Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/042344be-f9fb-4634-92d6-894dd538cadf/0/3131392e31302e3138312e302f32342d3234203d3e203234353330.roa
File: 3131392e31302e3138312e302f32342d3234203d3e203234353330.roa (raw, json)
Hash identifier: naA5lUlBRat5ef0vI8voPPjFrMHR9bpoQ6w5VRUzIn0=
Subject key identifier: 2C:7A:A1:D9:8E:2C:D9:EE:31:F6:71:A2:E0:89:72:96:0C:57:FC:B6
Certificate issuer: /CN=6F6A3530198A9B7657A636FECCFB39F3BF71FB40
Certificate serial: 3A8C87C981344C617825A5CA987F578A31DDF47D
Authority key identifier: 6F:6A:35:30:19:8A:9B:76:57:A6:36:FE:CC:FB:39:F3:BF:71:FB:40
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6F6A3530198A9B7657A636FECCFB39F3BF71FB40.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/042344be-f9fb-4634-92d6-894dd538cadf/0/3131392e31302e3138312e302f32342d3234203d3e203234353330.roa
Signing time: Tue 03 Sep 2024 13:00:02 +0000
ROA not before: Tue 03 Sep 2024 12:55:02 +0000
ROA not after: Tue 02 Sep 2025 13:00:02 +0000
asID: 24530
IP address blocks: 119.10.181.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:8c:87:c9:81:34:4c:61:78:25:a5:ca:98:7f:57:8a:31:dd:f4:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6F6A3530198A9B7657A636FECCFB39F3BF71FB40
Validity
Not Before: Sep 3 12:55:02 2024 GMT
Not After : Sep 2 13:00:02 2025 GMT
Subject: CN=2C7AA1D98E2CD9EE31F671A2E08972960C57FCB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:01:f8:e2:71:82:a8:62:64:aa:67:52:44:b1:
76:6d:35:a2:0c:cc:d1:46:38:05:86:76:11:63:bb:
af:c6:d5:fa:87:dd:71:f2:22:9c:63:03:da:ea:a6:
50:93:25:99:2f:56:63:3d:cb:d6:a1:4a:ae:18:38:
9d:79:e7:ea:df:d1:ca:06:5d:59:53:18:06:3b:d2:
5d:c0:c7:79:55:5e:cf:63:c9:ef:91:5b:76:9f:e6:
8f:2c:e9:32:a7:d8:57:8c:82:35:34:30:6e:c9:98:
c4:7c:1f:22:b4:1a:1d:81:c7:3d:e7:55:da:d6:16:
e2:5c:ad:31:a4:4a:32:88:ea:8f:d1:0a:d2:1b:dd:
d4:18:9b:ca:f4:b9:2d:a9:e9:0b:59:e7:ac:e9:fc:
1a:e9:b7:70:20:9f:cb:15:c1:a7:d5:95:d0:5f:ab:
14:cc:aa:c3:46:ac:ad:1d:e9:2e:24:eb:59:23:4a:
dd:53:85:37:b8:10:a3:8f:a0:30:6c:47:86:eb:3f:
eb:e1:bb:e7:47:f8:53:86:32:ec:ff:df:fe:7d:94:
f0:a4:d7:61:56:59:dd:76:a7:6f:36:08:c8:7c:54:
20:18:6d:0e:48:c4:1b:19:bf:25:59:94:50:6c:a7:
b7:ca:5b:f3:49:4e:ef:c8:ba:4b:d0:99:3a:8e:40:
12:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:7A:A1:D9:8E:2C:D9:EE:31:F6:71:A2:E0:89:72:96:0C:57:FC:B6
X509v3 Authority Key Identifier:
keyid:6F:6A:35:30:19:8A:9B:76:57:A6:36:FE:CC:FB:39:F3:BF:71:FB:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/042344be-f9fb-4634-92d6-894dd538cadf/0/6F6A3530198A9B7657A636FECCFB39F3BF71FB40.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6F6A3530198A9B7657A636FECCFB39F3BF71FB40.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/042344be-f9fb-4634-92d6-894dd538cadf/0/3131392e31302e3138312e302f32342d3234203d3e203234353330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
119.10.181.0/24
Signature Algorithm: sha256WithRSAEncryption
32:2c:80:9c:ce:59:b6:93:4d:fd:57:69:01:26:d9:3e:cc:6a:
b8:17:cd:8f:18:73:99:c8:e5:ec:89:f8:3e:58:72:c4:1a:0b:
af:0d:c1:f1:d4:08:bc:a6:c4:e4:23:10:a4:29:68:8d:1a:a4:
b8:a2:6c:6f:61:d9:e8:c7:ec:a4:22:30:37:dd:16:b8:9d:1e:
79:7b:1b:2c:79:dd:9d:41:a1:e4:51:01:bd:14:20:99:f8:1b:
4a:b8:21:ce:d5:c7:fb:5e:37:96:66:e7:a2:45:53:c7:d1:d4:
63:60:5d:1d:c7:0f:c4:6e:ee:33:63:5f:44:e7:e0:6f:6b:59:
3f:4f:0a:79:d2:4c:cd:ac:0d:94:81:58:8e:ba:19:c9:d2:38:
3e:4f:61:c8:32:5e:17:a4:bf:f1:e8:16:55:5a:51:6b:00:87:
28:e8:d3:fb:73:ca:9c:68:77:07:d8:6c:40:47:78:e5:0d:cb:
12:39:00:e3:ba:e0:70:fb:9e:63:ba:77:40:4c:90:07:90:4b:
a4:4b:db:ad:d1:fb:4a:33:f5:32:cc:69:8d:63:e4:98:1d:d9:
0d:d9:a6:7c:8a:4a:ba:87:3a:6f:0f:1a:52:43:b0:76:41:72:
e5:c0:ef:4c:d4:08:a6:65:99:a7:fa:09:e2:4f:4a:2f:4c:2d:
65:96:f5:04
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUOoyHyYE0TGF4JaXKmH9XijHd9H0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkY2QTM1MzAxOThBOUI3NjU3QTYzNkZFQ0NGQjM5RjNC
RjcxRkI0MDAeFw0yNDA5MDMxMjU1MDJaFw0yNTA5MDIxMzAwMDJaMDMxMTAvBgNV
BAMTKDJDN0FBMUQ5OEUyQ0Q5RUUzMUY2NzFBMkUwODk3Mjk2MEM1N0ZDQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIAfjicYKoYmSqZ1JEsXZtNaIM
zNFGOAWGdhFju6/G1fqH3XHyIpxjA9rqplCTJZkvVmM9y9ahSq4YOJ155+rf0coG
XVlTGAY70l3Ax3lVXs9jye+RW3af5o8s6TKn2FeMgjU0MG7JmMR8HyK0Gh2Bxz3n
VdrWFuJcrTGkSjKI6o/RCtIb3dQYm8r0uS2p6QtZ56zp/Brpt3Agn8sVwafVldBf
qxTMqsNGrK0d6S4k61kjSt1ThTe4EKOPoDBsR4brP+vhu+dH+FOGMuz/3/59lPCk
12FWWd12p282CMh8VCAYbQ5IxBsZvyVZlFBsp7fKW/NJTu/IukvQmTqOQBKtAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQULHqh2Y4s2e4x9nGi4IlylgxX/LYwHwYDVR0j
BBgwFoAUb2o1MBmKm3ZXpjb+zPs5879x+0AwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
NDIzNDRiZS1mOWZiLTQ2MzQtOTJkNi04OTRkZDUzOGNhZGYvMC82RjZBMzUzMDE5
OEE5Qjc2NTdBNjM2RkVDQ0ZCMzlGM0JGNzFGQjQwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNkY2QTM1MzAxOThBOUI3NjU3QTYzNkZFQ0NGQjM5RjNCRjcx
RkI0MC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA0MjM0NGJlLWY5ZmItNDYzNC05
MmQ2LTg5NGRkNTM4Y2FkZi8wLzMxMzEzOTJlMzEzMDJlMzEzODMxMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzIzNDM1MzMzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHcKtTANBgkqhkiG
9w0BAQsFAAOCAQEAMiyAnM5ZtpNN/VdpASbZPsxquBfNjxhzmcjl7In4PlhyxBoL
rw3B8dQIvKbE5CMQpClojRqkuKJsb2HZ6MfspCIwN90WuJ0eeXsbLHndnUGh5FEB
vRQgmfgbSrghztXH+143lmbnokVTx9HUY2BdHccPxG7uM2NfROfgb2tZP08KedJM
zawNlIFYjroZydI4Pk9hyDJeF6S/8egWVVpRawCHKOjT+3PKnGh3B9hsQEd45Q3L
EjkA47rgcPueY7p3QEyQB5BLpEvbrdH7SjP1MsxpjWPkmB3ZDdmmfIpKuoc6bw8a
UkOwdkFy5cDvTNQIpmWZp/oJ4k9KL0wtZZb1BA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:40:17 2025 by rpki-client