Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/1c289706-a4f4-4e1f-9a6e-01c9c53cd8f9/0/3230322e34332e3235302e302f32342d3234203d3e20313338303734.roa
File: 3230322e34332e3235302e302f32342d3234203d3e20313338303734.roa (raw, json)
Hash identifier: YQVR8UOeiYmY2kyG9i2CqFsAi/62Mch9mbYUm4aJz9o=
Subject key identifier: F3:D4:03:28:17:16:3B:D3:51:AF:A9:05:C9:CD:FD:36:39:13:21:57
Certificate issuer: /CN=C8EC18E027639B05BC58A2228D126486BEFB3ABB
Certificate serial: 21C926066E364517EFE7A9468F916D26D73647BE
Authority key identifier: C8:EC:18:E0:27:63:9B:05:BC:58:A2:22:8D:12:64:86:BE:FB:3A:BB
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C8EC18E027639B05BC58A2228D126486BEFB3ABB.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/1c289706-a4f4-4e1f-9a6e-01c9c53cd8f9/0/3230322e34332e3235302e302f32342d3234203d3e20313338303734.roa
Signing time: Mon 30 Dec 2024 02:00:03 +0000
ROA not before: Mon 30 Dec 2024 01:55:03 +0000
ROA not after: Mon 29 Dec 2025 02:00:03 +0000
asID: 138074
IP address blocks: 202.43.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:c9:26:06:6e:36:45:17:ef:e7:a9:46:8f:91:6d:26:d7:36:47:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C8EC18E027639B05BC58A2228D126486BEFB3ABB
Validity
Not Before: Dec 30 01:55:03 2024 GMT
Not After : Dec 29 02:00:03 2025 GMT
Subject: CN=F3D4032817163BD351AFA905C9CDFD3639132157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ef:9b:98:90:c3:9b:cc:00:93:bf:ac:32:84:
07:3b:20:c7:d8:bd:c0:ce:d8:0e:3a:46:1c:00:76:
e3:32:55:2a:89:76:db:30:49:0d:1c:b1:eb:fb:f7:
4d:7f:c7:54:ea:b5:66:0e:0d:59:e3:f8:a1:dd:5b:
41:22:d0:3a:cc:32:5c:8d:86:c3:f2:77:86:b6:25:
14:87:13:40:33:79:a8:e7:b0:55:e9:4d:57:2e:12:
15:49:ae:76:fe:7c:1e:c0:69:bf:e2:28:64:76:78:
03:14:1b:a9:f8:23:6e:02:6d:9b:b3:b3:c0:a0:7a:
55:2a:2e:5a:df:b2:07:bb:f6:1a:16:52:2b:f4:fb:
17:c2:a3:14:81:18:5b:68:e0:d6:40:0d:b5:d1:7f:
f8:35:d8:63:c9:91:70:6e:18:fd:b2:f9:ef:d1:23:
a8:03:3a:39:51:59:ab:b4:ec:05:20:65:97:d3:8a:
49:55:45:56:78:b4:21:22:e7:4e:67:ae:be:b6:01:
73:61:33:00:f8:68:98:5e:63:d3:a5:ab:2c:cb:4c:
b9:63:41:d5:a8:8c:69:59:2e:11:52:87:22:91:9b:
49:78:18:ad:99:4b:89:95:95:da:de:98:c3:df:7f:
dc:0f:9f:ec:9d:fd:be:66:be:ad:31:5f:48:04:1e:
b1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:D4:03:28:17:16:3B:D3:51:AF:A9:05:C9:CD:FD:36:39:13:21:57
X509v3 Authority Key Identifier:
keyid:C8:EC:18:E0:27:63:9B:05:BC:58:A2:22:8D:12:64:86:BE:FB:3A:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/1c289706-a4f4-4e1f-9a6e-01c9c53cd8f9/0/C8EC18E027639B05BC58A2228D126486BEFB3ABB.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C8EC18E027639B05BC58A2228D126486BEFB3ABB.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1c289706-a4f4-4e1f-9a6e-01c9c53cd8f9/0/3230322e34332e3235302e302f32342d3234203d3e20313338303734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.43.250.0/24
Signature Algorithm: sha256WithRSAEncryption
95:cd:80:fe:61:8f:b9:69:a8:81:49:f4:fe:20:53:08:84:93:
4e:d6:62:c9:29:83:bc:ed:64:4e:c9:c6:87:54:fc:0e:5f:22:
42:ef:77:f4:31:16:9b:69:7d:1f:9f:89:6d:2f:ee:96:64:12:
81:8e:08:f8:3e:62:89:71:03:c8:11:86:ba:0b:09:d4:3f:a0:
3a:8e:78:0c:de:a9:9f:ad:f6:55:40:b9:b3:75:4b:aa:67:2f:
2b:4c:2d:6f:f3:16:af:83:bb:06:6e:65:c0:a6:ea:f8:e5:dd:
5c:98:13:fc:a5:ec:42:ca:3c:74:a8:62:2b:17:ef:c7:0c:45:
a6:39:ee:ff:cd:b5:f3:1c:e3:3f:fe:dd:a6:9b:8f:b2:5e:33:
ce:83:8a:85:98:61:8f:21:2c:e8:af:3f:9b:09:82:ea:c2:5e:
26:fb:e1:38:05:29:d9:75:b8:48:30:5e:3f:c6:4e:57:ea:8c:
b1:be:5b:29:69:ea:2d:51:3f:8f:9c:d5:75:fa:73:46:b9:ef:
5b:11:e7:58:63:dc:4b:3d:44:38:8c:2a:9a:7c:4c:46:00:dd:
e7:91:89:36:3d:c5:94:f7:81:7a:88:f1:89:b2:9c:59:73:77:
7e:d1:42:aa:ea:95:bd:9b:9b:87:b0:93:c4:c3:8b:dc:99:ce:
f7:5d:3c:a6
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUIckmBm42RRfv56lGj5FtJtc2R74wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzhFQzE4RTAyNzYzOUIwNUJDNThBMjIyOEQxMjY0ODZC
RUZCM0FCQjAeFw0yNDEyMzAwMTU1MDNaFw0yNTEyMjkwMjAwMDNaMDMxMTAvBgNV
BAMTKEYzRDQwMzI4MTcxNjNCRDM1MUFGQTkwNUM5Q0RGRDM2MzkxMzIxNTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG75uYkMObzACTv6wyhAc7IMfY
vcDO2A46RhwAduMyVSqJdtswSQ0csev7901/x1TqtWYODVnj+KHdW0Ei0DrMMlyN
hsPyd4a2JRSHE0AzeajnsFXpTVcuEhVJrnb+fB7Aab/iKGR2eAMUG6n4I24CbZuz
s8CgelUqLlrfsge79hoWUiv0+xfCoxSBGFto4NZADbXRf/g12GPJkXBuGP2y+e/R
I6gDOjlRWau07AUgZZfTiklVRVZ4tCEi505nrr62AXNhMwD4aJheY9OlqyzLTLlj
QdWojGlZLhFShyKRm0l4GK2ZS4mVldremMPff9wPn+yd/b5mvq0xX0gEHrFHAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU89QDKBcWO9NRr6kFyc39NjkTIVcwHwYDVR0j
BBgwFoAUyOwY4CdjmwW8WKIijRJkhr77OrswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
YzI4OTcwNi1hNGY0LTRlMWYtOWE2ZS0wMWM5YzUzY2Q4ZjkvMC9DOEVDMThFMDI3
NjM5QjA1QkM1OEEyMjI4RDEyNjQ4NkJFRkIzQUJCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQzhFQzE4RTAyNzYzOUIwNUJDNThBMjIyOEQxMjY0ODZCRUZC
M0FCQi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFjMjg5NzA2LWE0ZjQtNGUxZi05
YTZlLTAxYzljNTNjZDhmOS8wLzMyMzAzMjJlMzQzMzJlMzIzNTMwMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzM4MzAzNzM0LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyiv6MA0GCSqG
SIb3DQEBCwUAA4IBAQCVzYD+YY+5aaiBSfT+IFMIhJNO1mLJKYO87WROycaHVPwO
XyJC73f0MRabaX0fn4ltL+6WZBKBjgj4PmKJcQPIEYa6CwnUP6A6jngM3qmfrfZV
QLmzdUuqZy8rTC1v8xavg7sGbmXApur45d1cmBP8pexCyjx0qGIrF+/HDEWmOe7/
zbXzHOM//t2mm4+yXjPOg4qFmGGPISzorz+bCYLqwl4m++E4BSnZdbhIMF4/xk5X
6oyxvlspaeotUT+PnNV1+nNGue9bEedYY9xLPUQ4jCqafExGAN3nkYk2PcWU94F6
iPGJspxZc3d+0UKq6pW9m5uHsJPEw4vcmc73XTym
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:59:19 2025 by rpki-client