Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/0d3f095b-7130-4122-af25-7d2e7a11b1b1/0/3230322e35372e32312e302f32342d3234203d3e20313431363733.roa
File: 3230322e35372e32312e302f32342d3234203d3e20313431363733.roa (raw, json)
Hash identifier: KyjP36QU2B5WmwOGj/w2MpttC7+1bk2GysORLqVSxsM=
Subject key identifier: 43:97:D6:35:54:88:EE:AA:94:23:7C:0F:7B:3E:49:C0:88:CC:3C:CC
Certificate issuer: /CN=1F969EE9B0838D22156118A888B81BF27B859BD5
Certificate serial: 177FCDFD8AC90DD6A4CFCC496C027B59915F52BC
Authority key identifier: 1F:96:9E:E9:B0:83:8D:22:15:61:18:A8:88:B8:1B:F2:7B:85:9B:D5
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1F969EE9B0838D22156118A888B81BF27B859BD5.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/0d3f095b-7130-4122-af25-7d2e7a11b1b1/0/3230322e35372e32312e302f32342d3234203d3e20313431363733.roa
Signing time: Sun 08 Dec 2024 03:00:01 +0000
ROA not before: Sun 08 Dec 2024 02:55:01 +0000
ROA not after: Sun 07 Dec 2025 03:00:01 +0000
asID: 141673
IP address blocks: 202.57.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:7f:cd:fd:8a:c9:0d:d6:a4:cf:cc:49:6c:02:7b:59:91:5f:52:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1F969EE9B0838D22156118A888B81BF27B859BD5
Validity
Not Before: Dec 8 02:55:01 2024 GMT
Not After : Dec 7 03:00:01 2025 GMT
Subject: CN=4397D6355488EEAA94237C0F7B3E49C088CC3CCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e3:3e:0f:0d:01:f9:7f:4b:8c:bd:12:0a:02:
7c:73:33:39:dc:a0:0c:10:73:59:2a:bb:b6:f3:9e:
4c:4d:a2:8e:1f:42:71:f3:79:8c:3d:18:ae:21:c0:
74:36:50:6b:e7:26:53:eb:4c:a3:75:18:d4:67:10:
a1:be:60:ae:05:0e:ee:61:f7:2c:b7:45:3b:e7:78:
5e:85:55:da:87:ab:b2:5b:6a:7e:77:05:df:8a:67:
68:77:d4:66:8e:5f:77:7f:38:de:9b:0d:a4:1b:9e:
b9:c1:27:9e:e9:bd:5e:9c:72:06:fb:fe:f4:00:11:
17:27:81:52:f2:ea:a3:b4:c0:52:68:43:6a:05:a5:
bb:db:f6:71:6b:ef:98:ee:03:75:2b:f3:72:88:da:
72:f2:fe:61:8f:89:54:f1:2b:21:97:b8:26:a3:9f:
ca:c5:be:fb:61:47:a7:26:1a:5c:aa:36:1d:36:bf:
7d:77:e8:56:84:8a:d9:5c:31:4f:39:be:1e:f4:92:
8c:2e:3f:6b:e1:03:72:b9:36:a7:03:2c:c7:0e:b3:
89:ee:a9:bb:ab:a0:52:47:ca:47:9c:32:80:3a:53:
78:fd:1d:11:f3:a0:21:f2:4a:ef:93:90:c8:ee:c4:
d0:1e:0e:21:63:25:90:de:37:a2:c7:e2:84:d7:32:
d5:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:97:D6:35:54:88:EE:AA:94:23:7C:0F:7B:3E:49:C0:88:CC:3C:CC
X509v3 Authority Key Identifier:
keyid:1F:96:9E:E9:B0:83:8D:22:15:61:18:A8:88:B8:1B:F2:7B:85:9B:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/0d3f095b-7130-4122-af25-7d2e7a11b1b1/0/1F969EE9B0838D22156118A888B81BF27B859BD5.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1F969EE9B0838D22156118A888B81BF27B859BD5.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0d3f095b-7130-4122-af25-7d2e7a11b1b1/0/3230322e35372e32312e302f32342d3234203d3e20313431363733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.57.21.0/24
Signature Algorithm: sha256WithRSAEncryption
57:49:22:2b:fa:84:b0:52:e0:a7:5d:3d:a9:05:59:a9:29:50:
29:f9:ea:ac:26:22:c1:8b:09:29:27:58:e9:34:93:cf:03:ad:
b5:68:58:fc:dc:18:54:5a:d1:16:fd:41:a5:49:94:46:00:0c:
34:5d:4b:f9:9f:36:55:a5:10:0b:38:71:47:bc:14:81:e9:7b:
67:61:f3:4e:4d:16:9d:d7:18:8e:26:79:e1:80:b8:d4:52:68:
92:b9:8e:bd:05:18:54:1b:5a:d9:b1:76:f6:a0:f8:6f:0a:54:
22:20:5d:79:4a:f1:c9:31:36:1f:46:51:b2:77:33:7d:5a:75:
77:29:67:61:e7:78:7f:30:f8:fb:62:74:5c:f0:29:a9:1a:73:
43:6d:95:62:28:3c:2a:1c:fa:ff:0f:a8:8b:0e:aa:6f:e8:c9:
fb:30:3d:11:10:fc:3e:2a:a8:f0:84:d4:1b:3c:27:a5:f9:72:
63:08:d1:d6:f7:5f:77:7e:2c:3c:82:10:36:54:83:f8:72:10:
fb:a2:6c:5b:95:6c:98:00:11:91:1f:df:df:99:5c:07:db:64:
28:20:ff:00:d0:bc:e9:56:5e:1e:f8:3c:08:cf:35:a3:60:06:
99:32:2e:ad:db:b4:04:cc:d1:d7:f3:2d:c3:45:be:5d:1e:73:
00:f7:6f:b4
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUF3/N/YrJDdakz8xJbAJ7WZFfUrwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUY5NjlFRTlCMDgzOEQyMjE1NjExOEE4ODhCODFCRjI3
Qjg1OUJENTAeFw0yNDEyMDgwMjU1MDFaFw0yNTEyMDcwMzAwMDFaMDMxMTAvBgNV
BAMTKDQzOTdENjM1NTQ4OEVFQUE5NDIzN0MwRjdCM0U0OUMwODhDQzNDQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH4z4PDQH5f0uMvRIKAnxzMznc
oAwQc1kqu7bznkxNoo4fQnHzeYw9GK4hwHQ2UGvnJlPrTKN1GNRnEKG+YK4FDu5h
9yy3RTvneF6FVdqHq7Jban53Bd+KZ2h31GaOX3d/ON6bDaQbnrnBJ57pvV6ccgb7
/vQAERcngVLy6qO0wFJoQ2oFpbvb9nFr75juA3Ur83KI2nLy/mGPiVTxKyGXuCaj
n8rFvvthR6cmGlyqNh02v3136FaEitlcMU85vh70kowuP2vhA3K5NqcDLMcOs4nu
qburoFJHykecMoA6U3j9HRHzoCHySu+TkMjuxNAeDiFjJZDeN6LH4oTXMtVjAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUQ5fWNVSI7qqUI3wPez5JwIjMPMwwHwYDVR0j
BBgwFoAUH5ae6bCDjSIVYRioiLgb8nuFm9UwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
ZDNmMDk1Yi03MTMwLTQxMjItYWYyNS03ZDJlN2ExMWIxYjEvMC8xRjk2OUVFOUIw
ODM4RDIyMTU2MTE4QTg4OEI4MUJGMjdCODU5QkQ1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMUY5NjlFRTlCMDgzOEQyMjE1NjExOEE4ODhCODFCRjI3Qjg1
OUJENS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBkM2YwOTViLTcxMzAtNDEyMi1h
ZjI1LTdkMmU3YTExYjFiMS8wLzMyMzAzMjJlMzUzNzJlMzIzMTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzQzMTM2MzczMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMo5FTANBgkqhkiG
9w0BAQsFAAOCAQEAV0kiK/qEsFLgp109qQVZqSlQKfnqrCYiwYsJKSdY6TSTzwOt
tWhY/NwYVFrRFv1BpUmURgAMNF1L+Z82VaUQCzhxR7wUgel7Z2HzTk0WndcYjiZ5
4YC41FJokrmOvQUYVBta2bF29qD4bwpUIiBdeUrxyTE2H0ZRsnczfVp1dylnYed4
fzD4+2J0XPApqRpzQ22VYig8Khz6/w+oiw6qb+jJ+zA9ERD8Piqo8ITUGzwnpfly
YwjR1vdfd34sPIIQNlSD+HIQ+6JsW5VsmAARkR/f35lcB9tkKCD/ANC86VZeHvg8
CM81o2AGmTIurdu0BMzR1/Mtw0W+XR5zAPdvtA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:39:03 2025 by rpki-client