Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/0d3f095b-7130-4122-af25-7d2e7a11b1b1/0/3230322e35372e32342e302f32332d3233203d3e20313430343639.roa
File: 3230322e35372e32342e302f32332d3233203d3e20313430343639.roa (raw, json)
Hash identifier: qx0GKHW1FS5tHrsvUCVWgH7+ott04Nq/cKPKtOYX9sQ=
Subject key identifier: C7:00:5B:AE:25:E5:DD:FE:AC:87:31:D0:17:2D:03:82:A1:38:17:DE
Certificate issuer: /CN=1F969EE9B0838D22156118A888B81BF27B859BD5
Certificate serial: 6489FD7BE723593027FC8F21197CCEF238417319
Authority key identifier: 1F:96:9E:E9:B0:83:8D:22:15:61:18:A8:88:B8:1B:F2:7B:85:9B:D5
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1F969EE9B0838D22156118A888B81BF27B859BD5.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/0d3f095b-7130-4122-af25-7d2e7a11b1b1/0/3230322e35372e32342e302f32332d3233203d3e20313430343639.roa
Signing time: Mon 04 Nov 2024 15:00:01 +0000
ROA not before: Mon 04 Nov 2024 14:55:01 +0000
ROA not after: Mon 03 Nov 2025 15:00:01 +0000
asID: 140469
IP address blocks: 202.57.24.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:89:fd:7b:e7:23:59:30:27:fc:8f:21:19:7c:ce:f2:38:41:73:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1F969EE9B0838D22156118A888B81BF27B859BD5
Validity
Not Before: Nov 4 14:55:01 2024 GMT
Not After : Nov 3 15:00:01 2025 GMT
Subject: CN=C7005BAE25E5DDFEAC8731D0172D0382A13817DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c0:eb:3f:f1:68:2b:26:fa:d6:90:da:31:53:
18:d3:d5:bb:31:86:bc:29:e3:e0:7c:74:b6:25:f9:
95:04:e0:5d:91:8d:07:37:2f:b3:a3:59:fb:76:54:
e4:50:ee:e9:30:01:a4:c4:ef:d0:68:ea:ba:cf:cc:
74:71:1e:75:13:d8:dd:cd:0d:91:87:7e:99:53:96:
d5:97:09:30:04:a0:29:02:fa:ae:ec:44:b7:2c:cc:
b0:d1:b0:65:b5:3e:cc:0b:54:55:62:db:16:5e:90:
53:70:fa:c4:e6:5d:07:c4:9b:3f:a5:d2:ac:c0:cd:
c1:a2:13:1b:2c:26:1d:0a:e1:d1:ee:18:a3:e7:cd:
cb:bb:37:4e:05:8c:75:64:bb:91:65:ba:9a:b2:2a:
f4:4d:32:cb:24:56:0c:d2:6e:11:03:ae:02:7a:48:
00:07:c2:b7:41:39:da:55:c8:43:f4:51:89:34:f3:
7f:31:1f:91:ce:d4:6f:d9:f5:89:94:1f:76:e1:18:
13:4c:75:60:56:dc:50:cf:d3:7e:a3:94:18:31:1b:
29:c8:99:d7:70:76:0f:d1:44:08:54:6e:a4:b9:7c:
db:47:71:77:21:84:4b:f4:b1:75:4c:d7:8e:d6:24:
15:cf:c5:2e:4c:c7:f7:ec:fb:53:74:32:81:cf:01:
07:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:00:5B:AE:25:E5:DD:FE:AC:87:31:D0:17:2D:03:82:A1:38:17:DE
X509v3 Authority Key Identifier:
keyid:1F:96:9E:E9:B0:83:8D:22:15:61:18:A8:88:B8:1B:F2:7B:85:9B:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/0d3f095b-7130-4122-af25-7d2e7a11b1b1/0/1F969EE9B0838D22156118A888B81BF27B859BD5.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1F969EE9B0838D22156118A888B81BF27B859BD5.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0d3f095b-7130-4122-af25-7d2e7a11b1b1/0/3230322e35372e32342e302f32332d3233203d3e20313430343639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.57.24.0/23
Signature Algorithm: sha256WithRSAEncryption
24:d1:8a:8e:98:32:b0:b3:7e:6f:76:bc:5f:99:6f:31:19:1b:
be:7d:27:4a:06:ee:db:07:4f:12:bf:99:d8:f8:bf:2a:95:b7:
b2:06:56:40:4e:b9:95:9f:31:a2:c8:b1:17:81:6b:78:b8:c1:
ff:8f:e6:be:36:b4:db:90:47:32:92:e6:36:5b:03:87:60:0b:
e8:cb:1a:3d:93:f6:fb:1e:dd:90:4c:9d:98:13:6e:6b:e2:59:
60:dd:95:5c:7c:88:8a:bd:aa:9d:e1:fe:12:6c:22:e0:4e:18:
c5:0c:76:f4:c0:65:88:f6:48:5d:11:70:e2:f9:bf:44:32:e0:
ee:58:d8:09:ac:a2:aa:0c:fe:79:db:d7:d6:86:60:f3:ad:9a:
86:a2:5c:b6:ec:e4:8c:c0:53:4f:17:c2:06:92:64:5c:93:0a:
f6:26:f0:b1:ca:33:ac:87:28:f4:8b:fa:77:87:f7:fa:15:61:
0e:f0:f9:0b:8c:c2:9c:dc:14:7d:25:0e:f3:39:2b:b6:10:45:
b9:53:25:c3:65:60:a2:89:4b:44:95:df:24:bb:ad:94:33:b6:
d0:56:53:d2:82:4c:29:4b:2f:62:5c:dd:c0:95:74:29:00:7b:
b6:3e:42:25:a9:71:c3:33:ed:47:7d:f0:0d:c5:c3:0d:27:c3:
bb:4e:dd:32
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUZIn9e+cjWTAn/I8hGXzO8jhBcxkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUY5NjlFRTlCMDgzOEQyMjE1NjExOEE4ODhCODFCRjI3
Qjg1OUJENTAeFw0yNDExMDQxNDU1MDFaFw0yNTExMDMxNTAwMDFaMDMxMTAvBgNV
BAMTKEM3MDA1QkFFMjVFNURERkVBQzg3MzFEMDE3MkQwMzgyQTEzODE3REUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYwOs/8WgrJvrWkNoxUxjT1bsx
hrwp4+B8dLYl+ZUE4F2RjQc3L7OjWft2VORQ7ukwAaTE79Bo6rrPzHRxHnUT2N3N
DZGHfplTltWXCTAEoCkC+q7sRLcszLDRsGW1PswLVFVi2xZekFNw+sTmXQfEmz+l
0qzAzcGiExssJh0K4dHuGKPnzcu7N04FjHVku5FlupqyKvRNMsskVgzSbhEDrgJ6
SAAHwrdBOdpVyEP0UYk0838xH5HO1G/Z9YmUH3bhGBNMdWBW3FDP036jlBgxGynI
mddwdg/RRAhUbqS5fNtHcXchhEv0sXVM147WJBXPxS5Mx/fs+1N0MoHPAQdzAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUxwBbriXl3f6shzHQFy0DgqE4F94wHwYDVR0j
BBgwFoAUH5ae6bCDjSIVYRioiLgb8nuFm9UwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
ZDNmMDk1Yi03MTMwLTQxMjItYWYyNS03ZDJlN2ExMWIxYjEvMC8xRjk2OUVFOUIw
ODM4RDIyMTU2MTE4QTg4OEI4MUJGMjdCODU5QkQ1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMUY5NjlFRTlCMDgzOEQyMjE1NjExOEE4ODhCODFCRjI3Qjg1
OUJENS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBkM2YwOTViLTcxMzAtNDEyMi1h
ZjI1LTdkMmU3YTExYjFiMS8wLzMyMzAzMjJlMzUzNzJlMzIzNDJlMzAyZjMyMzMy
ZDMyMzMyMDNkM2UyMDMxMzQzMDM0MzYzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAco5GDANBgkqhkiG
9w0BAQsFAAOCAQEAJNGKjpgysLN+b3a8X5lvMRkbvn0nSgbu2wdPEr+Z2Pi/KpW3
sgZWQE65lZ8xosixF4FreLjB/4/mvja025BHMpLmNlsDh2AL6MsaPZP2+x7dkEyd
mBNua+JZYN2VXHyIir2qneH+Emwi4E4YxQx29MBliPZIXRFw4vm/RDLg7ljYCayi
qgz+edvX1oZg862ahqJctuzkjMBTTxfCBpJkXJMK9ibwscozrIco9Iv6d4f3+hVh
DvD5C4zCnNwUfSUO8zkrthBFuVMlw2VgoolLRJXfJLutlDO20FZT0oJMKUsvYlzd
wJV0KQB7tj5CJalxwzPtR33wDcXDDSfDu07dMg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:24:20 2025 by rpki-client