjZDRDc3QjUw
RC5jcmwwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8v
cnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1l
ODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvZjYwYzlmMzItYTg3Yy00MzM5LWEy
ZjMtNjI5OWEzYjAyZTI5LzA0YzEyYzZjLWFiMGUtNGQwMy1iOWM4LTZjMzU5MjM2
OGM3Ny81MDkzY2JiNDZmNjk5MDFjMTE5YTJiZTEwODNkZjJhYTJiNDMzYmJhM2Y5
NjBmYmMxOC5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzov
L2NhLm5hdC5tb2UvcmVwby9OQVRPTEFCLzIvMzIzMzJlMzIzNDM3MmUzMTMzMzYy
ZTMwMmYzMjMyMmQzMzMyMjAzZDNlMjAzMTMwMzIzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAhf3iDAN
BgkqhkiG9w0BAQsFAAOCAQEAEzrcWY9ntuzWO1BVyY9wh9ZjQR8Qd4z/pMYh9hO0
Z9Frumfrh2EBkUccyDIa9lqsf8UgEH5YiCC86kSyNi5bzsoM4Rrq5s+N+S5ESx9y
PbHZjmOXYahCOf8I4xiUUSoPV/3Yc57BEYlWEWfkTEemx6qQh1z3e3zPw36F9l2R
AmU2JCCmYMF8qWNoQJucHnR2QX87AE3s8+E+zqiyCMjpTMtUM53FvyX91UD5bB9h
3Bph5tjNwp/L9WRid573PLU+abdExjcj4UWxTJhqqoN3XU2uPCtL1FeLQTAIpRJM
oqzPaw/HYY5dshVH9x+TG7D+PcAwI7T5IxneTnMnFUYIKQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:35:43 2025 by rpki-client