Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/17a2d25b-cb18-45be-9fa1-154ca1579223/0/3133372e35392e3136312e302f32342d3234203d3e203536323432.roa
File: 3133372e35392e3136312e302f32342d3234203d3e203536323432.roa (raw, json)
Hash identifier: 8kcmZ4RG24jB44cBv71IJKv0c+Dtp9Ygk9nrjPzZQxo=
Subject key identifier: EE:29:24:78:85:B6:A1:11:2A:E8:87:73:B9:01:8B:37:47:30:3E:BB
Certificate issuer: /CN=8469874AE268E2CD4E9A137EDD5599C748530E9E
Certificate serial: 20F227FC6B5DC76602DC3AA0F4447037D56BA682
Authority key identifier: 84:69:87:4A:E2:68:E2:CD:4E:9A:13:7E:DD:55:99:C7:48:53:0E:9E
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8469874AE268E2CD4E9A137EDD5599C748530E9E.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/17a2d25b-cb18-45be-9fa1-154ca1579223/0/3133372e35392e3136312e302f32342d3234203d3e203536323432.roa
Signing time: Sat 11 Jan 2025 08:00:00 +0000
ROA not before: Sat 11 Jan 2025 07:55:00 +0000
ROA not after: Sat 10 Jan 2026 08:00:00 +0000
asID: 56242
IP address blocks: 137.59.161.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:f2:27:fc:6b:5d:c7:66:02:dc:3a:a0:f4:44:70:37:d5:6b:a6:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8469874AE268E2CD4E9A137EDD5599C748530E9E
Validity
Not Before: Jan 11 07:55:00 2025 GMT
Not After : Jan 10 08:00:00 2026 GMT
Subject: CN=EE29247885B6A1112AE88773B9018B3747303EBB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:69:46:1c:03:aa:89:28:12:d7:ed:30:32:3d:
8f:46:bb:7b:1c:45:19:e8:9d:17:2d:ab:c1:31:b8:
2e:d4:47:ea:48:86:16:c8:94:f8:c8:e0:e6:54:98:
e1:9f:4c:5c:ec:6a:25:a9:c9:2a:6c:2b:62:db:04:
24:f8:96:15:06:f7:dd:b8:bb:7c:de:0f:6c:05:cf:
8a:8c:8e:79:5a:af:6f:39:0c:53:bd:0b:f6:72:af:
66:50:b5:ad:bb:77:e8:ae:dc:16:37:c1:5e:a2:bd:
bf:df:bb:4f:25:97:85:ae:5d:63:2d:8d:4d:88:f7:
d4:79:fc:35:9d:5a:36:cc:33:5f:df:28:e9:6b:16:
1c:f4:3e:e0:73:5e:b9:c1:fe:96:05:e0:fc:cd:fe:
b9:5c:89:a7:5d:24:c7:81:72:0e:ab:89:4f:7b:ec:
76:0f:da:7e:77:28:99:e3:7e:b5:2a:02:33:57:48:
42:dd:f2:11:27:d2:51:48:b4:7d:b0:e1:4a:69:a4:
fe:9b:a3:11:7d:9b:8e:da:ef:9c:9a:be:45:d8:07:
57:29:c2:1a:b4:2c:3d:df:2d:c7:00:93:6b:ce:c9:
49:25:cb:32:eb:48:30:c4:68:e8:20:2b:86:89:24:
ae:d8:95:95:55:f1:0b:e4:40:9e:24:c1:f1:65:44:
a3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:29:24:78:85:B6:A1:11:2A:E8:87:73:B9:01:8B:37:47:30:3E:BB
X509v3 Authority Key Identifier:
keyid:84:69:87:4A:E2:68:E2:CD:4E:9A:13:7E:DD:55:99:C7:48:53:0E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/17a2d25b-cb18-45be-9fa1-154ca1579223/0/8469874AE268E2CD4E9A137EDD5599C748530E9E.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8469874AE268E2CD4E9A137EDD5599C748530E9E.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/17a2d25b-cb18-45be-9fa1-154ca1579223/0/3133372e35392e3136312e302f32342d3234203d3e203536323432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.59.161.0/24
Signature Algorithm: sha256WithRSAEncryption
51:e7:8e:d9:52:2c:86:ba:6f:5e:fc:3d:c2:d1:bb:d0:a8:f2:
07:c6:fc:c5:db:fc:d8:6a:5b:49:f8:4f:26:16:44:42:31:a7:
fb:a2:ab:61:05:aa:ad:64:54:36:99:0a:32:15:ae:aa:bb:0c:
69:87:15:73:af:e1:d1:5f:21:3a:4b:99:d1:ee:37:22:60:dc:
88:fe:ab:ed:57:b0:4d:65:a2:83:7c:8c:52:3f:cf:69:d4:00:
39:e1:88:3a:fc:8b:80:60:c3:04:8b:ad:80:94:3d:74:07:0a:
81:73:b3:6d:88:91:bb:39:9e:2f:97:8b:2a:86:1b:1c:42:06:
32:d8:f9:98:c6:27:7d:b8:ca:fb:61:cf:18:2e:49:49:26:d3:
df:a6:59:6c:c3:c9:21:ba:0f:4a:93:f4:ab:c6:2c:34:1b:60:
58:b0:ad:1a:7b:a5:a1:9f:dc:02:f5:6c:39:f9:86:a7:c2:45:
1b:ad:4f:54:dc:c9:ae:0a:ed:3a:3e:8e:b2:35:31:b8:c2:7f:
a2:ef:22:56:ad:20:ec:8a:87:58:85:3c:a6:82:63:cb:e8:2b:
e2:f1:b6:f8:e1:da:db:ae:9c:2d:d2:c6:8f:b3:91:d3:4c:72:
5e:4e:7d:1e:4a:a6:b8:3c:81:93:63:9b:d9:c3:ff:86:f3:a4:
f5:85:87:64
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUIPIn/Gtdx2YC3Dqg9ERwN9VrpoIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ2OTg3NEFFMjY4RTJDRDRFOUExMzdFREQ1NTk5Qzc0
ODUzMEU5RTAeFw0yNTAxMTEwNzU1MDBaFw0yNjAxMTAwODAwMDBaMDMxMTAvBgNV
BAMTKEVFMjkyNDc4ODVCNkExMTEyQUU4ODc3M0I5MDE4QjM3NDczMDNFQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcaUYcA6qJKBLX7TAyPY9Gu3sc
RRnonRctq8ExuC7UR+pIhhbIlPjI4OZUmOGfTFzsaiWpySpsK2LbBCT4lhUG9924
u3zeD2wFz4qMjnlar285DFO9C/Zyr2ZQta27d+iu3BY3wV6ivb/fu08ll4WuXWMt
jU2I99R5/DWdWjbMM1/fKOlrFhz0PuBzXrnB/pYF4PzN/rlciaddJMeBcg6riU97
7HYP2n53KJnjfrUqAjNXSELd8hEn0lFItH2w4UpppP6boxF9m47a75yavkXYB1cp
whq0LD3fLccAk2vOyUklyzLrSDDEaOggK4aJJK7YlZVV8QvkQJ4kwfFlRKO5AgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU7ikkeIW2oREq6IdzuQGLN0cwPrswHwYDVR0j
BBgwFoAUhGmHSuJo4s1OmhN+3VWZx0hTDp4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
N2EyZDI1Yi1jYjE4LTQ1YmUtOWZhMS0xNTRjYTE1NzkyMjMvMC84NDY5ODc0QUUy
NjhFMkNENEU5QTEzN0VERDU1OTlDNzQ4NTMwRTlFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvODQ2OTg3NEFFMjY4RTJDRDRFOUExMzdFREQ1NTk5Qzc0ODUz
MEU5RS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE3YTJkMjViLWNiMTgtNDViZS05
ZmExLTE1NGNhMTU3OTIyMy8wLzMxMzMzNzJlMzUzOTJlMzEzNjMxMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzUzNjMyMzQzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIk7oTANBgkqhkiG
9w0BAQsFAAOCAQEAUeeO2VIshrpvXvw9wtG70KjyB8b8xdv82GpbSfhPJhZEQjGn
+6KrYQWqrWRUNpkKMhWuqrsMaYcVc6/h0V8hOkuZ0e43ImDciP6r7VewTWWig3yM
Uj/PadQAOeGIOvyLgGDDBIutgJQ9dAcKgXOzbYiRuzmeL5eLKoYbHEIGMtj5mMYn
fbjK+2HPGC5JSSbT36ZZbMPJIboPSpP0q8YsNBtgWLCtGnuloZ/cAvVsOfmGp8JF
G61PVNzJrgrtOj6OsjUxuMJ/ou8iVq0g7IqHWIU8poJjy+gr4vG2+OHa266cLdLG
j7OR00xyXk59HkqmuDyBk2Ob2cP/hvOk9YWHZA==
-----END CERTIFICATE-----
Generated at Thu Apr 10 10:29:27 2025 by rpki-client