Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/187d79ba-fb55-49a5-967b-1edc749d0128/0/3130362e302e34382e302f32322d3234203d3e2039343232.roa
File: 3130362e302e34382e302f32322d3234203d3e2039343232.roa (raw, json)
Hash identifier: gU2bGz0QcfX7jz+4pmy6dDNu6epMK9rp4iwrG6+Vboc=
Subject key identifier: A0:5F:CB:B0:B2:78:22:C3:39:69:0C:37:ED:71:00:AC:58:F4:95:EE
Certificate issuer: /CN=295CEF87CDB74B1A43287E630C3FE568272D2F33
Certificate serial: 191ACFB6719D863BD3A0A6FDDE50C347BD5BEEC3
Authority key identifier: 29:5C:EF:87:CD:B7:4B:1A:43:28:7E:63:0C:3F:E5:68:27:2D:2F:33
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/295CEF87CDB74B1A43287E630C3FE568272D2F33.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/187d79ba-fb55-49a5-967b-1edc749d0128/0/3130362e302e34382e302f32322d3234203d3e2039343232.roa
Signing time: Mon 01 Jul 2024 01:05:17 +0000
ROA not before: Mon 01 Jul 2024 01:00:17 +0000
ROA not after: Mon 30 Jun 2025 01:05:17 +0000
asID: 9422
IP address blocks: 106.0.48.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:1a:cf:b6:71:9d:86:3b:d3:a0:a6:fd:de:50:c3:47:bd:5b:ee:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=295CEF87CDB74B1A43287E630C3FE568272D2F33
Validity
Not Before: Jul 1 01:00:17 2024 GMT
Not After : Jun 30 01:05:17 2025 GMT
Subject: CN=A05FCBB0B27822C339690C37ED7100AC58F495EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:82:9b:57:3f:40:f5:ad:ab:d1:53:63:ee:72:
4b:66:dd:8b:f4:86:57:75:fd:d7:bc:69:9a:69:43:
29:dc:41:7e:1d:9c:8f:4f:1d:e9:47:41:b0:61:39:
48:be:f0:aa:1d:38:8c:26:38:69:0c:ed:ac:6b:d7:
f1:ba:28:e8:25:72:dc:f6:c7:e3:9e:99:5b:20:72:
b4:a5:58:27:a7:7a:10:16:91:2d:d4:4f:20:72:fa:
2a:76:e3:4d:b7:e7:09:98:4b:ef:1c:6f:f2:8a:a7:
15:d0:62:a2:e1:c2:5e:f3:47:77:b3:ce:71:e6:bc:
d8:43:a8:9d:53:77:e6:47:83:48:af:f9:d9:dd:c2:
d5:91:f7:4d:45:6c:d4:a4:1a:66:ed:3b:50:ad:db:
23:12:ea:9f:75:b4:52:e3:ee:5a:60:bb:ef:1b:0e:
18:b3:26:04:06:cf:62:e6:7e:92:c6:52:d3:7c:c4:
2a:64:55:a3:7c:de:0d:7b:b7:20:9b:43:82:ac:8a:
ff:a2:10:1a:58:aa:64:ab:9e:4e:6c:65:cc:49:e6:
38:2a:5f:88:82:f8:cd:00:bc:69:79:30:80:c7:5f:
97:28:91:86:3d:8a:80:97:ce:d8:64:38:4f:09:76:
b4:5f:a9:03:f7:9f:e3:f6:57:9f:d3:a8:2e:66:9f:
29:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:5F:CB:B0:B2:78:22:C3:39:69:0C:37:ED:71:00:AC:58:F4:95:EE
X509v3 Authority Key Identifier:
keyid:29:5C:EF:87:CD:B7:4B:1A:43:28:7E:63:0C:3F:E5:68:27:2D:2F:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/187d79ba-fb55-49a5-967b-1edc749d0128/0/295CEF87CDB74B1A43287E630C3FE568272D2F33.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/295CEF87CDB74B1A43287E630C3FE568272D2F33.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/187d79ba-fb55-49a5-967b-1edc749d0128/0/3130362e302e34382e302f32322d3234203d3e2039343232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
106.0.48.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:99:fa:86:78:fe:73:18:3c:4d:e4:4a:32:87:69:a1:c6:1a:
ba:2c:ea:64:ef:be:82:48:b4:82:07:2a:b3:5a:dd:3d:d0:dd:
57:00:9e:3d:18:a7:f9:e3:ad:f5:ef:cd:4a:6e:de:3e:51:3f:
4e:11:c2:23:1f:f9:0b:8e:1d:4f:ee:43:77:cb:7d:8f:b2:29:
12:9d:c9:84:a1:60:db:fd:3e:c4:e1:46:63:cb:e6:ed:6e:90:
f2:18:39:94:cf:94:94:fb:c4:a5:bd:3d:50:f0:af:96:61:63:
31:ef:32:c7:19:77:ad:3a:71:0e:b0:93:43:a0:1b:66:ed:a8:
0d:dd:0c:0a:f9:60:20:a2:77:3e:33:eb:c8:1d:8a:00:b9:2c:
87:18:81:c1:91:46:06:48:da:08:e1:81:a3:b2:d9:e8:e6:7e:
53:c4:c4:98:f0:f9:5b:37:98:c6:89:cd:40:8e:1d:07:a9:50:
49:fe:b5:89:87:0a:13:66:10:3f:b0:a8:d3:c1:c2:b0:d9:d8:
9b:47:b9:c8:b6:91:6a:15:ea:84:38:7a:c3:a0:4c:a4:8b:ea:
9a:58:47:75:b7:1f:8d:01:99:b9:95:18:fc:27:9d:8d:b3:f6:
c7:9e:ab:15:0d:16:d4:fc:a1:31:65:64:08:a5:5f:e9:d1:1c:
7d:35:cb:d4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIUGRrPtnGdhjvToKb93lDDR71b7sMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjk1Q0VGODdDREI3NEIxQTQzMjg3RTYzMEMzRkU1Njgy
NzJEMkYzMzAeFw0yNDA3MDEwMTAwMTdaFw0yNTA2MzAwMTA1MTdaMDMxMTAvBgNV
BAMTKEEwNUZDQkIwQjI3ODIyQzMzOTY5MEMzN0VENzEwMEFDNThGNDk1RUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClgptXP0D1ravRU2Pucktm3Yv0
hld1/de8aZppQyncQX4dnI9PHelHQbBhOUi+8KodOIwmOGkM7axr1/G6KOglctz2
x+OemVsgcrSlWCenehAWkS3UTyBy+ip240235wmYS+8cb/KKpxXQYqLhwl7zR3ez
znHmvNhDqJ1Td+ZHg0iv+dndwtWR901FbNSkGmbtO1Ct2yMS6p91tFLj7lpgu+8b
DhizJgQGz2LmfpLGUtN8xCpkVaN83g17tyCbQ4Ksiv+iEBpYqmSrnk5sZcxJ5jgq
X4iC+M0AvGl5MIDHX5cokYY9ioCXzthkOE8JdrRfqQP3n+P2V5/TqC5mnymFAgMB
AAGjggIrMIICJzAdBgNVHQ4EFgQUoF/LsLJ4IsM5aQw37XEArFj0le4wHwYDVR0j
BBgwFoAUKVzvh823SxpDKH5jDD/laCctLzMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
ODdkNzliYS1mYjU1LTQ5YTUtOTY3Yi0xZWRjNzQ5ZDAxMjgvMC8yOTVDRUY4N0NE
Qjc0QjFBNDMyODdFNjMwQzNGRTU2ODI3MkQyRjMzLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjk1Q0VGODdDREI3NEIxQTQzMjg3RTYzMEMzRkU1NjgyNzJE
MkYzMy5jZXIwgZsGCCsGAQUFBwELBIGOMIGLMIGIBggrBgEFBQcwC4Z8cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMTg3ZDc5YmEtZmI1NS00OWE1LTk2
N2ItMWVkYzc0OWQwMTI4LzAvMzEzMDM2MmUzMDJlMzQzODJlMzAyZjMyMzIyZDMy
MzQyMDNkM2UyMDM5MzQzMjMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCagAwMA0GCSqGSIb3DQEBCwUA
A4IBAQAPmfqGeP5zGDxN5Eoyh2mhxhq6LOpk776CSLSCByqzWt090N1XAJ49GKf5
4631781Kbt4+UT9OEcIjH/kLjh1P7kN3y32PsikSncmEoWDb/T7E4UZjy+btbpDy
GDmUz5SU+8SlvT1Q8K+WYWMx7zLHGXetOnEOsJNDoBtm7agN3QwK+WAgonc+M+vI
HYoAuSyHGIHBkUYGSNoI4YGjstno5n5TxMSY8PlbN5jGic1Ajh0HqVBJ/rWJhwoT
ZhA/sKjTwcKw2dibR7nItpFqFeqEOHrDoEyki+qaWEd1tx+NAZm5lRj8J52Ns/bH
nqsVDRbU/KExZWQIpV/p0Rx9NcvU
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:19:47 2025 by rpki-client