Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/3135372e32302e3232312e302f32342d3234203d3e20313532343236.roa
File: 3135372e32302e3232312e302f32342d3234203d3e20313532343236.roa (raw, json)
Hash identifier: h4eKvxQSRIMrD2t91GjH5fzQW4Tjr+F6OLK3lJkLRQo=
Subject key identifier: A1:8B:0B:3F:C5:3E:70:05:30:0A:E1:5E:DF:36:15:B3:77:D9:BB:36
Certificate issuer: /CN=41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4
Certificate serial: 01F8D518E12C66864CF7795F14622CFD0701E349
Authority key identifier: 41:A4:79:AD:6B:97:4B:50:B9:9A:0D:FC:BE:24:FF:8A:AC:44:18:D4
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/3135372e32302e3232312e302f32342d3234203d3e20313532343236.roa
Signing time: Thu 20 Feb 2025 14:00:01 +0000
ROA not before: Thu 20 Feb 2025 13:55:01 +0000
ROA not after: Thu 19 Feb 2026 14:00:01 +0000
asID: 152426
IP address blocks: 157.20.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:f8:d5:18:e1:2c:66:86:4c:f7:79:5f:14:62:2c:fd:07:01:e3:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4
Validity
Not Before: Feb 20 13:55:01 2025 GMT
Not After : Feb 19 14:00:01 2026 GMT
Subject: CN=A18B0B3FC53E7005300AE15EDF3615B377D9BB36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d0:ac:a9:e6:9e:ee:7e:36:3b:b7:12:ff:80:
50:b2:9b:8f:66:db:1c:67:dd:b7:42:c6:06:03:41:
21:5a:78:75:19:4c:86:62:c1:56:69:b6:62:1d:d9:
a1:14:a4:c6:52:00:78:e2:5f:9e:79:ac:0d:5b:fa:
6e:7e:26:c1:fb:7f:2a:f6:b7:b9:84:cb:6c:d8:be:
ec:ac:63:71:8c:0a:40:95:d5:72:8e:a7:1b:63:fb:
d8:9e:c9:33:84:5f:8e:d4:c8:8b:fc:27:a5:80:27:
8f:8b:33:31:e7:54:3d:a9:d8:32:92:bd:51:38:c2:
9c:48:e1:17:a7:50:a1:85:f4:39:ac:44:37:69:b3:
ad:e3:c8:aa:a0:9e:e6:3b:c5:c6:20:60:0a:23:c6:
c7:5c:36:e7:24:f2:df:5d:e2:6c:b6:c0:f0:b3:0d:
f0:8a:19:5e:e4:98:ab:3e:9b:e1:13:2a:ed:18:1e:
32:92:fd:95:cb:d8:ab:ed:61:83:aa:4b:cb:d6:58:
5b:b7:01:37:b4:7b:cf:34:54:7b:57:22:71:66:06:
4d:42:b9:85:7b:d3:3e:37:ac:3c:23:d5:72:a9:4a:
4b:87:22:09:2d:f8:a0:5c:69:ae:4b:ea:50:f2:9b:
38:01:a6:fe:cd:cd:5d:dd:a3:bf:94:79:80:13:a8:
57:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:8B:0B:3F:C5:3E:70:05:30:0A:E1:5E:DF:36:15:B3:77:D9:BB:36
X509v3 Authority Key Identifier:
keyid:41:A4:79:AD:6B:97:4B:50:B9:9A:0D:FC:BE:24:FF:8A:AC:44:18:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/3135372e32302e3232312e302f32342d3234203d3e20313532343236.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.221.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:a9:9c:cc:bd:3d:8d:33:4d:dd:b5:7d:22:f8:db:e7:ce:f9:
7c:a8:86:2d:c8:0e:34:ea:60:2d:25:3f:d8:27:2f:d9:17:36:
75:ef:98:1e:d8:7e:79:7e:99:59:21:50:c1:d4:d7:4a:1c:6c:
f6:b9:f0:29:e0:88:b4:ae:b6:6a:0a:8d:d0:08:71:b0:b3:36:
10:bf:f0:49:2f:18:6c:ac:c8:1a:18:d0:20:46:77:ae:da:63:
c7:82:2f:26:4c:aa:bf:9d:31:8b:03:62:06:a6:ad:f5:16:9d:
58:f1:80:65:a5:3a:74:90:d0:41:fe:cf:14:d8:1e:ae:8e:aa:
ae:a7:5f:8c:61:ee:a0:17:d8:fa:81:d0:bc:66:57:45:73:09:
6f:03:9d:ad:ba:81:59:9c:bb:d3:68:98:79:6e:2b:49:70:3c:
3f:80:61:b5:b6:51:34:75:1e:1b:c1:52:e2:bf:05:be:59:e8:
25:b2:58:e7:89:17:34:64:45:6d:57:1b:c1:e7:c9:aa:06:c9:
58:88:12:1d:c7:96:a5:1b:53:ca:e3:6a:9e:7f:6b:bd:0e:ae:
72:7f:bc:07:6c:f4:bc:68:78:0c:bd:39:a0:ba:fc:f3:c0:cc:
52:8f:4a:48:0a:42:82:5e:06:d2:ad:e6:20:c7:55:98:e2:5c:
d2:d4:60:a0
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUAfjVGOEsZoZM93lfFGIs/QcB40kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFBNDc5QUQ2Qjk3NEI1MEI5OUEwREZDQkUyNEZGOEFB
QzQ0MThENDAeFw0yNTAyMjAxMzU1MDFaFw0yNjAyMTkxNDAwMDFaMDMxMTAvBgNV
BAMTKEExOEIwQjNGQzUzRTcwMDUzMDBBRTE1RURGMzYxNUIzNzdEOUJCMzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK0Kyp5p7ufjY7txL/gFCym49m
2xxn3bdCxgYDQSFaeHUZTIZiwVZptmId2aEUpMZSAHjiX555rA1b+m5+JsH7fyr2
t7mEy2zYvuysY3GMCkCV1XKOpxtj+9ieyTOEX47UyIv8J6WAJ4+LMzHnVD2p2DKS
vVE4wpxI4RenUKGF9DmsRDdps63jyKqgnuY7xcYgYAojxsdcNuck8t9d4my2wPCz
DfCKGV7kmKs+m+ETKu0YHjKS/ZXL2KvtYYOqS8vWWFu3ATe0e880VHtXInFmBk1C
uYV70z43rDwj1XKpSkuHIgkt+KBcaa5L6lDymzgBpv7NzV3do7+UeYATqFfZAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUoYsLP8U+cAUwCuFe3zYVs3fZuzYwHwYDVR0j
BBgwFoAUQaR5rWuXS1C5mg38viT/iqxEGNQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
ZWRkNGNjYi00MmUzLTRiNzItOTE5My1lOTE4ZTdiMzA2N2QvMC80MUE0NzlBRDZC
OTc0QjUwQjk5QTBERkNCRTI0RkY4QUFDNDQxOEQ0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvNDFBNDc5QUQ2Qjk3NEI1MEI5OUEwREZDQkUyNEZGOEFBQzQ0
MThENC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBlZGQ0Y2NiLTQyZTMtNGI3Mi05
MTkzLWU5MThlN2IzMDY3ZC8wLzMxMzUzNzJlMzIzMDJlMzIzMjMxMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzMjM2LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRTdMA0GCSqG
SIb3DQEBCwUAA4IBAQC8qZzMvT2NM03dtX0i+Nvnzvl8qIYtyA406mAtJT/YJy/Z
FzZ175ge2H55fplZIVDB1NdKHGz2ufAp4Ii0rrZqCo3QCHGwszYQv/BJLxhsrMga
GNAgRneu2mPHgi8mTKq/nTGLA2IGpq31Fp1Y8YBlpTp0kNBB/s8U2B6ujqqup1+M
Ye6gF9j6gdC8ZldFcwlvA52tuoFZnLvTaJh5bitJcDw/gGG1tlE0dR4bwVLivwW+
WeglsljniRc0ZEVtVxvB58mqBslYiBIdx5alG1PK42qef2u9Dq5yf7wHbPS8aHgM
vTmguvzzwMxSj0pICkKCXgbSreYgx1WY4lzS1GCg
-----END CERTIFICATE-----
Generated at Thu Apr 10 01:54:13 2025 by rpki-client