Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/0d3f095b-7130-4122-af25-7d2e7a11b1b1/0/3230322e35372e32302e302f32332d3233203d3e20313431363733.roa
File: 3230322e35372e32302e302f32332d3233203d3e20313431363733.roa (raw, json)
Hash identifier: qNzsGiJwf7XGjGP4j+CDhg7oJnuuTy/kX7unl+wQ3hg=
Subject key identifier: 16:77:B2:74:23:3C:52:15:E3:9F:60:4B:03:8A:C8:0B:E7:F8:8F:3C
Certificate issuer: /CN=1F969EE9B0838D22156118A888B81BF27B859BD5
Certificate serial: 4E7BC04546EC8C65F94C952EB2769907BDD00843
Authority key identifier: 1F:96:9E:E9:B0:83:8D:22:15:61:18:A8:88:B8:1B:F2:7B:85:9B:D5
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1F969EE9B0838D22156118A888B81BF27B859BD5.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/0d3f095b-7130-4122-af25-7d2e7a11b1b1/0/3230322e35372e32302e302f32332d3233203d3e20313431363733.roa
Signing time: Wed 12 Feb 2025 05:00:33 +0000
ROA not before: Wed 12 Feb 2025 04:55:33 +0000
ROA not after: Wed 11 Feb 2026 05:00:33 +0000
asID: 141673
IP address blocks: 202.57.20.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:7b:c0:45:46:ec:8c:65:f9:4c:95:2e:b2:76:99:07:bd:d0:08:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1F969EE9B0838D22156118A888B81BF27B859BD5
Validity
Not Before: Feb 12 04:55:33 2025 GMT
Not After : Feb 11 05:00:33 2026 GMT
Subject: CN=1677B274233C5215E39F604B038AC80BE7F88F3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:86:a2:f4:f0:f3:d8:e5:44:55:88:f8:f9:6d:
0e:78:b9:b2:67:ad:1e:53:b5:a5:d4:32:2c:9a:a2:
95:25:d4:d0:fd:fc:3d:0e:1c:b2:8b:f9:1b:84:b4:
36:78:46:d0:54:12:dd:2b:c1:a0:62:a7:d0:47:93:
03:3d:0f:73:1c:9e:33:1e:13:40:eb:76:f1:12:bf:
38:ca:a0:97:b4:c3:dd:7a:5c:65:6f:e6:d8:1a:92:
19:3e:f0:d9:b7:68:b2:b4:35:a4:a2:3a:3f:04:2b:
82:88:d1:aa:93:be:c6:31:ef:93:ac:b3:dc:67:93:
d7:9a:81:1d:40:f4:eb:fd:b5:a4:39:9e:00:99:6d:
94:2c:8c:56:6d:77:ec:6c:c0:46:75:ce:16:49:dc:
c7:c0:1c:33:8f:fd:8c:5b:9a:ab:a0:39:95:27:d9:
e6:55:16:4c:f6:1d:f1:f1:c9:d2:64:14:a0:9d:4e:
29:04:a4:2c:9d:b3:2e:f5:bf:64:3f:e3:b2:f0:2b:
ae:a3:f3:2a:b4:d2:01:6d:54:6e:1b:53:0b:69:bf:
70:0f:77:58:e7:f0:e4:e2:5a:14:ac:d3:ae:ef:6f:
5c:95:ac:e2:cc:1c:6b:df:50:9e:7a:75:16:08:d3:
af:33:e3:0f:5f:6e:ed:35:2b:09:45:53:b2:62:2f:
c3:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:77:B2:74:23:3C:52:15:E3:9F:60:4B:03:8A:C8:0B:E7:F8:8F:3C
X509v3 Authority Key Identifier:
keyid:1F:96:9E:E9:B0:83:8D:22:15:61:18:A8:88:B8:1B:F2:7B:85:9B:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/0d3f095b-7130-4122-af25-7d2e7a11b1b1/0/1F969EE9B0838D22156118A888B81BF27B859BD5.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1F969EE9B0838D22156118A888B81BF27B859BD5.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0d3f095b-7130-4122-af25-7d2e7a11b1b1/0/3230322e35372e32302e302f32332d3233203d3e20313431363733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.57.20.0/23
Signature Algorithm: sha256WithRSAEncryption
c4:5c:d5:38:a4:4c:5e:ae:e1:e8:e2:da:1f:b0:2d:c6:17:75:
01:94:ef:ce:bb:07:be:a5:e7:99:ab:0f:36:c3:84:59:1d:f8:
a5:56:51:7d:68:e1:8a:0d:c1:15:57:a9:81:d9:e1:42:d1:3e:
67:17:86:3b:c8:9b:d6:b0:18:4c:99:74:b0:8f:78:0d:6f:b5:
9a:ff:db:e3:8b:2d:5a:10:2c:4d:40:67:65:14:c9:6a:73:e3:
fe:f4:b1:89:e1:ed:87:79:34:81:b5:ba:d0:8e:bb:d0:73:89:
9c:af:79:2c:86:3a:3c:45:48:6b:b3:6a:cc:07:fd:be:72:9a:
e0:69:c8:ab:a7:3b:c5:90:1a:ea:43:ab:3e:ba:a6:52:37:3c:
5a:54:ad:9c:04:68:19:39:72:04:69:a4:9a:44:ed:0b:59:e2:
c9:98:b0:18:b9:7c:e6:71:4a:36:aa:9a:8d:bf:c0:cc:da:c6:
6e:52:88:68:cb:25:8a:74:f2:e9:36:38:95:09:5f:8a:56:49:
3d:a3:6d:0f:8b:6a:4f:b5:81:ab:1d:fd:07:d4:9e:ee:7d:7d:
95:32:e2:36:3d:6f:00:01:ce:e8:70:87:c6:bf:0e:0d:72:b5:
71:20:e1:d5:d5:6c:fd:3b:55:51:04:42:84:55:3e:6b:3f:32:
1c:72:a9:35
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUTnvARUbsjGX5TJUusnaZB73QCEMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUY5NjlFRTlCMDgzOEQyMjE1NjExOEE4ODhCODFCRjI3
Qjg1OUJENTAeFw0yNTAyMTIwNDU1MzNaFw0yNjAyMTEwNTAwMzNaMDMxMTAvBgNV
BAMTKDE2NzdCMjc0MjMzQzUyMTVFMzlGNjA0QjAzOEFDODBCRTdGODhGM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDhqL08PPY5URViPj5bQ54ubJn
rR5TtaXUMiyaopUl1ND9/D0OHLKL+RuEtDZ4RtBUEt0rwaBip9BHkwM9D3McnjMe
E0DrdvESvzjKoJe0w916XGVv5tgakhk+8Nm3aLK0NaSiOj8EK4KI0aqTvsYx75Os
s9xnk9eagR1A9Ov9taQ5ngCZbZQsjFZtd+xswEZ1zhZJ3MfAHDOP/YxbmqugOZUn
2eZVFkz2HfHxydJkFKCdTikEpCydsy71v2Q/47LwK66j8yq00gFtVG4bUwtpv3AP
d1jn8OTiWhSs067vb1yVrOLMHGvfUJ56dRYI068z4w9fbu01KwlFU7JiL8PfAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUFneydCM8UhXjn2BLA4rIC+f4jzwwHwYDVR0j
BBgwFoAUH5ae6bCDjSIVYRioiLgb8nuFm9UwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
ZDNmMDk1Yi03MTMwLTQxMjItYWYyNS03ZDJlN2ExMWIxYjEvMC8xRjk2OUVFOUIw
ODM4RDIyMTU2MTE4QTg4OEI4MUJGMjdCODU5QkQ1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMUY5NjlFRTlCMDgzOEQyMjE1NjExOEE4ODhCODFCRjI3Qjg1
OUJENS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBkM2YwOTViLTcxMzAtNDEyMi1h
ZjI1LTdkMmU3YTExYjFiMS8wLzMyMzAzMjJlMzUzNzJlMzIzMDJlMzAyZjMyMzMy
ZDMyMzMyMDNkM2UyMDMxMzQzMTM2MzczMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAco5FDANBgkqhkiG
9w0BAQsFAAOCAQEAxFzVOKRMXq7h6OLaH7Atxhd1AZTvzrsHvqXnmasPNsOEWR34
pVZRfWjhig3BFVepgdnhQtE+ZxeGO8ib1rAYTJl0sI94DW+1mv/b44stWhAsTUBn
ZRTJanPj/vSxieHth3k0gbW60I670HOJnK95LIY6PEVIa7NqzAf9vnKa4GnIq6c7
xZAa6kOrPrqmUjc8WlStnARoGTlyBGmkmkTtC1niyZiwGLl85nFKNqqajb/AzNrG
blKIaMslinTy6TY4lQlfilZJPaNtD4tqT7WBqx39B9Se7n19lTLiNj1vAAHO6HCH
xr8ODXK1cSDh1dVs/TtVUQRChFU+az8yHHKpNQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 20:52:24 2025 by rpki-client